Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Trojan.Zeroaccess!inf4


  • This topic is locked This topic is locked
10 replies to this topic

#1 froghog

froghog

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:38 PM

Posted 23 August 2012 - 12:12 PM

running windows 7, Norton keeps popping up with this warning I am infected with Trojan.Zeroaccess!inf4, but Norton is unable to remove it. I've also tried Malwarebytes and Microsoft security.
I ran through the preparation guide, disabled CD emulation and attached the files below
I ran Gmer, but most of the options were greyed out, I checked "show All" and only services, registry, files and ADS were selected. I hope the Gmer log has enought info.

Please let me know if you need more information from me.
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.6.2
Run by Owner at 8:53:36 on 2012-08-23
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3767.1901 [GMT -7:00]
.
AV: Norton AntiVirus *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.3.0.14\ccSvcHst.exe
c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Program Files\Sony\VAIO Care\VCAgent.exe
C:\Program Files\Sony\VAIO Care\Admload.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.3.0.14\WSCStub.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?ilc=8
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mDefault_Page_URL = hxxp://www.yahoo.com/?ilc=8
mStart Page = hxxp://www.yahoo.com/?ilc=8
mWinlogon: Userinit=userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.3.0.14\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.3.0.14\IPS\IPSBHO.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.3.0.14\coIEPlg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Best Buy pc app] C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun: [<NO NAME>]
mRun: [QuickFinder Scheduler] "c:\Program Files (x86)\Corel\WordPerfect Office X4\Programs\QFSCHD140.EXE"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X4\Programs\WPLauncher.hta
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
TCP: DhcpNameServer = 192.168.112.253
TCP: Interfaces\{933B8582-3B2E-46AA-B45A-D18BB01A1CD4} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{933B8582-3B2E-46AA-B45A-D18BB01A1CD4}\2416273656C6F6 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{933B8582-3B2E-46AA-B45A-D18BB01A1CD4}\2456C6B696E6E233932424 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{933B8582-3B2E-46AA-B45A-D18BB01A1CD4}\D456761627564644243354 : DhcpNameServer = 10.0.92.141 10.0.92.135
TCP: Interfaces\{F9DFF9BD-9D33-4612-A23A-E3138484BD37} : DhcpNameServer = 192.168.112.253
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.3.0.14\coIEPlg.dll
BHO-X64: Norton Identity Protection - No File
BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.3.0.14\IPS\IPSBHO.DLL
BHO-X64: Norton Vulnerability Protection - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.3.0.14\coIEPlg.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun-x64: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun-x64: [(Default)]
mRun-x64: [QuickFinder Scheduler] "c:\Program Files (x86)\Corel\WordPerfect Office X4\Programs\QFSCHD140.EXE"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\dyeeezma.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Users\Owner\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\dyeeezma.default\extensions\LogMeInClient@logmein.com\plugins\npLMI64.dll
FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\dyeeezma.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 SMR300;Symantec SMR Utility Service 3.0.0;C:\Windows\system32\drivers\SMR300.SYS --> C:\Windows\system32\drivers\SMR300.SYS [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20120804.001\BHDrvx64.sys [2012-8-4 1161376]
R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys --> C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20120822.001\IDSviA64.sys [2012-8-21 512672]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0603000.00E\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0603000.00E\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2010-6-7 408576]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-20 13336]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-1-31 375208]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.3.0.14\ccsvchst.exe [2012-8-14 138272]
R2 Oasis2Service;Oasis2Service;C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-2-9 53248]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-6-1 367456]
R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?]
R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?]
R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-6-8 259192]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-5-22 2320920]
R2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2011-5-22 575856]
R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-6-17 851824]
R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2011-5-22 836608]
R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2010-6-7 911872]
R3 bpenum;bpenum;C:\Windows\system32\DRIVERS\bpenum.sys --> C:\Windows\system32\DRIVERS\bpenum.sys [?]
R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\system32\DRIVERS\bpmp.sys --> C:\Windows\system32\DRIVERS\bpmp.sys [?]
R3 bpusb;bpusb;C:\Windows\system32\Drivers\bpusb.sys --> C:\Windows\system32\Drivers\bpusb.sys [?]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-12 138912]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\DRIVERS\SFEP.sys --> C:\Windows\system32\DRIVERS\SFEP.sys [?]
R3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-6-6 304496]
R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-6-8 44736]
R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2011-9-23 1429608]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-5-22 136176]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-2 250568]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-5-22 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-7 113120]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-7-19 340240]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-6-20 108400]
S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-6-18 423280]
S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-6-20 67952]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-6-9 537456]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-6-9 384880]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-6-9 101232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-08-22 19:27:40 96376 ----a-w- C:\Windows\System32\drivers\SMR300.SYS
2012-08-22 19:21:58 27256 ----a-w- C:\Windows\System32\drivers\FixZeroAccess.sys
2012-08-22 16:15:38 -------- d-----w- C:\Users\Owner\AppData\Local\ElevatedDiagnostics
2012-08-22 16:07:27 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-21 22:32:11 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes
2012-08-21 22:32:04 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-08-21 22:32:04 -------- d-----w- C:\ProgramData\Malwarebytes
2012-08-21 22:32:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-15 04:28:08 9826504 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-08-15 01:03:15 405624 ----a-r- C:\Windows\System32\drivers\N360x64\0603000.00E\symnets.sys
2012-08-15 01:03:15 1129120 ----a-w- C:\Windows\System32\drivers\N360x64\0603000.00E\symefa64.sys
2012-08-15 01:03:14 737952 ----a-w- C:\Windows\System32\drivers\N360x64\0603000.00E\srtsp64.sys
2012-08-15 01:03:14 451192 ----a-r- C:\Windows\System32\drivers\N360x64\0603000.00E\symds64.sys
2012-08-15 01:03:14 37536 ----a-w- C:\Windows\System32\drivers\N360x64\0603000.00E\srtspx64.sys
2012-08-15 01:03:14 190072 ----a-r- C:\Windows\System32\drivers\N360x64\0603000.00E\ironx64.sys
2012-08-15 01:03:14 167072 ----a-w- C:\Windows\System32\drivers\N360x64\0603000.00E\ccsetx64.sys
2012-08-15 01:02:54 -------- d-----w- C:\Windows\System32\drivers\N360x64\0603000.00E
2012-08-09 01:36:20 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2012-08-09 01:25:08 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-08-09 01:25:08 -------- d-----w- C:\Program Files\Symantec
2012-08-09 01:25:08 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2012-08-09 01:23:38 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2012-08-09 00:46:25 -------- d-----w- C:\Users\Owner\AppData\Local\LogMeIn Rescue Applet
2012-08-05 17:33:22 -------- d-----w- C:\Users\Owner\AppData\Local\NPE
2012-08-05 17:26:43 -------- d-----w- C:\Windows\System32\drivers\N360x64
2012-08-05 17:26:41 -------- d-----w- C:\Program Files (x86)\Norton 360
2012-08-05 17:24:29 -------- d-----w- C:\ProgramData\PCSettings
.
==================== Find3M ====================
.
2012-08-22 16:10:41 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-22 16:10:41 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-08-22 16:07:17 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-08-11 15:21:57 952 --sha-w- C:\ProgramData\KGyGaAvL.sys
2012-07-20 03:16:24 87488 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2012-07-20 03:16:22 34720 ----a-w- C:\Windows\System32\LMIport.dll
2012-07-20 03:16:20 80800 ----a-w- C:\Windows\System32\LMIinit.dll
2012-07-03 05:07:23 476936 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-06-02 22:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
.
============= FINISH: 8:54:05.91 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:38 AM

Posted 24 August 2012 - 01:44 AM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 froghog

froghog
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:38 PM

Posted 25 August 2012 - 03:24 PM

I ran the Security Check, then disabled Norton and ran Combofix. Logs are below.
Ran full Norton Scan again and it found same issue "Infected with Trojan.Zeroaccess!inf4"
The Only Strange behavior I have noticed is that if I navigate to C:\Documents and Settings, I get the error "Location is not available C:\Documents and Settings is not accessible Access is Denied"
I'm logged in as "Owner" who is setup as an administrator. Program appears to work OK and I can browse the web.

Results of screen317's Security Check version 0.99.46
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Norton 360
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
Java™ 6 Update 33
Java 7 Update 6
Adobe Reader X 10.1.3 Adobe Reader out of Date!
Mozilla Firefox (14.0.1)
Google Chrome 21.0.1180.79
Google Chrome 21.0.1180.83
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

ComboFix 12-08-25.04 - Owner 08/25/2012 10:33:05.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3767.1914 [GMT -7:00]
Running from: c:\users\Owner\Downloads\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-07-25 to 2012-08-25 )))))))))))))))))))))))))))))))
.
.
2012-08-25 17:38 . 2012-08-25 17:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-24 15:27 . 2012-08-24 15:27 30496 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys
2012-08-23 23:04 . 2012-08-23 23:04 12872 ----a-w- c:\windows\system32\bootdelete.exe
2012-08-23 20:36 . 2012-08-23 20:36 -------- d-----w- c:\program files\HitmanPro
2012-08-23 20:29 . 2012-08-23 23:04 -------- d-----w- c:\programdata\HitmanPro
2012-08-23 17:18 . 2012-08-23 17:18 56016 ----a-w- c:\windows\system32\drivers\fsbts.sys
2012-08-22 19:21 . 2012-08-24 15:15 27256 ----a-w- c:\windows\system32\drivers\FixZeroAccess.sys
2012-08-22 16:15 . 2012-08-22 16:15 -------- d-----w- c:\users\Owner\AppData\Local\ElevatedDiagnostics
2012-08-22 16:08 . 2012-08-22 16:08 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-08-22 16:07 . 2012-08-22 16:07 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-21 22:32 . 2012-08-21 22:32 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes
2012-08-21 22:32 . 2012-08-21 22:32 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-21 22:32 . 2012-08-21 22:32 -------- d-----w- c:\programdata\Malwarebytes
2012-08-21 22:32 . 2012-07-03 20:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-09 01:36 . 2012-08-09 01:36 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2012-08-09 01:25 . 2012-08-09 01:25 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-08-09 01:25 . 2012-08-09 01:25 -------- d-----w- c:\program files\Symantec
2012-08-09 01:25 . 2012-08-09 01:25 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-08-09 01:23 . 2012-08-09 01:23 -------- d-----w- c:\program files (x86)\NortonInstaller
2012-08-09 00:46 . 2012-08-14 03:16 -------- d-----w- c:\users\Owner\AppData\Local\LogMeIn Rescue Applet
2012-08-05 17:33 . 2012-08-22 19:35 -------- d-----w- c:\users\Owner\AppData\Local\NPE
2012-08-05 17:26 . 2012-08-16 03:38 -------- d-----w- c:\windows\system32\drivers\N360x64
2012-08-05 17:26 . 2012-08-09 01:24 -------- d-----w- c:\program files (x86)\Norton 360
2012-08-05 17:24 . 2012-08-05 17:24 -------- d-----w- c:\programdata\PCSettings
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-22 16:10 . 2012-04-03 04:41 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-22 16:10 . 2011-05-31 02:09 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-22 16:07 . 2011-05-22 23:01 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-11 15:21 . 2011-05-24 03:53 952 --sha-w- c:\programdata\KGyGaAvL.sys
2012-07-20 03:16 . 2012-03-16 02:57 87488 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2012-07-20 03:16 . 2012-03-16 02:57 34720 ----a-w- c:\windows\system32\LMIport.dll
2012-07-20 03:16 . 2012-03-16 02:57 80800 ----a-w- c:\windows\system32\LMIinit.dll
2012-07-03 05:07 . 2012-07-03 05:07 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-06-18 10:12 . 2012-06-29 17:21 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0C7A4A86-50FC-4976-BBDD-9A8F04C2C12F}\mpengine.dll
2012-06-13 19:08 . 2011-05-23 02:44 58957832 ----a-w- c:\windows\system32\MRT.exe
2012-06-02 22:19 . 2012-06-26 04:13 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-26 04:13 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-26 04:13 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-26 04:13 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-26 04:12 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 22:19 . 2012-06-26 04:13 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-26 04:13 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-26 04:12 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 22:15 . 2012-06-26 04:13 99840 ----a-w- c:\windows\system32\wudriver.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-23_18.59.40 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-08-22 19:29 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-08-23 23:11 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-08-22 19:29 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-23 23:11 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-22 19:29 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-23 23:11 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-20 00:58 . 2012-08-24 15:20 64456 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-08-24 15:20 39286 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-05-23 01:32 . 2012-08-24 15:20 18216 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1859132664-216220937-2613201120-1000_UserData.bin
- 2010-07-20 01:09 . 2012-08-23 18:37 2190 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2010-07-20 01:09 . 2012-08-24 15:16 2190 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2012-08-24 15:17 . 2012-08-24 15:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-08-23 18:38 . 2012-08-23 18:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-08-24 15:17 . 2012-08-24 15:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-08-23 18:38 . 2012-08-23 18:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-05-23 17:02 . 2012-08-25 17:07 286614 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
- 2011-05-22 22:28 . 2012-08-23 18:38 688128 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-22 22:28 . 2012-08-24 15:17 688128 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-05-22 22:41 . 2012-08-23 18:37 281344 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-05-22 22:41 . 2012-08-24 15:16 281344 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-07-14 05:01 . 2012-08-24 15:16 302220 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-08-23 18:37 302220 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-10-18 00:21 . 2012-08-24 15:16 545820 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1859132664-216220937-2613201120-1000-12288.dat
- 2011-10-18 00:21 . 2012-08-23 18:37 545820 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1859132664-216220937-2613201120-1000-12288.dat
- 2011-05-22 22:28 . 2012-08-23 18:38 2965504 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-05-22 22:28 . 2012-08-24 15:17 2965504 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-05-23 02:09 . 2012-08-24 15:16 1814016 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1859132664-216220937-2613201120-1000-8192.dat
- 2011-05-23 02:09 . 2012-08-23 18:37 1814016 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1859132664-216220937-2613201120-1000-8192.dat
+ 2012-08-24 06:52 . 2012-08-24 06:52 7945216 c:\windows\Installer\1a6611e.msi
+ 2009-07-14 04:54 . 2012-08-24 15:17 16187392 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-23 18:38 16187392 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-08-24 04:20 1515688 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-08-24 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2011-08-22 6276408]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-05-22 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-06-01 673136]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-06-01 600928]
"QuickFinder Scheduler"="c:\program files (x86)\Corel\WordPerfect Office X4\Programs\QFSCHD140.EXE" [2008-11-15 83232]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-8 1128224]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe [2010-6-24 9216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [BU]
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-22 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-22 250568]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-22 136176]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-20 113120]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-07-20 340240]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2010-05-31 7689216]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-06-22 86120]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-21 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-21 67952]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 537456]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 101232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-23 1255736]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS [2011-08-16 451192]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS [2012-05-22 1129120]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20120804.001\BHDrvx64.sys [2012-08-04 1161376]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys [2012-06-07 167072]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20120824.001\IDSvia64.sys [2012-08-22 512672]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS [2011-11-17 190072]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS [2011-11-17 405624]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [2010-06-07 408576]
S2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe [2012-08-23 108392]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-07-20 375208]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Norton 360\Engine\6.3.0.14\ccSvcHst.exe [2012-06-16 138272]
S2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-02-10 53248]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2010-06-22 94208]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2010-06-22 78848]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-02-23 2320920]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-22 575856]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 851824]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-06-09 836608]
S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [2010-06-07 911872]
S3 bpenum;bpenum;c:\windows\system32\DRIVERS\bpenum.sys [2010-05-17 71168]
S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:\windows\system32\DRIVERS\bpmp.sys [2010-05-17 175104]
S3 bpusb;bpusb;c:\windows\system32\Drivers\bpusb.sys [2010-05-17 81920]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-18 342056]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-18 39464]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-13 138912]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-06-25 158976]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 287232]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-05-27 75304]
S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2010-07-14 7821312]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2010-04-26 12032]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-07 304496]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-09-23 1429608]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2010-04-16 39832]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - FIXZEROACCESS
*Deregistered* - FixZeroAccess
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 16:10]
.
2012-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-22 22:48]
.
2012-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-22 22:48]
.
2012-08-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1859132664-216220937-2613201120-1000Core.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-02 02:08]
.
2012-08-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1859132664-216220937-2613201120-1000UA.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-02 02:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-27 10135584]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IntelWirelessWiMAX"="c:\program files\Intel\WiMAX\Bin\WiMAXCU.exe" [2010-06-08 1441792]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-09 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-09 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-09 415256]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-07-20 1931024]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.yahoo.com/?ilc=8
mStart Page = hxxp://www.yahoo.com/?ilc=8
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Open with WordPerfect - c:\program files (x86)\Corel\WordPerfect Office X4\Programs\WPLauncher.hta
TCP: DhcpNameServer = 192.168.112.253
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\dyeeezma.default\
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Norton 360\Engine\6.3.0.14\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Norton 360\Engine\6.3.0.14\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-08-25 10:40:11
ComboFix-quarantined-files.txt 2012-08-25 17:40
ComboFix2.txt 2012-08-23 19:03
.
Pre-Run: 545,564,708,864 bytes free
Post-Run: 545,500,844,032 bytes free
.
- - End Of File - - B4DAC7CD8CC943E4E20A7AA1EB714A01

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:38 AM

Posted 25 August 2012 - 03:28 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 froghog

froghog
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:38 PM

Posted 25 August 2012 - 05:43 PM

I ran the TDDSKiller and aswMBR.
I noticed since running the fixes from the last post updates have been recognized for Adobe, Windows and Symantec. I tried to install them, but had errors, assume it's related to the rootkit.

14:51:02.0777 1776 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
14:51:03.0607 1776 ============================================================
14:51:03.0607 1776 Current date / time: 2012/08/25 14:51:03.0607
14:51:03.0607 1776 SystemInfo:
14:51:03.0607 1776
14:51:03.0607 1776 OS Version: 6.1.7601 ServicePack: 1.0
14:51:03.0607 1776 Product type: Workstation
14:51:03.0607 1776 ComputerName: OWNER-VAIO
14:51:03.0607 1776 UserName: Owner
14:51:03.0607 1776 Windows directory: C:\Windows
14:51:03.0607 1776 System windows directory: C:\Windows
14:51:03.0607 1776 Running under WOW64
14:51:03.0607 1776 Processor architecture: Intel x64
14:51:03.0607 1776 Number of processors: 4
14:51:03.0607 1776 Page size: 0x1000
14:51:03.0607 1776 Boot type: Normal boot
14:51:03.0607 1776 ============================================================
14:51:04.0202 1776 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:51:04.0212 1776 ============================================================
14:51:04.0217 1776 \Device\Harddisk0\DR0:
14:51:04.0217 1776 MBR partitions:
14:51:04.0217 1776 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1420800, BlocksNum 0x32000
14:51:04.0217 1776 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1452800, BlocksNum 0x49405000
14:51:04.0217 1776 ============================================================
14:51:04.0247 1776 C: <-> \Device\Harddisk0\DR0\Partition2
14:51:04.0247 1776 ============================================================
14:51:04.0247 1776 Initialize success
14:51:04.0247 1776 ============================================================
14:51:12.0601 1120 ============================================================
14:51:12.0601 1120 Scan started
14:51:12.0601 1120 Mode: Manual;
14:51:12.0601 1120 ============================================================
14:51:14.0457 1120 ================ Scan system memory ========================
14:51:14.0457 1120 System memory - ok
14:51:14.0457 1120 ================ Scan services =============================
14:51:14.0800 1120 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:51:14.0800 1120 1394ohci - ok
14:51:14.0878 1120 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:51:14.0894 1120 ACDaemon - ok
14:51:14.0925 1120 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:51:14.0925 1120 ACPI - ok
14:51:14.0972 1120 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:51:14.0972 1120 AcpiPmi - ok
14:51:15.0034 1120 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:51:15.0034 1120 AdobeARMservice - ok
14:51:15.0222 1120 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:51:15.0222 1120 AdobeFlashPlayerUpdateSvc - ok
14:51:15.0268 1120 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:51:15.0284 1120 adp94xx - ok
14:51:15.0331 1120 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:51:15.0331 1120 adpahci - ok
14:51:15.0362 1120 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:51:15.0362 1120 adpu320 - ok
14:51:15.0409 1120 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:51:15.0409 1120 AeLookupSvc - ok
14:51:15.0440 1120 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:51:15.0440 1120 AFD - ok
14:51:15.0502 1120 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:51:15.0502 1120 agp440 - ok
14:51:15.0549 1120 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:51:15.0549 1120 ALG - ok
14:51:15.0596 1120 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:51:15.0596 1120 aliide - ok
14:51:15.0612 1120 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:51:15.0612 1120 amdide - ok
14:51:15.0658 1120 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:51:15.0658 1120 AmdK8 - ok
14:51:15.0674 1120 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:51:15.0674 1120 AmdPPM - ok
14:51:15.0705 1120 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:51:15.0705 1120 amdsata - ok
14:51:15.0736 1120 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:51:15.0736 1120 amdsbs - ok
14:51:15.0799 1120 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:51:15.0799 1120 amdxata - ok
14:51:15.0846 1120 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:51:15.0846 1120 AppID - ok
14:51:15.0877 1120 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:51:15.0877 1120 AppIDSvc - ok
14:51:15.0924 1120 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:51:15.0924 1120 Appinfo - ok
14:51:15.0986 1120 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
14:51:15.0986 1120 arc - ok
14:51:16.0017 1120 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:51:16.0017 1120 arcsas - ok
14:51:16.0048 1120 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:51:16.0048 1120 AsyncMac - ok
14:51:16.0095 1120 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:51:16.0095 1120 atapi - ok
14:51:16.0142 1120 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:51:16.0158 1120 AudioEndpointBuilder - ok
14:51:16.0173 1120 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:51:16.0173 1120 AudioSrv - ok
14:51:16.0220 1120 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:51:16.0220 1120 AxInstSV - ok
14:51:16.0267 1120 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:51:16.0267 1120 b06bdrv - ok
14:51:16.0314 1120 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:51:16.0314 1120 b57nd60a - ok
14:51:16.0360 1120 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:51:16.0360 1120 BDESVC - ok
14:51:16.0392 1120 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:51:16.0392 1120 Beep - ok
14:51:16.0454 1120 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:51:16.0454 1120 BFE - ok
14:51:16.0672 1120 [ C8AB71A5102D0FC103F6DFC750005137 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20120804.001\BHDrvx64.sys
14:51:16.0704 1120 BHDrvx64 - ok
14:51:16.0750 1120 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
14:51:16.0766 1120 blbdrive - ok
14:51:16.0797 1120 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:51:16.0797 1120 bowser - ok
14:51:16.0844 1120 [ F46DD257FAD7D2D097EF32E72220A06C ] bpenum C:\Windows\system32\DRIVERS\bpenum.sys
14:51:16.0844 1120 bpenum - ok
14:51:16.0875 1120 [ E82060AED0F28ED8909F2B07FA276185 ] bpmp C:\Windows\system32\DRIVERS\bpmp.sys
14:51:16.0875 1120 bpmp - ok
14:51:16.0891 1120 [ FC6313A5A45C1AE53D0491F0057D5A4D ] bpusb C:\Windows\system32\Drivers\bpusb.sys
14:51:16.0891 1120 bpusb - ok
14:51:16.0922 1120 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:51:16.0922 1120 BrFiltLo - ok
14:51:16.0953 1120 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:51:16.0953 1120 BrFiltUp - ok
14:51:17.0000 1120 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:51:17.0000 1120 BridgeMP - ok
14:51:17.0047 1120 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
14:51:17.0047 1120 Browser - ok
14:51:17.0062 1120 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:51:17.0078 1120 Brserid - ok
14:51:17.0109 1120 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:51:17.0109 1120 BrSerWdm - ok
14:51:17.0125 1120 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:51:17.0125 1120 BrUsbMdm - ok
14:51:17.0156 1120 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:51:17.0156 1120 BrUsbSer - ok
14:51:17.0203 1120 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:51:17.0203 1120 BthEnum - ok
14:51:17.0234 1120 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:51:17.0234 1120 BTHMODEM - ok
14:51:17.0265 1120 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:51:17.0265 1120 BthPan - ok
14:51:17.0296 1120 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:51:17.0296 1120 BTHPORT - ok
14:51:17.0343 1120 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:51:17.0343 1120 bthserv - ok
14:51:17.0359 1120 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:51:17.0359 1120 BTHUSB - ok
14:51:17.0406 1120 [ 59E3510784548C6939C1B3B985C232E3 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
14:51:17.0406 1120 btwampfl - ok
14:51:17.0452 1120 [ 1872074ED0A3FB22E3F1E3197B984BFA ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
14:51:17.0452 1120 btwaudio - ok
14:51:17.0484 1120 [ 691CF076C33AB1C3A5B2FD5450300733 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
14:51:17.0484 1120 btwavdt - ok
14:51:17.0577 1120 [ 8BA6E93A182126781952A7895EC1E4B2 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
14:51:17.0593 1120 btwdins - ok
14:51:17.0608 1120 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
14:51:17.0624 1120 btwl2cap - ok
14:51:17.0655 1120 [ C9273B20DEC8CE38DBCE5D29DE63C907 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
14:51:17.0655 1120 btwrchid - ok
14:51:17.0671 1120 catchme - ok
14:51:17.0749 1120 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys
14:51:17.0764 1120 ccSet_N360 - ok
14:51:17.0780 1120 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:51:17.0780 1120 cdfs - ok
14:51:17.0827 1120 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
14:51:17.0827 1120 cdrom - ok
14:51:17.0874 1120 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:51:17.0874 1120 CertPropSvc - ok
14:51:17.0905 1120 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
14:51:17.0905 1120 circlass - ok
14:51:17.0936 1120 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:51:17.0936 1120 CLFS - ok
14:51:18.0014 1120 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:51:18.0014 1120 clr_optimization_v2.0.50727_32 - ok
14:51:18.0092 1120 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:51:18.0092 1120 clr_optimization_v2.0.50727_64 - ok
14:51:18.0170 1120 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:51:18.0170 1120 clr_optimization_v4.0.30319_32 - ok
14:51:18.0201 1120 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:51:18.0217 1120 clr_optimization_v4.0.30319_64 - ok
14:51:18.0264 1120 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:51:18.0264 1120 CmBatt - ok
14:51:18.0279 1120 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:51:18.0279 1120 cmdide - ok
14:51:18.0326 1120 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys
14:51:18.0342 1120 CNG - ok
14:51:18.0388 1120 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:51:18.0388 1120 Compbatt - ok
14:51:18.0435 1120 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:51:18.0435 1120 CompositeBus - ok
14:51:18.0451 1120 COMSysApp - ok
14:51:18.0466 1120 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:51:18.0466 1120 crcdisk - ok
14:51:18.0529 1120 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:51:18.0529 1120 CryptSvc - ok
14:51:18.0576 1120 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:51:18.0576 1120 DcomLaunch - ok
14:51:18.0638 1120 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:51:18.0638 1120 defragsvc - ok
14:51:18.0700 1120 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:51:18.0700 1120 DfsC - ok
14:51:18.0747 1120 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:51:18.0747 1120 Dhcp - ok
14:51:18.0794 1120 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:51:18.0794 1120 discache - ok
14:51:18.0825 1120 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
14:51:18.0825 1120 Disk - ok
14:51:18.0919 1120 [ 61458C120CDDFE7514E2DB125568CA59 ] DMAgent C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
14:51:18.0919 1120 DMAgent - ok
14:51:19.0012 1120 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:51:19.0012 1120 Dnscache - ok
14:51:19.0059 1120 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:51:19.0059 1120 dot3svc - ok
14:51:19.0106 1120 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:51:19.0106 1120 DPS - ok
14:51:19.0137 1120 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:51:19.0137 1120 drmkaud - ok
14:51:19.0200 1120 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:51:19.0200 1120 DXGKrnl - ok
14:51:19.0231 1120 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:51:19.0231 1120 EapHost - ok
14:51:19.0340 1120 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:51:19.0356 1120 ebdrv - ok
14:51:19.0434 1120 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:51:19.0434 1120 eeCtrl - ok
14:51:19.0465 1120 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:51:19.0480 1120 EFS - ok
14:51:19.0543 1120 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:51:19.0543 1120 ehRecvr - ok
14:51:19.0590 1120 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:51:19.0590 1120 ehSched - ok
14:51:19.0636 1120 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:51:19.0636 1120 elxstor - ok
14:51:19.0714 1120 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:51:19.0714 1120 EraserUtilRebootDrv - ok
14:51:19.0761 1120 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:51:19.0761 1120 ErrDev - ok
14:51:19.0808 1120 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:51:19.0824 1120 EventSystem - ok
14:51:19.0917 1120 [ BDFCB7E8C108D042B213957D2B044E7E ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:51:19.0933 1120 EvtEng - ok
14:51:19.0948 1120 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:51:19.0964 1120 exfat - ok
14:51:19.0995 1120 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:51:19.0995 1120 fastfat - ok
14:51:20.0073 1120 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:51:20.0089 1120 Fax - ok
14:51:20.0136 1120 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
14:51:20.0136 1120 fdc - ok
14:51:20.0167 1120 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:51:20.0167 1120 fdPHost - ok
14:51:20.0198 1120 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:51:20.0198 1120 FDResPub - ok
14:51:20.0245 1120 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:51:20.0245 1120 FileInfo - ok
14:51:20.0292 1120 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:51:20.0292 1120 Filetrace - ok
14:51:20.0338 1120 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:51:20.0338 1120 flpydisk - ok
14:51:20.0401 1120 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:51:20.0416 1120 FltMgr - ok
14:51:20.0510 1120 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:51:20.0526 1120 FontCache - ok
14:51:20.0604 1120 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:51:20.0604 1120 FontCache3.0.0.0 - ok
14:51:20.0635 1120 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:51:20.0635 1120 FsDepends - ok
14:51:20.0682 1120 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:51:20.0682 1120 Fs_Rec - ok
14:51:20.0713 1120 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:51:20.0713 1120 fvevol - ok
14:51:20.0744 1120 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:51:20.0744 1120 gagp30kx - ok
14:51:20.0791 1120 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:51:20.0806 1120 gpsvc - ok
14:51:20.0900 1120 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:51:20.0900 1120 gupdate - ok
14:51:20.0947 1120 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:51:20.0947 1120 gupdatem - ok
14:51:20.0978 1120 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:51:20.0994 1120 gusvc - ok
14:51:21.0025 1120 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:51:21.0025 1120 hcw85cir - ok
14:51:21.0056 1120 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:51:21.0056 1120 HdAudAddService - ok
14:51:21.0118 1120 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:51:21.0118 1120 HDAudBus - ok
14:51:21.0150 1120 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:51:21.0165 1120 HECIx64 - ok
14:51:21.0165 1120 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:51:21.0165 1120 HidBatt - ok
14:51:21.0181 1120 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:51:21.0196 1120 HidBth - ok
14:51:21.0212 1120 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:51:21.0212 1120 HidIr - ok
14:51:21.0243 1120 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
14:51:21.0243 1120 hidserv - ok
14:51:21.0290 1120 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
14:51:21.0290 1120 HidUsb - ok
14:51:21.0352 1120 [ 0926C3B5CBF64C88F432FF449B211807 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
14:51:21.0352 1120 HitmanProScheduler - ok
14:51:21.0368 1120 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:51:21.0384 1120 hkmsvc - ok
14:51:21.0399 1120 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:51:21.0415 1120 HomeGroupListener - ok
14:51:21.0446 1120 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:51:21.0446 1120 HomeGroupProvider - ok
14:51:21.0477 1120 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:51:21.0477 1120 HpSAMD - ok
14:51:21.0524 1120 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:51:21.0540 1120 HTTP - ok
14:51:21.0571 1120 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:51:21.0571 1120 hwpolicy - ok
14:51:21.0618 1120 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:51:21.0618 1120 i8042prt - ok
14:51:21.0680 1120 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\drivers\iaStor.sys
14:51:21.0696 1120 iaStor - ok
14:51:21.0774 1120 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
14:51:21.0774 1120 IAStorDataMgrSvc - ok
14:51:21.0805 1120 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:51:21.0805 1120 iaStorV - ok
14:51:21.0867 1120 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:51:21.0883 1120 idsvc - ok
14:51:21.0976 1120 [ 82AB40147567DE48C405AFE570A2266F ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20120824.001\IDSvia64.sys
14:51:21.0976 1120 IDSVia64 - ok
14:51:22.0228 1120 [ 31569A2E836C12014148BF7342716946 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:51:22.0280 1120 igfx - ok
14:51:22.0317 1120 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:51:22.0317 1120 iirsp - ok
14:51:22.0369 1120 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:51:22.0376 1120 IKEEXT - ok
14:51:22.0432 1120 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
14:51:22.0433 1120 Impcd - ok
14:51:22.0502 1120 [ 163F94EBF8F8A98616A6B804AF08D736 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:51:22.0518 1120 IntcAzAudAddService - ok
14:51:22.0564 1120 [ 03C74719D48056A1078F3A51CEB76BAA ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:51:22.0564 1120 IntcDAud - ok
14:51:22.0596 1120 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:51:22.0596 1120 intelide - ok
14:51:22.0611 1120 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:51:22.0611 1120 intelppm - ok
14:51:22.0642 1120 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:51:22.0642 1120 IPBusEnum - ok
14:51:22.0674 1120 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:51:22.0674 1120 IpFilterDriver - ok
14:51:22.0752 1120 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:51:22.0752 1120 iphlpsvc - ok
14:51:22.0783 1120 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:51:22.0783 1120 IPMIDRV - ok
14:51:22.0830 1120 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:51:22.0830 1120 IPNAT - ok
14:51:22.0845 1120 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:51:22.0845 1120 IRENUM - ok
14:51:22.0861 1120 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:51:22.0861 1120 isapnp - ok
14:51:22.0876 1120 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:51:22.0876 1120 iScsiPrt - ok
14:51:22.0908 1120 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:51:22.0908 1120 kbdclass - ok
14:51:22.0954 1120 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:51:22.0954 1120 kbdhid - ok
14:51:22.0970 1120 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:51:22.0970 1120 KeyIso - ok
14:51:23.0001 1120 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:51:23.0001 1120 KSecDD - ok
14:51:23.0017 1120 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:51:23.0017 1120 KSecPkg - ok
14:51:23.0048 1120 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:51:23.0048 1120 ksthunk - ok
14:51:23.0079 1120 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:51:23.0079 1120 KtmRm - ok
14:51:23.0126 1120 [ 55480B9C63F3F91A8EBBADCBF28FE581 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
14:51:23.0126 1120 L1C - ok
14:51:23.0173 1120 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:51:23.0173 1120 LanmanServer - ok
14:51:23.0204 1120 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:51:23.0204 1120 LanmanWorkstation - ok
14:51:23.0235 1120 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:51:23.0235 1120 lltdio - ok
14:51:23.0282 1120 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:51:23.0298 1120 lltdsvc - ok
14:51:23.0313 1120 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:51:23.0313 1120 lmhosts - ok
14:51:23.0407 1120 [ 98B0FCC176DFB711B67651BECB88C445 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
14:51:23.0407 1120 LMIGuardianSvc - ok
14:51:23.0438 1120 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
14:51:23.0438 1120 LMIInfo - ok
14:51:23.0469 1120 [ B712511029CBD68645A90A241FD6AE43 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
14:51:23.0485 1120 LMIMaint - ok
14:51:23.0532 1120 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
14:51:23.0532 1120 lmimirr - ok
14:51:23.0547 1120 LMIRfsClientNP - ok
14:51:23.0578 1120 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
14:51:23.0594 1120 LMIRfsDriver - ok
14:51:23.0641 1120 [ AD1CF8471B06BADB93D87CC4D63B8483 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:51:23.0656 1120 LMS - ok
14:51:23.0688 1120 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
14:51:23.0703 1120 LogMeIn - ok
14:51:23.0750 1120 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:51:23.0750 1120 LSI_FC - ok
14:51:23.0781 1120 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:51:23.0781 1120 LSI_SAS - ok
14:51:23.0797 1120 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:51:23.0797 1120 LSI_SAS2 - ok
14:51:23.0797 1120 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:51:23.0812 1120 LSI_SCSI - ok
14:51:23.0812 1120 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:51:23.0828 1120 luafv - ok
14:51:23.0844 1120 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:51:23.0844 1120 Mcx2Svc - ok
14:51:23.0859 1120 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
14:51:23.0859 1120 megasas - ok
14:51:23.0875 1120 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:51:23.0875 1120 MegaSR - ok
14:51:23.0922 1120 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:51:23.0922 1120 MMCSS - ok
14:51:23.0937 1120 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:51:23.0937 1120 Modem - ok
14:51:23.0968 1120 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:51:23.0968 1120 monitor - ok
14:51:24.0015 1120 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
14:51:24.0015 1120 mouclass - ok
14:51:24.0046 1120 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
14:51:24.0046 1120 mouhid - ok
14:51:24.0093 1120 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:51:24.0093 1120 mountmgr - ok
14:51:24.0156 1120 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:51:24.0156 1120 MozillaMaintenance - ok
14:51:24.0171 1120 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:51:24.0171 1120 mpio - ok
14:51:24.0187 1120 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:51:24.0202 1120 mpsdrv - ok
14:51:24.0265 1120 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:51:24.0265 1120 MpsSvc - ok
14:51:24.0280 1120 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:51:24.0280 1120 MRxDAV - ok
14:51:24.0327 1120 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:51:24.0327 1120 mrxsmb - ok
14:51:24.0374 1120 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:51:24.0374 1120 mrxsmb10 - ok
14:51:24.0390 1120 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:51:24.0390 1120 mrxsmb20 - ok
14:51:24.0421 1120 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:51:24.0421 1120 msahci - ok
14:51:24.0452 1120 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:51:24.0468 1120 msdsm - ok
14:51:24.0483 1120 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:51:24.0499 1120 MSDTC - ok
14:51:24.0546 1120 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:51:24.0546 1120 Msfs - ok
14:51:24.0577 1120 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:51:24.0577 1120 mshidkmdf - ok
14:51:24.0592 1120 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:51:24.0592 1120 msisadrv - ok
14:51:24.0624 1120 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:51:24.0639 1120 MSiSCSI - ok
14:51:24.0639 1120 msiserver - ok
14:51:24.0655 1120 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:51:24.0670 1120 MSKSSRV - ok
14:51:24.0670 1120 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:51:24.0670 1120 MSPCLOCK - ok
14:51:24.0686 1120 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:51:24.0686 1120 MSPQM - ok
14:51:24.0717 1120 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:51:24.0733 1120 MsRPC - ok
14:51:24.0748 1120 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:51:24.0748 1120 mssmbios - ok
14:51:24.0764 1120 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:51:24.0764 1120 MSTEE - ok
14:51:24.0780 1120 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:51:24.0780 1120 MTConfig - ok
14:51:24.0795 1120 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:51:24.0795 1120 Mup - ok
14:51:24.0826 1120 [ 93CD1C4ECB8658A35E5E6EBA02D43E4F ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
14:51:24.0826 1120 MyWiFiDHCPDNS - ok
14:51:24.0951 1120 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.3.0.14\ccSvcHst.exe
14:51:24.0951 1120 N360 - ok
14:51:24.0998 1120 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:51:24.0998 1120 napagent - ok
14:51:25.0060 1120 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:51:25.0060 1120 NativeWifiP - ok
14:51:25.0154 1120 [ 149A9AD81BB327E892FA1ACB77722442 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120824.034\ENG64.SYS
14:51:25.0154 1120 NAVENG - ok
14:51:25.0201 1120 [ 4AF8750E71B549FEC5F6D1D01398CA69 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120824.034\EX64.SYS
14:51:25.0216 1120 NAVEX15 - ok
14:51:25.0263 1120 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
14:51:25.0279 1120 NDIS - ok
14:51:25.0310 1120 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:51:25.0310 1120 NdisCap - ok
14:51:25.0341 1120 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:51:25.0341 1120 NdisTapi - ok
14:51:25.0357 1120 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:51:25.0357 1120 Ndisuio - ok
14:51:25.0372 1120 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:51:25.0372 1120 NdisWan - ok
14:51:25.0404 1120 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:51:25.0404 1120 NDProxy - ok
14:51:25.0404 1120 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:51:25.0404 1120 NetBIOS - ok
14:51:25.0450 1120 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:51:25.0450 1120 NetBT - ok
14:51:25.0482 1120 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:51:25.0482 1120 Netlogon - ok
14:51:25.0528 1120 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:51:25.0528 1120 Netman - ok
14:51:25.0544 1120 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:51:25.0544 1120 netprofm - ok
14:51:25.0575 1120 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:51:25.0575 1120 NetTcpPortSharing - ok
14:51:25.0778 1120 [ 18555F48844C2861D9DCE8F2B7223AE5 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
14:51:25.0809 1120 NETw5s64 - ok
14:51:25.0981 1120 [ EB43840BABF5589E33186D094DE7381D ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
14:51:26.0012 1120 NETwNs64 - ok
14:51:26.0043 1120 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:51:26.0043 1120 nfrd960 - ok
14:51:26.0074 1120 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:51:26.0074 1120 NlaSvc - ok
14:51:26.0090 1120 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:51:26.0090 1120 Npfs - ok
14:51:26.0121 1120 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:51:26.0137 1120 nsi - ok
14:51:26.0137 1120 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:51:26.0137 1120 nsiproxy - ok
14:51:26.0199 1120 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:51:26.0230 1120 Ntfs - ok
14:51:26.0262 1120 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:51:26.0262 1120 Null - ok
14:51:26.0308 1120 [ CDDD4478757288DF4BB1494BFD084259 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:51:26.0308 1120 NVHDA - ok
14:51:26.0574 1120 [ AF340A9ECFCC13DE8A602221EEED8FDE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:51:26.0636 1120 nvlddmkm - ok
14:51:26.0683 1120 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:51:26.0683 1120 nvraid - ok
14:51:26.0698 1120 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:51:26.0698 1120 nvstor - ok
14:51:26.0730 1120 [ 763793107BB88CB565A9B6B8C2B83EBF ] nvsvc C:\Windows\system32\nvvsvc.exe
14:51:26.0730 1120 nvsvc - ok
14:51:26.0761 1120 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:51:26.0761 1120 nv_agp - ok
14:51:26.0839 1120 [ 07571684567859DA796A566CC78FFA74 ] Oasis2Service C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
14:51:26.0839 1120 Oasis2Service - ok
14:51:26.0932 1120 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:51:26.0948 1120 odserv - ok
14:51:26.0948 1120 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:51:26.0964 1120 ohci1394 - ok
14:51:26.0995 1120 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:51:26.0995 1120 ose - ok
14:51:27.0026 1120 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:51:27.0042 1120 p2pimsvc - ok
14:51:27.0073 1120 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:51:27.0088 1120 p2psvc - ok
14:51:27.0120 1120 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
14:51:27.0120 1120 Parport - ok
14:51:27.0166 1120 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:51:27.0166 1120 partmgr - ok
14:51:27.0182 1120 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:51:27.0182 1120 PcaSvc - ok
14:51:27.0198 1120 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:51:27.0198 1120 pci - ok
14:51:27.0244 1120 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:51:27.0244 1120 pciide - ok
14:51:27.0260 1120 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:51:27.0260 1120 pcmcia - ok
14:51:27.0276 1120 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:51:27.0276 1120 pcw - ok
14:51:27.0307 1120 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:51:27.0322 1120 PEAUTH - ok
14:51:27.0416 1120 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:51:27.0432 1120 PerfHost - ok
14:51:27.0478 1120 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:51:27.0494 1120 pla - ok
14:51:27.0541 1120 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:51:27.0556 1120 PlugPlay - ok
14:51:27.0650 1120 [ 80E85394D8CD7F84340B1C6F4B9D698F ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
14:51:27.0666 1120 PMBDeviceInfoProvider - ok
14:51:27.0681 1120 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:51:27.0697 1120 PNRPAutoReg - ok
14:51:27.0697 1120 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:51:27.0712 1120 PNRPsvc - ok
14:51:27.0744 1120 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:51:27.0759 1120 PolicyAgent - ok
14:51:27.0790 1120 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:51:27.0790 1120 Power - ok
14:51:27.0837 1120 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:51:27.0837 1120 PptpMiniport - ok
14:51:27.0868 1120 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
14:51:27.0868 1120 Processor - ok
14:51:27.0900 1120 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:51:27.0900 1120 ProfSvc - ok
14:51:27.0915 1120 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:51:27.0915 1120 ProtectedStorage - ok
14:51:27.0962 1120 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:51:27.0962 1120 Psched - ok
14:51:27.0993 1120 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
14:51:27.0993 1120 PSI_SVC_2 - ok
14:51:28.0040 1120 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:51:28.0056 1120 ql2300 - ok
14:51:28.0087 1120 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:51:28.0087 1120 ql40xx - ok
14:51:28.0102 1120 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:51:28.0118 1120 QWAVE - ok
14:51:28.0134 1120 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:51:28.0134 1120 QWAVEdrv - ok
14:51:28.0134 1120 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:51:28.0134 1120 RasAcd - ok
14:51:28.0180 1120 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:51:28.0180 1120 RasAgileVpn - ok
14:51:28.0196 1120 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:51:28.0196 1120 RasAuto - ok
14:51:28.0227 1120 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:51:28.0227 1120 Rasl2tp - ok
14:51:28.0274 1120 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:51:28.0290 1120 RasMan - ok
14:51:28.0305 1120 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:51:28.0305 1120 RasPppoe - ok
14:51:28.0321 1120 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:51:28.0321 1120 RasSstp - ok
14:51:28.0336 1120 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:51:28.0336 1120 rdbss - ok
14:51:28.0368 1120 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
14:51:28.0368 1120 rdpbus - ok
14:51:28.0383 1120 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:51:28.0383 1120 RDPCDD - ok
14:51:28.0399 1120 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:51:28.0399 1120 RDPENCDD - ok
14:51:28.0414 1120 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:51:28.0414 1120 RDPREFMP - ok
14:51:28.0446 1120 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:51:28.0446 1120 RDPWD - ok
14:51:28.0477 1120 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:51:28.0477 1120 rdyboost - ok
14:51:28.0539 1120 [ A6BAEA839CC888D4961AB5FE16BB8C4A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:51:28.0555 1120 RegSrvc - ok
14:51:28.0586 1120 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:51:28.0586 1120 RemoteAccess - ok
14:51:28.0617 1120 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:51:28.0633 1120 RemoteRegistry - ok
14:51:28.0664 1120 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:51:28.0664 1120 RFCOMM - ok
14:51:28.0726 1120 [ FA6ABC06B629DA29634D31F1FE0347BD ] rimspci C:\Windows\system32\drivers\rimssne64.sys
14:51:28.0726 1120 rimspci - ok
14:51:28.0742 1120 [ 8F8539A7F5C117D4407B2985995671F2 ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys
14:51:28.0742 1120 risdsnpe - ok
14:51:28.0758 1120 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:51:28.0773 1120 RpcEptMapper - ok
14:51:28.0789 1120 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:51:28.0804 1120 RpcLocator - ok
14:51:28.0836 1120 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:51:28.0851 1120 RpcSs - ok
14:51:28.0867 1120 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:51:28.0867 1120 rspndr - ok
14:51:28.0898 1120 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:51:28.0898 1120 SamSs - ok
14:51:28.0945 1120 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:51:28.0945 1120 sbp2port - ok
14:51:28.0976 1120 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:51:28.0976 1120 SCardSvr - ok
14:51:29.0007 1120 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:51:29.0007 1120 scfilter - ok
14:51:29.0038 1120 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:51:29.0054 1120 Schedule - ok
14:51:29.0085 1120 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:51:29.0085 1120 SCPolicySvc - ok
14:51:29.0132 1120 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
14:51:29.0132 1120 sdbus - ok
14:51:29.0163 1120 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:51:29.0163 1120 SDRSVC - ok
14:51:29.0210 1120 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:51:29.0210 1120 secdrv - ok
14:51:29.0226 1120 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:51:29.0226 1120 seclogon - ok
14:51:29.0257 1120 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
14:51:29.0257 1120 SENS - ok
14:51:29.0272 1120 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:51:29.0272 1120 SensrSvc - ok
14:51:29.0304 1120 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
14:51:29.0319 1120 Serenum - ok
14:51:29.0319 1120 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
14:51:29.0335 1120 Serial - ok
14:51:29.0350 1120 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:51:29.0350 1120 sermouse - ok
14:51:29.0397 1120 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:51:29.0397 1120 SessionEnv - ok
14:51:29.0428 1120 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
14:51:29.0428 1120 SFEP - ok
14:51:29.0460 1120 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:51:29.0460 1120 sffdisk - ok
14:51:29.0475 1120 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:51:29.0475 1120 sffp_mmc - ok
14:51:29.0491 1120 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:51:29.0491 1120 sffp_sd - ok
14:51:29.0522 1120 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:51:29.0522 1120 sfloppy - ok
14:51:29.0584 1120 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:51:29.0600 1120 SharedAccess - ok
14:51:29.0616 1120 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:51:29.0631 1120 ShellHWDetection - ok
14:51:29.0662 1120 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:51:29.0662 1120 SiSRaid2 - ok
14:51:29.0694 1120 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:51:29.0694 1120 SiSRaid4 - ok
14:51:29.0756 1120 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:51:29.0756 1120 SkypeUpdate - ok
14:51:29.0787 1120 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:51:29.0787 1120 Smb - ok
14:51:29.0834 1120 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:51:29.0834 1120 SNMPTRAP - ok
14:51:29.0928 1120 [ C3E69DB0A4E59564230E053232F39AC7 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
14:51:29.0928 1120 SOHCImp - ok
14:51:29.0959 1120 [ 65CC4779A29C3E82B987BD4961790DFF ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
14:51:29.0974 1120 SOHDms - ok
14:51:29.0990 1120 [ F47D75CEE1844EEF4A9EA6EE768828FB ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
14:51:29.0990 1120 SOHDs - ok
14:51:30.0052 1120 [ 5449FC97476F52E027409E703791E6A9 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
14:51:30.0052 1120 SpfService - ok
14:51:30.0099 1120 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:51:30.0099 1120 spldr - ok
14:51:30.0146 1120 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
14:51:30.0146 1120 Spooler - ok
14:51:30.0240 1120 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:51:30.0271 1120 sppsvc - ok
14:51:30.0302 1120 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:51:30.0302 1120 sppuinotify - ok
14:51:30.0380 1120 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0603000.00E\SRTSP64.SYS
14:51:30.0396 1120 SRTSP - ok
14:51:30.0411 1120 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\N360x64\0603000.00E\SRTSPX64.SYS
14:51:30.0411 1120 SRTSPX - ok
14:51:30.0442 1120 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:51:30.0458 1120 srv - ok
14:51:30.0474 1120 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:51:30.0489 1120 srv2 - ok
14:51:30.0505 1120 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:51:30.0505 1120 srvnet - ok
14:51:30.0536 1120 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:51:30.0536 1120 SSDPSRV - ok
14:51:30.0567 1120 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:51:30.0567 1120 SstpSvc - ok
14:51:30.0598 1120 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:51:30.0598 1120 stexstor - ok
14:51:30.0630 1120 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:51:30.0645 1120 stisvc - ok
14:51:30.0676 1120 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:51:30.0676 1120 swenum - ok
14:51:30.0692 1120 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:51:30.0708 1120 swprv - ok
14:51:30.0754 1120 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS
14:51:30.0754 1120 SymDS - ok
14:51:30.0817 1120 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS
14:51:30.0817 1120 SymEFA - ok
14:51:30.0864 1120 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
14:51:30.0864 1120 SymEvent - ok
14:51:30.0895 1120 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS
14:51:30.0895 1120 SymIRON - ok
14:51:30.0926 1120 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS
14:51:30.0926 1120 SymNetS - ok
14:51:30.0973 1120 [ 20F8F4C2ED3F492DA318D98E72F77209 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:51:30.0988 1120 SynTP - ok
14:51:31.0051 1120 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:51:31.0066 1120 SysMain - ok
14:51:31.0098 1120 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:51:31.0098 1120 TabletInputService - ok
14:51:31.0144 1120 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:51:31.0144 1120 TapiSrv - ok
14:51:31.0176 1120 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:51:31.0176 1120 TBS - ok
14:51:31.0254 1120 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:51:31.0269 1120 Tcpip - ok
14:51:31.0316 1120 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:51:31.0332 1120 TCPIP6 - ok
14:51:31.0347 1120 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:51:31.0347 1120 tcpipreg - ok
14:51:31.0378 1120 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:51:31.0378 1120 TDPIPE - ok
14:51:31.0410 1120 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:51:31.0410 1120 TDTCP - ok
14:51:31.0441 1120 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:51:31.0441 1120 tdx - ok
14:51:31.0472 1120 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:51:31.0472 1120 TermDD - ok
14:51:31.0519 1120 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:51:31.0519 1120 TermService - ok
14:51:31.0550 1120 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:51:31.0550 1120 Themes - ok
14:51:31.0597 1120 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:51:31.0612 1120 THREADORDER - ok
14:51:31.0628 1120 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:51:31.0644 1120 TrkWks - ok
14:51:31.0690 1120 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:51:31.0706 1120 TrustedInstaller - ok
14:51:31.0722 1120 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:51:31.0722 1120 tssecsrv - ok
14:51:31.0753 1120 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:51:31.0753 1120 TsUsbFlt - ok
14:51:31.0784 1120 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:51:31.0784 1120 tunnel - ok
14:51:31.0800 1120 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:51:31.0800 1120 uagp35 - ok
14:51:31.0831 1120 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:51:31.0831 1120 udfs - ok
14:51:31.0862 1120 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:51:31.0878 1120 UI0Detect - ok
14:51:31.0878 1120 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:51:31.0878 1120 uliagpkx - ok
14:51:31.0909 1120 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:51:31.0909 1120 umbus - ok
14:51:31.0940 1120 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
14:51:31.0956 1120 UmPass - ok
14:51:32.0080 1120 [ AD88AF249ABDC546151F9BFC4093FA9B ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:51:32.0096 1120 UNS - ok
14:51:32.0127 1120 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:51:32.0143 1120 upnphost - ok
14:51:32.0174 1120 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:51:32.0174 1120 usbccgp - ok
14:51:32.0221 1120 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:51:32.0221 1120 usbcir - ok
14:51:32.0236 1120 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:51:32.0236 1120 usbehci - ok
14:51:32.0268 1120 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:51:32.0283 1120 usbhub - ok
14:51:32.0299 1120 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:51:32.0299 1120 usbohci - ok
14:51:32.0314 1120 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
14:51:32.0314 1120 usbprint - ok
14:51:32.0346 1120 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:51:32.0346 1120 USBSTOR - ok
14:51:32.0361 1120 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:51:32.0361 1120 usbuhci - ok
14:51:32.0377 1120 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:51:32.0377 1120 usbvideo - ok
14:51:32.0408 1120 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:51:32.0408 1120 UxSms - ok
14:51:32.0470 1120 [ A60605FC66552B421EE1F3D4EBB9A4E0 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
14:51:32.0470 1120 VAIO Event Service - ok
14:51:32.0564 1120 [ D469BE2723F79CF4B384680B1FDC577D ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
14:51:32.0564 1120 VAIO Power Management - ok
14:51:32.0595 1120 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:51:32.0595 1120 VaultSvc - ok
14:51:32.0642 1120 [ 96EFA2698D6B9E2931609A3EA73FC5DC ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
14:51:32.0658 1120 VCFw - ok
14:51:32.0720 1120 [ 7BEBF6A5285FFC03C34A7297A4E177CB ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
14:51:32.0736 1120 VcmIAlzMgr - ok
14:51:32.0767 1120 [ E005B04DFCA99F5880C5111933194CA9 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
14:51:32.0782 1120 VcmINSMgr - ok
14:51:32.0814 1120 [ 829A32FD1334F72429CA0515760EB7A7 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
14:51:32.0814 1120 VcmXmlIfHelper - ok
14:51:32.0860 1120 [ D347D3ABE070AA09C22FC37121555D52 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
14:51:32.0860 1120 VCService - ok
14:51:32.0876 1120 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:51:32.0876 1120 vdrvroot - ok
14:51:32.0907 1120 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:51:32.0923 1120 vds - ok
14:51:32.0954 1120 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:51:32.0954 1120 vga - ok
14:51:32.0970 1120 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:51:32.0970 1120 VgaSave - ok
14:51:32.0985 1120 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:51:32.0985 1120 vhdmp - ok
14:51:33.0016 1120 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:51:33.0016 1120 viaide - ok
14:51:33.0032 1120 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:51:33.0032 1120 volmgr - ok
14:51:33.0063 1120 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:51:33.0063 1120 volmgrx - ok
14:51:33.0079 1120 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:51:33.0079 1120 volsnap - ok
14:51:33.0126 1120 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:51:33.0126 1120 vsmraid - ok
14:51:33.0188 1120 [ A7EB62C664A03901165290A714BD48D0 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
14:51:33.0188 1120 VSNService - ok
14:51:33.0250 1120 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:51:33.0282 1120 VSS - ok
14:51:33.0375 1120 [ D62D16E057BE87F5B84A54D1B83822C4 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
14:51:33.0391 1120 VUAgent - ok
14:51:33.0422 1120 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:51:33.0422 1120 vwifibus - ok
14:51:33.0438 1120 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:51:33.0453 1120 vwififlt - ok
14:51:33.0453 1120 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:51:33.0453 1120 vwifimp - ok
14:51:33.0500 1120 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:51:33.0500 1120 W32Time - ok
14:51:33.0516 1120 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:51:33.0516 1120 WacomPen - ok
14:51:33.0547 1120 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:51:33.0547 1120 WANARP - ok
14:51:33.0562 1120 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:51:33.0562 1120 Wanarpv6 - ok
14:51:33.0625 1120 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:51:33.0640 1120 WatAdminSvc - ok
14:51:33.0687 1120 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:51:33.0718 1120 wbengine - ok
14:51:33.0750 1120 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:51:33.0750 1120 WbioSrvc - ok
14:51:33.0781 1120 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:51:33.0796 1120 wcncsvc - ok
14:51:33.0828 1120 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:51:33.0828 1120 WcsPlugInService - ok
14:51:33.0859 1120 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
14:51:33.0859 1120 Wd - ok
14:51:33.0874 1120 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:51:33.0890 1120 Wdf01000 - ok
14:51:33.0906 1120 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:51:33.0906 1120 WdiServiceHost - ok
14:51:33.0921 1120 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:51:33.0921 1120 WdiSystemHost - ok
14:51:33.0968 1120 [ 5B34E5938B9E76798977725E3F7847C4 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
14:51:33.0968 1120 wdkmd - ok
14:51:33.0999 1120 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:51:34.0015 1120 WebClient - ok
14:51:34.0030 1120 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:51:34.0030 1120 Wecsvc - ok
14:51:34.0062 1120 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:51:34.0062 1120 wercplsupport - ok
14:51:34.0093 1120 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:51:34.0093 1120 WerSvc - ok
14:51:34.0124 1120 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:51:34.0124 1120 WfpLwf - ok
14:51:34.0186 1120 [ 8686E96E13F41AC9806A79CA8004FEEE ] WiMAXAppSrv C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
14:51:34.0202 1120 WiMAXAppSrv - ok
14:51:34.0218 1120 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:51:34.0218 1120 WIMMount - ok
14:51:34.0249 1120 WinDefend - ok
14:51:34.0264 1120 WinHttpAutoProxySvc - ok
14:51:34.0327 1120 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:51:34.0327 1120 Winmgmt - ok
14:51:34.0405 1120 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:51:34.0436 1120 WinRM - ok
14:51:34.0483 1120 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:51:34.0483 1120 WinUsb - ok
14:51:34.0530 1120 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:51:34.0545 1120 Wlansvc - ok
14:51:34.0576 1120 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:51:34.0576 1120 WmiAcpi - ok
14:51:34.0608 1120 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:51:34.0608 1120 wmiApSrv - ok
14:51:34.0623 1120 WMPNetworkSvc - ok
14:51:34.0654 1120 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:51:34.0654 1120 WPCSvc - ok
14:51:34.0686 1120 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:51:34.0686 1120 WPDBusEnum - ok
14:51:34.0717 1120 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:51:34.0717 1120 ws2ifsl - ok
14:51:34.0764 1120 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
14:51:34.0779 1120 wscsvc - ok
14:51:34.0779 1120 WSearch - ok
14:51:34.0888 1120 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:51:34.0920 1120 wuauserv - ok
14:51:34.0951 1120 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:51:34.0951 1120 WudfPf - ok
14:51:34.0966 1120 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:51:34.0966 1120 wudfsvc - ok
14:51:34.0998 1120 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:51:34.0998 1120 WwanSvc - ok
14:51:35.0091 1120 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
14:51:35.0091 1120 YahooAUService - ok
14:51:35.0122 1120 ================ Scan global ===============================
14:51:35.0154 1120 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:51:35.0185 1120 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:51:35.0185 1120 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:51:35.0216 1120 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:51:35.0263 1120 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:51:35.0263 1120 [Global] - ok
14:51:35.0263 1120 ================ Scan MBR ==================================
14:51:35.0278 1120 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:51:35.0559 1120 \Device\Harddisk0\DR0 - ok
14:51:35.0559 1120 ================ Scan VBR ==================================
14:51:35.0559 1120 [ 35A0F5D4B329CE4E4823162FAD6C6927 ] \Device\Harddisk0\DR0\Partition1
14:51:35.0559 1120 \Device\Harddisk0\DR0\Partition1 - ok
14:51:35.0606 1120 [ 739FB80B2D5FE844A2A1FFFCE86F06AF ] \Device\Harddisk0\DR0\Partition2
14:51:35.0606 1120 \Device\Harddisk0\DR0\Partition2 - ok
14:51:35.0606 1120 ============================================================
14:51:35.0606 1120 Scan finished
14:51:35.0606 1120 ============================================================
14:51:35.0622 3492 Detected object count: 0
14:51:35.0622 3492 Actual detected object count: 0


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-25 15:05:59
-----------------------------
15:05:59.996 OS Version: Windows x64 6.1.7601 Service Pack 1
15:05:59.996 Number of processors: 4 586 0x2505
15:06:00.001 ComputerName: OWNER-VAIO UserName: Owner
15:06:01.381 Initialize success
15:07:23.064 AVAST engine defs: 12082501
15:08:11.354 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:08:11.354 Disk 0 Vendor: SAMSUNG_ 2AJ1 Size: 610480MB BusType: 3
15:08:11.389 Disk 0 MBR read successfully
15:08:11.394 Disk 0 MBR scan
15:08:11.399 Disk 0 Windows 7 default MBR code
15:08:11.409 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10304 MB offset 2048
15:08:11.454 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 21104640
15:08:11.474 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 600074 MB offset 21309440
15:08:11.504 Disk 0 scanning C:\Windows\system32\drivers
15:08:23.134 Service scanning
15:08:53.109 Modules scanning
15:08:53.119 Disk 0 trace - called modules:
15:08:53.134 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
15:08:53.144 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c18060]
15:08:53.154 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> [0xfffffa8003b79330]
15:08:53.159 5 ACPI.sys[fffff88000f1c7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800493e050]
15:08:54.989 AVAST engine scan C:\Windows
15:08:58.469 AVAST engine scan C:\Windows\system32
15:12:09.305 AVAST engine scan C:\Windows\system32\drivers
15:12:43.375 AVAST engine scan C:\Users\Owner
15:40:56.831 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
15:40:56.841 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:38 AM

Posted 28 August 2012 - 12:48 PM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:38 AM

Posted 31 August 2012 - 10:33 AM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 froghog

froghog
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:38 PM

Posted 31 August 2012 - 08:20 PM

I have posted my logs as requested. I have since resolved the issue I believe.

I noticed that Norton 360 would not update and Windows would not update. Uninstalled Norton, still had issues with Windows Updates.
Troubleshooting Windows updates, found the BITS Windows service was missing. Reinstalled the BITS service with Microsoft "Fix it". Successfully updated windows, Ran Secunia OSI to make sure all the other software was up-to-date. Installed Microsoft MSE and found no errors. Uninstalled MSE, installed Norton, successfully updated, ran a full scan and did not find any errors. Computer is updating and appears to be working so I am assuming it is all fixed.

Thank you.

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:38 AM

Posted 31 August 2012 - 08:48 PM

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here http://www.ccleaner.com/

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
  • Click Run Cleaner.
  • Close CCleaner.

: Malwarebytes' Anti-Malware :

  • I would like you to rerun MBAM
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidentally close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a log file button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the Analyze This button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:38 AM

Posted 02 September 2012 - 11:30 PM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:38 AM

Posted 08 September 2012 - 12:39 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users