Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirect


  • This topic is locked This topic is locked
12 replies to this topic

#1 Icyfyre

Icyfyre

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 17 February 2013 - 02:34 AM

It seems I have caught the google redirect virus. Whenever I use google it takes me to some random website and my computer has slowed way down. I am currently operating Internet explorer 8 on windows vista. I have tried several different anti-virus/malware removal programs and none of them have been able to fix the problem. One of them, sophos, indicated that I had troj.tracur malware but was unable to remove it.

Please help?

Thanks

BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,076 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:03 AM

Posted 17 February 2013 - 04:03 AM

Hello and welcome to BleepingComputer! smile.png

I have moved your topic to the malware removal forum so we can investigate the problem.

We need to see some information about what is happening in your machine. Please perform the following scan:

  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE



Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 Icyfyre

Icyfyre
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 17 February 2013 - 11:48 AM

Here are the results to the DDS scan:

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16464  BrowserJavaVersion: 1.6.0_06
Run by Icyfyre at 9:24:28 on 2013-02-17
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.2939.1118 [GMT -7:00]
.
AV: COMODO Antivirus *Enabled/Updated* {7554F4C5-5EC0-2FC6-8192-8DF831DBED51}
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Common Files\COMODO\launcher_service.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\ProgramData\DatacardService\DCService.exe
C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\iWin Games\iWinTrusted.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Norton Security Suite\Engine\6.4.1.14\ccSvcHst.exe
C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Norton Security Suite\Engine\6.4.1.14\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\Explorer.EXE
C:\Program Files\DriverUpdate\DriverUpdate.exe
C:\Program Files\FixCleaner\FixCleaner.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files\Real\realplayer\Update\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
C:\Program Files\COMODO\GeekBuddy\unit.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\14.2.0\ScriptHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_168_ActiveX.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
uURLSearchHooks: Vuze Remote Toolbar: {05478A66-EDB6-4A22-A870-A5987F80A7DA} - c:\program files\vuze remote toolbar\ie\6.9\vuzeToolbarIE.dll
uURLSearchHooks: 4shared.com Toolbar: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - c:\program files\4shared.com\tb4sha.dll
uURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyn0.dll
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\prxtbVuze.dll
mURLSearchHooks: 4shared.com Toolbar: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - c:\program files\4shared.com\tb4sha.dll
mURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyn0.dll
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\prxtbVuze.dll
BHO: Vuze Remote Toolbar: {05478A66-EDB6-4A22-A870-A5987F80A7DA} - c:\program files\vuze remote toolbar\ie\6.9\vuzeToolbarIE.dll
BHO: 4shared.com Toolbar: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - c:\program files\4shared.com\tb4sha.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.0.318\McAfeeMSS_IE.dll
BHO: {1036AD63-AEAC-460B-9060-C96005D4DC86} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: Reimage SmartBarEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton security suite\engine\6.4.1.14\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton security suite\engine\6.4.1.14\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_06\bin\ssv.dll
BHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyn0.dll
BHO: IEHlprObj Class: {8CA5ED52-F3FB-4414-A105-2E3491156990} - c:\program files\iwin games\iWinGamesHookIE.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\14.2.0.1\AVG SafeGuard toolbar_toolbar.dll
BHO: Privacy Safeguard BHO: {A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} - c:\program files\privacysafeguard\PrivacySafeGuard.dll
BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - c:\program files\wajam\ie\priam_bho.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\prxtbVuze.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files\hotspot shield\hssie\HssIE.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: 4shared.com Toolbar: {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - c:\program files\4shared.com\tb4sha.dll
TB: Zynga Toolbar: {7B13EC3E-999A-4B70-B9CB-2617B8323822} - c:\program files\zynga\tbZyn0.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: Vuze Remote Toolbar: {BA14329E-9550-4989-B3F2-9732E92D17CC} - c:\program files\vuze_remote\prxtbVuze.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\6.4.1.14\coieplg.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: 4shared.com Toolbar: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - c:\program files\4shared.com\tb4sha.dll
TB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyn0.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\6.4.1.14\coieplg.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\prxtbVuze.dll
TB: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\prxConduitEngine.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Vuze Remote Toolbar: {05478A66-EDB6-4A22-A870-A5987F80A7DA} - c:\program files\vuze remote toolbar\ie\6.9\vuzeToolbarIE.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\14.2.0.1\AVG SafeGuard toolbar_toolbar.dll
TB: Reimage SmartBar: {ae07101b-46d4-4a98-af68-0333ea26e113} -
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
EB: 4shared.com Findbar: {69517302-6571-4D2B-8F9A-9ACA38B82A43} - c:\program files\4shared.com\tb4sha.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [HW_OPENEYE_OUC_Cricket Broadband EC1705] "c:\program files\cricket broadband ec1705\updatedog\ouc.exe"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Browser Infrastructure Helper] c:\users\icyfyre\appdata\local\smartbar\application\Smartbar.exe startup
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start
mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
mRun: [HSON] c:\program files\toshiba\tbs\HSON.exe
mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [NDSTray.exe] NDSTray.exe
mRun: [cfFncEnabler.exe] cfFncEnabler.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Conime] c:\windows\system32\conime.exe
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [IJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.exe
mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [BackupNowEZtray] "c:\program files\nti\nti backup now ez\BackupNowEZtray.exe" -k
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [gbrspcontrol] "c:\program files\common files\comodo\GeekBuddyRSP.exe" -controlservice -slave
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.318\SSScheduler.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\startg~1.lnk - c:\program files\comodo\geekbuddy\launcher.exe
uPolicies-Explorer: NoThumbnailCache = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: netzero.com
Trusted Zone: netzero.net
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
TCP: NameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{9202F140-B62C-4A6E-9E3F-3275DE1C6B69} : DHCPNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{9A244977-5B2A-415B-AD3B-59762EEFBAC8} : DHCPNameServer = 8.8.8.8
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\14.2.0\ViProtocol.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs=  c:\windows\system32\guard32.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-2-16 33112]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.1.2.10\definitions\bashdefs\20130208.001\BHDrvx86.sys [2013-2-12 997464]
R1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\n360\0604010.00e\ccsetx86.sys [2013-2-5 132768]
R1 CFRMD;CFRMD;c:\windows\system32\drivers\CFRMD.sys [2012-9-3 35064]
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [2011-9-14 19088]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2011-9-14 238960]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-10-5 65584]
R1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\drivers\hssdrv6.sys [2012-11-14 35592]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.1.2.10\definitions\ipsdefs\20130215.002\IDSvix86.sys [2013-2-15 386720]
R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\drivers\jswpslwf.sys [2009-4-20 20384]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-11-11 106656]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-8-18 7168]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2011-5-18 70656]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2012-11-10 193640]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2011-5-18 101504]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2011-5-18 116736]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-7-28 25112]
.
=============== Created Last 30 ================
.
2013-02-17 02:30:29 -------- d-----w- c:\program files\common files\COMODO
2013-02-17 02:23:25 -------- d--h--w- C:\VritualRoot
2013-02-17 02:18:50 974768 ----a-w- c:\windows\system32\drivers\sfi.dat
2013-02-17 02:12:39 -------- d-----w- c:\programdata\Comodo
2013-02-17 02:11:56 -------- d-----w- c:\program files\COMODO
2013-02-17 02:11:54 1060864 ----a-w- c:\windows\system32\mfc71.dll
2013-02-17 02:11:53 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2013-02-17 02:10:38 -------- d-----w- c:\programdata\Comodo Downloader
2013-02-17 00:39:08 -------- d-----w- C:\rei
2013-02-17 00:38:41 -------- d-----w- c:\program files\Reimage
2013-02-17 00:37:07 -------- d-----w- c:\users\icyfyre\appdata\local\Smartbar
2013-02-17 00:04:04 -------- d-----w- c:\programdata\Sophos
2013-02-17 00:02:33 73728 ----a-r- c:\users\icyfyre\appdata\roaming\microsoft\installer\{b829e117-d072-41ea-9606-9826a38d34c1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2013-02-17 00:02:33 73728 ----a-r- c:\users\icyfyre\appdata\roaming\microsoft\installer\{b829e117-d072-41ea-9606-9826a38d34c1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2013-02-17 00:02:33 73728 ----a-r- c:\users\icyfyre\appdata\roaming\microsoft\installer\{b829e117-d072-41ea-9606-9826a38d34c1}\ARPPRODUCTICON.exe
2013-02-17 00:02:11 -------- d-----w- c:\program files\Sophos
2013-02-16 23:50:42 -------- d-----w- c:\users\icyfyre\appdata\roaming\Malwarebytes
2013-02-16 23:50:26 -------- d-----w- c:\programdata\Malwarebytes
2013-02-16 23:50:25 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-16 23:50:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-16 23:40:18 -------- d-----w- c:\users\icyfyre\appdata\local\AVG SafeGuard toolbar
2013-02-16 23:40:06 -------- d-----w- c:\programdata\AVG SafeGuard toolbar
2013-02-16 23:39:54 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-02-16 23:39:51 -------- d-----w- c:\program files\common files\AVG Secure Search
2013-02-16 23:39:50 -------- d-----w- c:\program files\AVG SafeGuard toolbar
2013-02-16 23:39:05 -------- d--h--w- c:\programdata\Common Files
2013-02-16 23:36:14 -------- d-----w- c:\users\icyfyre\appdata\local\Wajam
2013-02-16 23:36:11 -------- d-----w- c:\program files\Wajam
2013-02-13 15:17:07 2048512 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 15:10:24 1314816 ----a-w- c:\windows\system32\quartz.dll
2013-02-13 15:10:14 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 15:09:53 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-13 15:09:53 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 14:15:23 -------- d-----w- c:\program files\Vuze Remote Toolbar
2013-02-13 14:15:23 -------- d-----w- c:\program files\common files\Spigot
2013-02-13 14:15:23 -------- d-----w- c:\program files\Application Updater
2013-02-06 03:36:48 924320 ----a-w- c:\windows\system32\drivers\n360\0604010.00e\symefa.sys
2013-02-06 03:36:48 345208 ----a-r- c:\windows\system32\drivers\n360\0604010.00e\symtdiv.sys
2013-02-06 03:36:48 340088 ----a-r- c:\windows\system32\drivers\n360\0604010.00e\symds.sys
2013-02-06 03:36:48 32928 ----a-w- c:\windows\system32\drivers\n360\0604010.00e\srtspx.sys
2013-02-06 03:36:48 318584 ----a-r- c:\windows\system32\drivers\n360\0604010.00e\symnets.sys
2013-02-06 03:36:47 574112 ----a-w- c:\windows\system32\drivers\n360\0604010.00e\srtsp.sys
2013-02-06 03:36:47 149624 ----a-r- c:\windows\system32\drivers\n360\0604010.00e\ironx86.sys
2013-02-06 03:36:47 132768 ----a-w- c:\windows\system32\drivers\n360\0604010.00e\ccsetx86.sys
2013-02-06 03:36:31 8942 ----a-w- c:\windows\system32\drivers\n360\0604010.00e\symvtcer.dat
2013-02-06 03:36:31 -------- d-----w- c:\windows\system32\drivers\n360\0604010.00E
.
==================== Find3M  ====================
.
2013-02-17 15:54:11 13024 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2013-02-16 23:17:26 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-16 23:17:26 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-08 22:11:21 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-24 18:24:15 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-12-24 18:24:15 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-12-16 13:12:54 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 10:50:29 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-11-20 04:22:50 204288 ----a-w- c:\windows\system32\ncrypt.dll
.
============= FINISH:  9:27:34.66 ===============
 

 

The results to the TDSSKiller Scan

 

08:57:48.0870 3644  TDSS rootkit removing tool 2.8.14.0 Oct 30 2012 13:37:33
08:57:50.0882 3644  ============================================================
08:57:50.0882 3644  Current date / time: 2013/02/17 08:57:50.0882
08:57:50.0882 3644  SystemInfo:
08:57:50.0882 3644 
08:57:50.0882 3644  OS Version: 6.0.6002 ServicePack: 2.0
08:57:50.0882 3644  Product type: Workstation
08:57:50.0882 3644  ComputerName: ICYFYRE-PC
08:57:50.0882 3644  UserName: Icyfyre
08:57:50.0882 3644  Windows directory: C:\Windows
08:57:50.0882 3644  System windows directory: C:\Windows
08:57:50.0882 3644  Processor architecture: Intel x86
08:57:50.0882 3644  Number of processors: 2
08:57:50.0882 3644  Page size: 0x1000
08:57:50.0882 3644  Boot type: Normal boot
08:57:50.0882 3644  ============================================================
08:57:59.0369 3644  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:57:59.0384 3644  ============================================================
08:57:59.0384 3644  \Device\Harddisk0\DR0:
08:57:59.0400 3644  MBR partitions:
08:57:59.0400 3644  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1C059800
08:57:59.0400 3644  ============================================================
08:57:59.0478 3644  C: <-> \Device\Harddisk0\DR0\Partition1
08:57:59.0478 3644  ============================================================
08:57:59.0478 3644  Initialize success
08:57:59.0478 3644  ============================================================
08:58:15.0468 2216  ============================================================
08:58:15.0468 2216  Scan started
08:58:15.0468 2216  Mode: Manual;
08:58:15.0468 2216  ============================================================
08:58:25.0436 2216  ================ Scan system memory ========================
08:58:25.0436 2216  System memory - ok
08:58:25.0436 2216  ================ Scan services =============================
08:58:30.0913 2216  21b16014 - ok
08:58:36.0778 2216  50826545 - ok
08:58:37.0371 2216  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
08:58:37.0652 2216  ACPI - ok
08:58:38.0136 2216  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
08:58:38.0136 2216  AdobeARMservice - ok
08:58:38.0728 2216  [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:58:45.0781 2216  AdobeFlashPlayerUpdateSvc - ok
08:58:46.0888 2216  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
08:58:47.0777 2216  adp94xx - ok
08:58:48.0277 2216  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
08:58:49.0790 2216  adpahci - ok
08:58:49.0946 2216  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
08:58:50.0164 2216  adpu160m - ok
08:58:50.0367 2216  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
08:58:51.0038 2216  adpu320 - ok
08:58:51.0132 2216  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:58:51.0179 2216  AeLookupSvc - ok
08:58:51.0351 2216  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
08:58:51.0897 2216  AFD - ok
08:58:52.0006 2216  [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
08:58:52.0068 2216  AgereModemAudio - ok
08:58:52.0864 2216  [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
08:58:55.0485 2216  AgereSoftModem - ok
08:58:55.0500 2216  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
08:58:55.0578 2216  agp440 - ok
08:58:55.0750 2216  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
08:58:56.0187 2216  aic78xx - ok
08:58:56.0343 2216  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
08:58:56.0421 2216  ALG - ok
08:58:56.0748 2216  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
08:58:57.0154 2216  aliide - ok
08:58:57.0248 2216  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
08:58:57.0357 2216  amdagp - ok
08:58:57.0466 2216  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
08:58:58.0059 2216  amdide - ok
08:58:58.0745 2216  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
08:58:59.0556 2216  AmdK7 - ok
08:58:59.0744 2216  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
08:59:00.0570 2216  AmdK8 - ok
08:59:00.0929 2216  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
08:59:01.0214 2216  Appinfo - ok
08:59:02.0840 2216  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:59:02.0949 2216  Apple Mobile Device - ok
08:59:06.0399 2216  [ 0E029912E4F9886B9190F59E72EAE96D ] Application Updater C:\Program Files\Application Updater\ApplicationUpdater.exe
08:59:06.0414 2216  Application Updater - ok
08:59:06.0929 2216  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
08:59:07.0522 2216  arc - ok
08:59:07.0818 2216  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
08:59:09.0222 2216  arcsas - ok
08:59:09.0331 2216  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
08:59:09.0347 2216  AsyncMac - ok
08:59:09.0520 2216  [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi           C:\Windows\system32\drivers\atapi.sys
08:59:09.0816 2216  atapi - ok
08:59:10.0644 2216  [ 8BE56F8300E1C37B578DA23C71816B7A ] athr            C:\Windows\system32\DRIVERS\athr.sys
08:59:13.0173 2216  athr - ok
08:59:13.0391 2216  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:59:13.0735 2216  AudioEndpointBuilder - ok
08:59:14.0187 2216  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
08:59:21.0410 2216  Audiosrv - ok
08:59:21.0519 2216  [ DB61A6ECACD9D84405D2F3E411B25409 ] avgtp           C:\Windows\system32\drivers\avgtpx86.sys
08:59:21.0956 2216  avgtp - ok
08:59:22.0174 2216  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
08:59:22.0580 2216  Beep - ok
08:59:23.0454 2216  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
08:59:24.0579 2216  BFE - ok
08:59:26.0763 2216  [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\BASHDefs\20130208.001\BHDrvx86.sys
08:59:29.0837 2216  BHDrvx86 - ok
08:59:30.0289 2216  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
08:59:35.0671 2216  BITS - ok
08:59:35.0858 2216  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
08:59:35.0936 2216  blbdrive - ok
08:59:36.0155 2216  [ C9C78E00A21D3FE21CE5D81BA5B45E21 ] BMLoad          C:\Windows\system32\drivers\BMLoad.sys
08:59:36.0186 2216  BMLoad - ok
08:59:36.0732 2216  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:59:36.0732 2216  Bonjour Service - ok
08:59:36.0857 2216  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
08:59:37.0247 2216  bowser - ok
08:59:37.0512 2216  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
08:59:37.0730 2216  BrFiltLo - ok
08:59:37.0950 2216  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
08:59:38.0106 2216  BrFiltUp - ok
08:59:38.0355 2216  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
08:59:38.0465 2216  Browser - ok
08:59:38.0809 2216  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
08:59:39.0542 2216  Brserid - ok
08:59:39.0729 2216  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
08:59:40.0276 2216  BrSerWdm - ok
08:59:40.0541 2216  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
08:59:40.0854 2216  BrUsbMdm - ok
08:59:40.0979 2216  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
08:59:41.0104 2216  BrUsbSer - ok
08:59:41.0603 2216  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
08:59:41.0728 2216  BTHMODEM - ok
08:59:42.0571 2216  [ ACE85AF1C31F68BDFEE9333F6592917E ] ccSet_N360      C:\Windows\system32\drivers\N360\0604010.00E\ccSetx86.sys
08:59:51.0886 2216  ccSet_N360 - ok
08:59:52.0104 2216  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
08:59:52.0478 2216  cdfs - ok
08:59:52.0556 2216  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
08:59:52.0759 2216  cdrom - ok
08:59:52.0837 2216  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
08:59:52.0915 2216  CertPropSvc - ok
08:59:53.0227 2216  [ 2A3A6EEF9E5479CF662B088EEBEDE8D8 ] CFRMD           C:\Windows\system32\DRIVERS\CFRMD.sys
08:59:53.0633 2216  CFRMD - ok
08:59:53.0960 2216  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
08:59:54.0116 2216  circlass - ok
08:59:54.0616 2216  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
08:59:54.0896 2216  CLFS - ok
08:59:55.0272 2216  [ 082088F30589C8B8698B995C7066DBB5 ] CLPSLauncher    C:\Program Files\Common Files\COMODO\launcher_service.exe
08:59:55.0272 2216  CLPSLauncher - ok
08:59:56.0598 2216  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:59:57.0206 2216  clr_optimization_v2.0.50727_32 - ok
08:59:58.0610 2216  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:59:59.0889 2216  clr_optimization_v4.0.30319_32 - ok
08:59:59.0999 2216  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:00:00.0030 2216  CmBatt - ok
09:00:03.0026 2216  [ 2778F2B3E160B4CEE6EDF409426F9B3B ] cmdAgent        C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
09:00:03.0057 2216  cmdAgent - ok
09:00:03.0213 2216  [ C27628B3EBC76EE5311B08369CBC1A6D ] cmderd          C:\Windows\system32\DRIVERS\cmderd.sys
09:00:03.0369 2216  cmderd - ok
09:00:03.0744 2216  [ 34DC78AC72346676F1D33C6972368EFD ] cmdGuard        C:\Windows\system32\DRIVERS\cmdguard.sys
09:00:03.0744 2216  cmdGuard - ok
09:00:03.0931 2216  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:00:04.0009 2216  cmdide - ok
09:00:04.0477 2216  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:00:04.0742 2216  Compbatt - ok
09:00:04.0758 2216  COMSysApp - ok
09:00:05.0366 2216  [ D10D01B2DFCD8D2F32A32ED29E8DA1C2 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
09:00:05.0413 2216  ConfigFree Service - ok
09:00:52.0795 2216  cpuz134 - ok
09:00:53.0954 2216  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:00:53.0970 2216  crcdisk - ok
09:00:54.0048 2216  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
09:00:54.0110 2216  Crusoe - ok
09:00:54.0266 2216  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:00:54.0266 2216  CryptSvc - ok
09:00:54.0485 2216  [ CB6FF7012BB5D59D7C12350DB795CE1F ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
09:00:54.0547 2216  ctxusbm - ok
09:00:54.0625 2216  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:00:54.0734 2216  DcomLaunch - ok
09:00:55.0046 2216  [ 00EAF3956092A8008608CA6E2C5D649D ] DCService.exe   C:\ProgramData\DatacardService\DCService.exe
09:00:55.0046 2216  DCService.exe - ok
09:00:55.0358 2216  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:00:55.0748 2216  DfsC - ok
09:00:55.0998 2216  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
09:00:56.0014 2216  DFSR - ok
09:00:56.0076 2216  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
09:00:56.0092 2216  Dhcp - ok
09:00:56.0154 2216  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
09:00:56.0513 2216  disk - ok
09:00:56.0560 2216  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:00:56.0747 2216  Dnscache - ok
09:00:56.0840 2216  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:00:57.0012 2216  dot3svc - ok
09:00:57.0043 2216  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
09:00:57.0106 2216  DPS - ok
09:00:57.0184 2216  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:00:57.0215 2216  drmkaud - ok
09:00:57.0293 2216  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:00:57.0293 2216  DXGKrnl - ok
09:00:57.0371 2216  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
09:00:57.0402 2216  E1G60 - ok
09:00:57.0433 2216  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
09:00:57.0496 2216  EapHost - ok
09:00:57.0574 2216  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
09:00:57.0574 2216  Ecache - ok
09:00:57.0823 2216  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
09:00:58.0556 2216  eeCtrl - ok
09:00:58.0775 2216  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:00:58.0822 2216  ehRecvr - ok
09:00:58.0853 2216  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
09:00:58.0853 2216  ehSched - ok
09:00:58.0868 2216  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
09:00:58.0884 2216  ehstart - ok
09:00:58.0931 2216  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:00:59.0009 2216  elxstor - ok
09:00:59.0071 2216  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
09:00:59.0134 2216  EMDMgmt - ok
09:00:59.0258 2216  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:00:59.0555 2216  EraserUtilRebootDrv - ok
09:00:59.0867 2216  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:00:59.0882 2216  ErrDev - ok
09:00:59.0992 2216  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
09:01:00.0007 2216  EventSystem - ok
09:01:00.0070 2216  [ 1A7AE4575F4D56E9AA990A0B9F6BB2BB ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
09:01:00.0272 2216  ewusbnet - ok
09:01:00.0366 2216  [ E98A64C7F106740A38FB2B78197816F8 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
09:01:00.0616 2216  ew_hwusbdev - ok
09:01:00.0756 2216  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
09:01:00.0896 2216  exfat - ok
09:01:01.0146 2216  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:01:01.0146 2216  fastfat - ok
09:01:01.0208 2216  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
09:01:01.0208 2216  fdc - ok
09:01:01.0240 2216  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
09:01:01.0286 2216  fdPHost - ok
09:01:01.0286 2216  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:01:01.0302 2216  FDResPub - ok
09:01:01.0318 2216  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:01:01.0380 2216  FileInfo - ok
09:01:01.0396 2216  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:01:01.0505 2216  Filetrace - ok
09:01:01.0520 2216  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
09:01:01.0552 2216  flpydisk - ok
09:01:01.0630 2216  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:01:01.0988 2216  FltMgr - ok
09:01:02.0659 2216  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
09:01:02.0659 2216  FontCache - ok
09:01:02.0956 2216  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:01:02.0971 2216  FontCache3.0.0.0 - ok
09:01:03.0080 2216  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:01:03.0252 2216  Fs_Rec - ok
09:01:03.0330 2216  [ CBC22823628544735625B280665E434E ] FwLnk           C:\Windows\system32\DRIVERS\FwLnk.sys
09:01:03.0580 2216  FwLnk - ok
09:01:03.0689 2216  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:01:03.0767 2216  gagp30kx - ok
09:01:04.0048 2216  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files\WildTangent Games\App\GamesAppService.exe
09:01:04.0531 2216  GamesAppService - ok
09:01:04.0625 2216  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\Drivers\GEARAspiWDM.sys
09:01:04.0640 2216  GEARAspiWDM - ok
09:01:05.0561 2216  [ AE63D0DB96C07CAE5DC4CDB2B2A719A0 ] GeekBuddyRSP    C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
09:01:05.0576 2216  GeekBuddyRSP - ok
09:01:05.0795 2216  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:01:06.0108 2216  gpsvc - ok
09:01:06.0233 2216  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
09:01:06.0233 2216  gupdate - ok
09:01:06.0357 2216  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
09:01:06.0357 2216  gupdatem - ok
09:01:06.0467 2216  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:01:06.0935 2216  gusvc - ok
09:01:07.0231 2216  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:01:07.0293 2216  HdAudAddService - ok
09:01:07.0527 2216  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:01:07.0527 2216  HDAudBus - ok
09:01:07.0559 2216  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:01:07.0621 2216  HidBth - ok
09:01:07.0715 2216  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:01:07.0715 2216  HidIr - ok
09:01:07.0793 2216  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
09:01:07.0824 2216  hidserv - ok
09:01:07.0917 2216  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:01:08.0011 2216  HidUsb - ok
09:01:08.0058 2216  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:01:08.0058 2216  hkmsvc - ok
09:01:08.0136 2216  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
09:01:08.0666 2216  HpCISSs - ok
09:01:08.0916 2216  [ 1664905CC1F7F176F8A592720D9629B9 ] hshld           C:\Program Files\Hotspot Shield\bin\openvpnas.exe
09:01:08.0931 2216  hshld - ok
09:01:09.0025 2216  [ C08EC566056CCB470B2B98C0612BC0DB ] HssDRV6         C:\Windows\system32\DRIVERS\hssdrv6.sys
09:01:09.0218 2216  HssDRV6 - ok
09:01:09.0343 2216  [ 3EC456E454E7CF930B6B2FF3D1A9ED2F ] HssSrv          C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
09:01:09.0343 2216  HssSrv - ok
09:01:09.0390 2216  [ 8B20915B82ACFE7108C3BFA45C0383AE ] HssTrayService  C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
09:01:09.0390 2216  HssTrayService - ok
09:01:09.0468 2216  [ 35E91DF99B8CEAA477E0AB86052475D6 ] HssWd           C:\Program Files\Hotspot Shield\bin\hsswd.exe
09:01:09.0468 2216  HssWd - ok
09:01:09.0561 2216  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:01:09.0889 2216  HTTP - ok
09:01:09.0951 2216  [ BB3C8E4B88842F3A1B9C5D603210C277 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
09:01:10.0513 2216  huawei_enumerator - ok
09:01:10.0622 2216  [ 0B3957226EC94B1ECB7B9348BB535A23 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
09:01:10.0669 2216  hwdatacard - ok
09:01:10.0747 2216  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
09:01:10.0763 2216  i2omp - ok
09:01:10.0778 2216  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:01:10.0809 2216  i8042prt - ok
09:01:11.0059 2216  [ CB686F44BF955EA02520710A56874FA4 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
09:01:11.0059 2216  IAANTMON - ok
09:01:11.0232 2216  [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
09:01:11.0232 2216  iaStor - ok
09:01:11.0403 2216  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
09:01:11.0668 2216  iaStorV - ok
09:01:11.0856 2216  [ DAF66902F08796F9C694901660E5A64A ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
09:01:12.0277 2216  IDriverT - ok
09:01:12.0667 2216  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:01:13.0275 2216  idsvc - ok
09:01:13.0977 2216  [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\IPSDefs\20130215.002\IDSvix86.sys
09:01:15.0210 2216  IDSVix86 - ok
09:01:15.0366 2216  [ 6FB1858D1F0923D122B0331865695041 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
09:01:15.0428 2216  igfx - ok
09:01:15.0459 2216  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:01:15.0553 2216  iirsp - ok
09:01:15.0709 2216  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
09:01:16.0083 2216  IKEEXT - ok
09:01:16.0708 2216  [ F2C17D2C3D70C389193D9954E375E5E3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
09:01:17.0753 2216  IntcAzAudAddService - ok
09:01:17.0847 2216  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:01:17.0863 2216  intelide - ok
09:01:17.0878 2216  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:01:17.0878 2216  intelppm - ok
09:01:17.0909 2216  IO_Memory - ok
09:01:17.0987 2216  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:01:17.0987 2216  IPBusEnum - ok
09:01:18.0019 2216  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:01:18.0034 2216  IpFilterDriver - ok
09:01:18.0081 2216  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:01:18.0405 2216  iphlpsvc - ok
09:01:18.0421 2216  IpInIp - ok
09:01:18.0483 2216  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
09:01:18.0748 2216  IPMIDRV - ok
09:01:18.0795 2216  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
09:01:18.0826 2216  IPNAT - ok
09:01:18.0935 2216  [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:01:18.0935 2216  iPod Service - ok
09:01:19.0201 2216  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:01:19.0232 2216  IRENUM - ok
09:01:19.0279 2216  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:01:19.0341 2216  isapnp - ok
09:01:19.0372 2216  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
09:01:19.0372 2216  iScsiPrt - ok
09:01:19.0419 2216  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
09:01:19.0435 2216  iteatapi - ok
09:01:19.0466 2216  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
09:01:19.0466 2216  iteraid - ok
09:01:19.0575 2216  [ 67390C4565772D4BFA996C40D8319954 ] ivusb           C:\Windows\system32\DRIVERS\ivusb.sys
09:01:19.0871 2216  ivusb - ok
09:01:20.0043 2216  [ A2673B88E2156BFA82E795599C3C5224 ] iWinTrusted     C:\Program Files\iWin Games\iWinTrusted.exe
09:01:20.0043 2216  iWinTrusted - ok
09:01:20.0339 2216  [ 957135960E7533EA5C7EA0BFB34F8EFD ] jswpsapi        C:\Program Files\Jumpstart\jswpsapi.exe
09:01:20.0932 2216  jswpsapi - ok
09:01:20.0979 2216  [ 11AD410F41AF42BA12E63187E3EC141A ] jswpslwf        C:\Windows\system32\DRIVERS\jswpslwf.sys
09:01:21.0213 2216  jswpslwf - ok
09:01:21.0229 2216  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:01:21.0275 2216  kbdclass - ok
09:01:21.0338 2216  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:01:21.0338 2216  kbdhid - ok
09:01:21.0385 2216  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
09:01:21.0385 2216  KeyIso - ok
09:01:21.0712 2216  [ 9249D2ACEC11F8958E0FCA436C5630BD ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
09:01:21.0931 2216  Kodak AiO Network Discovery Service - ok
09:01:22.0071 2216  [ E8CA038F51F7761BD6E3A3B0B8014263 ] KR10I           C:\Windows\system32\drivers\kr10i.sys
09:01:22.0243 2216  KR10I - ok
09:01:22.0321 2216  [ 6A4ADB9186DD0E114E623DAF57E42B31 ] KR10N           C:\Windows\system32\drivers\kr10n.sys
09:01:22.0586 2216  KR10N - ok
09:01:22.0633 2216  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:01:23.0069 2216  KSecDD - ok
09:01:23.0132 2216  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:01:23.0147 2216  KtmRm - ok
09:01:23.0194 2216  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:01:23.0678 2216  LanmanServer - ok
09:01:23.0709 2216  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:01:23.0881 2216  LanmanWorkstation - ok
09:01:23.0927 2216  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:01:24.0052 2216  lltdio - ok
09:01:24.0161 2216  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:01:24.0567 2216  lltdsvc - ok
09:01:24.0629 2216  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:01:24.0629 2216  lmhosts - ok
09:01:24.0692 2216  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:01:24.0895 2216  LSI_FC - ok
09:01:24.0926 2216  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:01:25.0004 2216  LSI_SAS - ok
09:01:25.0035 2216  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:01:25.0191 2216  LSI_SCSI - ok
09:01:25.0222 2216  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
09:01:25.0331 2216  luafv - ok
09:01:25.0799 2216  [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
09:01:26.0642 2216  McComponentHostService - ok
09:01:26.0720 2216  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:01:26.0751 2216  Mcx2Svc - ok
09:01:27.0047 2216  [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
09:01:27.0063 2216  MDM - ok
09:01:27.0125 2216  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
09:01:27.0235 2216  megasas - ok
09:01:27.0281 2216  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
09:01:27.0484 2216  MegaSR - ok
09:01:27.0827 2216  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
09:01:27.0890 2216  Microsoft Office Groove Audit Service - ok
09:01:28.0015 2216  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
09:01:28.0108 2216  MMCSS - ok
09:01:28.0139 2216  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
09:01:28.0155 2216  Modem - ok
09:01:28.0233 2216  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:01:28.0249 2216  monitor - ok
09:01:28.0327 2216  [ FE80C18BA448DDD76B7BEAD9EB203D37 ] motmodem        C:\Windows\system32\DRIVERS\motmodem.sys
09:01:28.0342 2216  motmodem - ok
09:01:28.0483 2216  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:01:28.0654 2216  mouclass - ok
09:01:28.0732 2216  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:01:28.0748 2216  mouhid - ok
09:01:28.0795 2216  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
09:01:28.0888 2216  MountMgr - ok
09:01:28.0935 2216  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:01:28.0966 2216  mpio - ok
09:01:28.0997 2216  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:01:29.0044 2216  mpsdrv - ok
09:01:29.0185 2216  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:01:29.0247 2216  MpsSvc - ok
09:01:29.0341 2216  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
09:01:29.0403 2216  Mraid35x - ok
09:01:29.0465 2216  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:01:29.0590 2216  MRxDAV - ok
09:01:29.0653 2216  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:01:29.0887 2216  mrxsmb - ok
09:01:29.0980 2216  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:01:30.0339 2216  mrxsmb10 - ok
09:01:30.0511 2216  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:01:30.0713 2216  mrxsmb20 - ok
09:01:30.0807 2216  [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:01:31.0041 2216  msahci - ok
09:01:31.0197 2216  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:01:31.0306 2216  msdsm - ok
09:01:31.0369 2216  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
09:01:31.0369 2216  MSDTC - ok
09:01:31.0431 2216  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:01:31.0462 2216  Msfs - ok
09:01:31.0915 2216  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:01:31.0930 2216  msisadrv - ok
09:01:32.0008 2216  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:01:32.0149 2216  MSiSCSI - ok
09:01:32.0164 2216  msiserver - ok
09:01:32.0242 2216  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:01:32.0336 2216  MSKSSRV - ok
09:01:32.0429 2216  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:01:32.0507 2216  MSPCLOCK - ok
09:01:32.0570 2216  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:01:32.0617 2216  MSPQM - ok
09:01:32.0804 2216  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:01:32.0929 2216  MsRPC - ok
09:01:33.0038 2216  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
09:01:33.0053 2216  mssmbios - ok
09:01:33.0116 2216  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:01:33.0194 2216  MSTEE - ok
09:01:33.0256 2216  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
09:01:33.0319 2216  Mup - ok
09:01:33.0506 2216  [ F2840DBFE9322F35557219AE82CC4597 ] N360            C:\Program Files\Norton Security Suite\Engine\6.4.1.14\ccSvcHst.exe
09:01:33.0506 2216  N360 - ok
09:01:33.0631 2216  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
09:01:33.0724 2216  napagent - ok
09:01:33.0771 2216  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:01:33.0833 2216  NativeWifiP - ok
09:01:34.0036 2216  [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\VirusDefs\20130216.009\NAVENG.SYS
09:01:34.0223 2216  NAVENG - ok
09:01:34.0739 2216  [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\VirusDefs\20130216.009\NAVEX15.SYS
09:01:36.0330 2216  NAVEX15 - ok
09:01:36.0564 2216  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:01:36.0939 2216  NDIS - ok
09:01:37.0017 2216  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:01:37.0048 2216  NdisTapi - ok
09:01:37.0095 2216  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:01:37.0157 2216  Ndisuio - ok
09:01:37.0344 2216  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:01:37.0391 2216  NdisWan - ok
09:01:37.0485 2216  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:01:37.0641 2216  NDProxy - ok
09:01:37.0797 2216  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:01:37.0828 2216  NetBIOS - ok
09:01:37.0906 2216  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
09:01:37.0968 2216  netbt - ok
09:01:38.0031 2216  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
09:01:38.0031 2216  Netlogon - ok
09:01:38.0187 2216  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
09:01:38.0202 2216  Netman - ok
09:01:38.0343 2216  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
09:01:38.0499 2216  netprofm - ok
09:01:38.0561 2216  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:01:38.0858 2216  NetTcpPortSharing - ok
09:01:38.0904 2216  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:01:38.0904 2216  nfrd960 - ok
09:01:39.0029 2216  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:01:39.0029 2216  NlaSvc - ok
09:01:39.0123 2216  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:01:39.0185 2216  Npfs - ok
09:01:39.0450 2216  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
09:01:39.0482 2216  nsi - ok
09:01:39.0606 2216  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:01:39.0669 2216  nsiproxy - ok
09:01:39.0981 2216  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:01:40.0901 2216  Ntfs - ok
09:01:41.0135 2216  [ 07953351A3424BAA50FC5C4A1434FB04 ] NTI BackupNowEZSvr C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
09:01:41.0135 2216  NTI BackupNowEZSvr - ok
09:01:41.0229 2216  [ 6DCAA65F49EF3B97A5CFFC0CB5DE1C2F ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
09:01:41.0510 2216  NTIDrvr - ok
09:01:41.0603 2216  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
09:01:41.0697 2216  ntrigdigi - ok
09:01:41.0931 2216  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
09:01:42.0040 2216  Null - ok
09:01:42.0180 2216  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:01:42.0258 2216  nvraid - ok
09:01:42.0352 2216  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:01:42.0461 2216  nvstor - ok
09:01:42.0555 2216  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:01:42.0929 2216  nv_agp - ok
09:01:42.0960 2216  NwlnkFlt - ok
09:01:42.0976 2216  NwlnkFwd - ok
09:01:43.0288 2216  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:01:44.0115 2216  odserv - ok
09:01:44.0146 2216  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:01:44.0318 2216  ohci1394 - ok
09:01:44.0489 2216  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:01:45.0020 2216  ose - ok
09:01:45.0441 2216  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
09:01:47.0453 2216  p2pimsvc - ok
09:01:48.0015 2216  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:01:48.0030 2216  p2psvc - ok
09:01:48.0186 2216  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
09:01:48.0342 2216  Parport - ok
09:01:48.0576 2216  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:01:48.0717 2216  partmgr - ok
09:01:49.0185 2216  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
09:01:49.0232 2216  Parvdm - ok
09:01:49.0278 2216  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:01:49.0403 2216  PcaSvc - ok
09:01:49.0559 2216  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
09:01:49.0668 2216  pci - ok
09:01:49.0856 2216  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
09:01:50.0012 2216  pciide - ok
09:01:50.0324 2216  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:01:50.0558 2216  pcmcia - ok
09:01:51.0244 2216  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:01:52.0523 2216  PEAUTH - ok
09:01:53.0724 2216  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
09:01:54.0692 2216  pla - ok
09:01:54.0770 2216  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:01:55.0409 2216  PlugPlay - ok
09:01:55.0971 2216  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
09:01:56.0704 2216  PNRPAutoReg - ok
09:01:56.0907 2216  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
09:01:56.0907 2216  PNRPsvc - ok
09:01:57.0219 2216  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:01:57.0266 2216  PolicyAgent - ok
09:01:57.0406 2216  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:01:57.0468 2216  PptpMiniport - ok
09:01:57.0624 2216  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
09:01:57.0890 2216  Processor - ok
09:01:58.0327 2216  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:01:58.0390 2216  ProfSvc - ok
09:01:58.0593 2216  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
09:01:58.0593 2216  ProtectedStorage - ok
09:01:58.0795 2216  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
09:01:58.0827 2216  PSched - ok
09:01:58.0936 2216  [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
09:01:59.0170 2216  PxHelp20 - ok
09:01:59.0310 2216  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:02:01.0759 2216  ql2300 - ok
09:02:01.0869 2216  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:02:01.0900 2216  ql40xx - ok
09:02:01.0947 2216  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
09:02:02.0321 2216  QWAVE - ok
09:02:02.0430 2216  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:02:02.0430 2216  QWAVEdrv - ok
09:02:02.0555 2216  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:02:02.0727 2216  RasAcd - ok
09:02:02.0851 2216  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
09:02:02.0914 2216  RasAuto - ok
09:02:02.0961 2216  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:02:03.0163 2216  Rasl2tp - ok
09:02:03.0413 2216  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
09:02:04.0443 2216  RasMan - ok
09:02:04.0536 2216  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:02:04.0583 2216  RasPppoe - ok
09:02:04.0661 2216  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:02:04.0786 2216  RasSstp - ok
09:02:04.0957 2216  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:02:05.0207 2216  rdbss - ok
09:02:05.0347 2216  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:02:05.0441 2216  RDPCDD - ok
09:02:05.0503 2216  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
09:02:05.0613 2216  rdpdr - ok
09:02:05.0706 2216  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:02:05.0753 2216  RDPENCDD - ok
09:02:05.0956 2216  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:02:06.0190 2216  RDPWD - ok
09:02:06.0737 2216  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
09:02:06.0737 2216  RealNetworks Downloader Resolver Service - ok
09:02:06.0893 2216  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:02:07.0064 2216  RemoteAccess - ok
09:02:07.0423 2216  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:02:07.0860 2216  RemoteRegistry - ok
09:02:08.0047 2216  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
09:02:08.0437 2216  RpcLocator - ok
09:02:08.0702 2216  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
09:02:08.0702 2216  RpcSs - ok
09:02:08.0843 2216  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:02:08.0890 2216  rspndr - ok
09:02:09.0108 2216  [ F1ED9FFA59C369E72BC53A7631346F61 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
09:02:09.0108 2216  RSUSBSTOR - ok
09:02:09.0295 2216  [ 811C4A6EA5C3B8C07352D4503409EF26 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
09:02:10.0216 2216  RTL8169 - ok
09:02:10.0294 2216  [ 9FF7D9CF3A5F296613588B0E8DB83AFE ] RTSTOR          C:\Windows\system32\drivers\RTSTOR.SYS
09:02:10.0668 2216  RTSTOR - ok
09:02:10.0746 2216  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
09:02:10.0746 2216  SamSs - ok
09:02:10.0793 2216  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:02:10.0964 2216  sbp2port - ok
09:02:11.0105 2216  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:02:11.0542 2216  SCardSvr - ok
09:02:11.0744 2216  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
09:02:13.0164 2216  Schedule - ok
09:02:13.0320 2216  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:02:13.0320 2216  SCPolicySvc - ok
09:02:13.0507 2216  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:02:13.0663 2216  SDRSVC - ok
09:02:13.0741 2216  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:02:13.0772 2216  secdrv - ok
09:02:13.0944 2216  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
09:02:14.0006 2216  seclogon - ok
09:02:14.0053 2216  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
09:02:14.0116 2216  SENS - ok
09:02:14.0491 2216  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
09:02:14.0725 2216  Serenum - ok
09:02:14.0787 2216  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
09:02:14.0819 2216  Serial - ok
09:02:14.0912 2216  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:02:14.0928 2216  sermouse - ok
09:02:15.0037 2216  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:02:15.0255 2216  SessionEnv - ok
09:02:15.0411 2216  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:02:15.0567 2216  sffdisk - ok
09:02:15.0614 2216  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:02:15.0614 2216  sffp_mmc - ok
09:02:15.0661 2216  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:02:15.0879 2216  sffp_sd - ok
09:02:16.0035 2216  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:02:16.0098 2216  sfloppy - ok
09:02:16.0176 2216  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:02:16.0269 2216  SharedAccess - ok
09:02:16.0535 2216  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:02:16.0550 2216  ShellHWDetection - ok
09:02:16.0675 2216  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
09:02:16.0862 2216  sisagp - ok
09:02:16.0909 2216  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
09:02:16.0987 2216  SiSRaid2 - ok
09:02:17.0096 2216  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:02:17.0205 2216  SiSRaid4 - ok
09:02:18.0453 2216  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
09:02:18.0516 2216  slsvc - ok
09:02:18.0594 2216  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
09:02:18.0703 2216  SLUINotify - ok
09:02:19.0031 2216  [ 3566310DF25EA5C3B2E9F50F5B50EAC1 ] SmartFaceVWatchSrv C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
09:02:19.0062 2216  SmartFaceVWatchSrv - ok
09:02:19.0155 2216  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:02:19.0233 2216  Smb - ok
09:02:19.0436 2216  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:02:19.0514 2216  SNMPTRAP - ok
09:02:19.0561 2216  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
09:02:19.0592 2216  spldr - ok
09:02:19.0733 2216  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
09:02:19.0748 2216  Spooler - ok
09:02:20.0310 2216  [ 7BB297CADA42903328E92425D9761DA6 ] SRTSP           C:\Windows\System32\Drivers\N360\0604010.00E\SRTSP.SYS
09:02:20.0981 2216  SRTSP - ok
09:02:21.0293 2216  [ 475FCF0F28D845BF1C8ABAC27F19003E ] SRTSPX          C:\Windows\system32\drivers\N360\0604010.00E\SRTSPX.SYS
09:02:22.0323 2216  SRTSPX - ok
09:02:22.0464 2216  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:02:23.0119 2216  srv - ok
09:02:23.0275 2216  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:02:24.0024 2216  srv2 - ok
09:02:24.0133 2216  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:02:24.0507 2216  srvnet - ok
09:02:24.0804 2216  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:02:24.0882 2216  SSDPSRV - ok
09:02:25.0209 2216  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:02:25.0240 2216  SstpSvc - ok
09:02:25.0428 2216  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
09:02:25.0927 2216  stisvc - ok
09:02:26.0208 2216  [ 3E4239B92139F7174A0DA7D53FE5E1AB ] SVRPEDRV        C:\Windows\System32\sysprep\PEDrv.sys
09:02:26.0785 2216  SVRPEDRV - ok
09:02:26.0925 2216  [ 29D6A9672680A74C625E99DCA507C754 ] SWDUMon         C:\Windows\system32\DRIVERS\SWDUMon.sys
09:02:26.0956 2216  SWDUMon - ok
09:02:27.0081 2216  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
09:02:27.0144 2216  swenum - ok
09:02:27.0300 2216  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
09:02:27.0674 2216  swprv - ok
09:02:27.0783 2216  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
09:02:27.0924 2216  Symc8xx - ok
09:02:28.0064 2216  [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS           C:\Windows\system32\drivers\N360\0604010.00E\SYMDS.SYS
09:02:28.0064 2216  SymDS - ok
09:02:28.0501 2216  [ 8F88EDB211B12537D2DC2A6D73D6067C ] SymEFA          C:\Windows\system32\drivers\N360\0604010.00E\SYMEFA.SYS
09:02:30.0326 2216  SymEFA - ok
09:02:30.0842 2216  [ 74E2521E96176A4449570E50BE91954D ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
09:02:31.0810 2216  SymEvent - ok
09:02:31.0997 2216  [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON         C:\Windows\system32\drivers\N360\0604010.00E\Ironx86.SYS
09:02:32.0793 2216  SymIRON - ok
09:02:33.0183 2216  [ 40C6E6417C8B7D7FCF82CFBE71525795 ] SYMTDIv         C:\Windows\System32\Drivers\N360\0604010.00E\SYMTDIV.SYS
09:02:34.0041 2216  SYMTDIv - ok
09:02:34.0166 2216  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
09:02:34.0337 2216  Sym_hi - ok
09:02:34.0431 2216  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
09:02:34.0649 2216  Sym_u3 - ok
09:02:34.0805 2216  [ 55F6E55CC2430CA8713387106FA79817 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
09:02:35.0398 2216  SynTP - ok
09:02:35.0741 2216  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
09:02:38.0222 2216  SysMain - ok
09:02:38.0409 2216  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:02:38.0830 2216  TabletInputService - ok
09:02:39.0158 2216  [ A69C1848E37482C855D94AA05145086C ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
09:02:39.0875 2216  taphss6 - ok
09:02:40.0062 2216  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:02:40.0250 2216  TapiSrv - ok
09:02:40.0328 2216  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
09:02:40.0328 2216  TBS - ok
09:02:41.0061 2216  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:02:43.0104 2216  Tcpip - ok
09:02:43.0697 2216  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
09:02:43.0713 2216  Tcpip6 - ok
09:02:43.0869 2216  [ B1A9E04D803FDE6B78314455211B726E ] tcpipBM         C:\Windows\system32\drivers\tcpipBM.sys
09:02:44.0384 2216  tcpipBM - ok
09:02:44.0602 2216  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:02:44.0867 2216  tcpipreg - ok
09:02:45.0055 2216  [ 6FDFBA25002CE4BAC463AC866AE71405 ] tdcmdpst        C:\Windows\system32\DRIVERS\tdcmdpst.sys
09:02:45.0367 2216  tdcmdpst - ok
09:02:45.0445 2216  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:02:45.0523 2216  TDPIPE - ok
09:02:45.0664 2216  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:02:45.0695 2216  TDTCP - ok
09:02:45.0851 2216  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:02:45.0929 2216  tdx - ok
09:02:45.0976 2216  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
09:02:46.0054 2216  TermDD - ok
09:02:46.0288 2216  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
09:02:47.0302 2216  TermService - ok
09:02:47.0442 2216  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
09:02:47.0442 2216  Themes - ok
09:02:47.0520 2216  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
09:02:47.0536 2216  THREADORDER - ok
09:02:47.0832 2216  [ E09CAAFB2B323A6FF120CEFB96DA0A44 ] TMachInfo       C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
09:02:47.0832 2216  TMachInfo - ok
09:02:48.0066 2216  [ 89F74C86523F5E334628DBCE66E6D165 ] TNaviSrv        C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
09:02:48.0160 2216  TNaviSrv - ok
09:02:48.0331 2216  [ C5AC715B65B01788ABC22D10749DDDD8 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
09:02:48.0331 2216  TODDSrv - ok
09:02:48.0971 2216  [ 44DBAC611B11646683B5B066A049B8E4 ] TosCoSrv        C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
09:02:48.0987 2216  TosCoSrv - ok
09:02:49.0111 2216  [ 22690DFFC7F2A18279A7A0489AA02BAC ] TOSHIBA SMART Log Service C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
09:02:49.0111 2216  TOSHIBA SMART Log Service - ok
09:02:49.0252 2216  [ 4399A9BF7D8F49991A07FD86590A1619 ] tos_sps32       C:\Windows\system32\DRIVERS\tos_sps32.sys
09:02:49.0829 2216  tos_sps32 - ok
09:02:50.0110 2216  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
09:02:50.0188 2216  TrkWks - ok
09:02:50.0375 2216  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:02:50.0437 2216  TrustedInstaller - ok
09:02:50.0547 2216  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:02:50.0578 2216  tssecsrv - ok
09:02:50.0593 2216  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
09:02:50.0687 2216  tunmp - ok
09:02:50.0749 2216  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:02:50.0968 2216  tunnel - ok
09:02:51.0124 2216  [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
09:02:51.0155 2216  TVALZ - ok
09:02:51.0250 2216  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:02:51.0343 2216  uagp35 - ok
09:02:51.0702 2216  [ D79C0B9BB011218B93705CBF77FA3E5E ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
09:02:52.0389 2216  UBHelper - ok
09:02:52.0592 2216  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:02:52.0998 2216  udfs - ok
09:02:53.0185 2216  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:02:53.0247 2216  UI0Detect - ok
09:02:53.0622 2216  [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
09:02:53.0622 2216  UleadBurningHelper - ok
09:02:53.0762 2216  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:02:54.0105 2216  uliagpkx - ok
09:02:54.0215 2216  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
09:02:54.0698 2216  uliahci - ok
09:02:55.0151 2216  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
09:02:55.0400 2216  UlSata - ok
09:02:55.0650 2216  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
09:02:55.0884 2216  ulsata2 - ok
09:02:55.0993 2216  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:02:56.0102 2216  umbus - ok
09:02:56.0180 2216  [ 88BD96A1BAEED33EE8BDF9499C07A841 ] UMPass          C:\Windows\system32\DRIVERS\umpass.sys
09:02:56.0258 2216  UMPass - ok
09:02:56.0539 2216  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
09:02:57.0210 2216  upnphost - ok
09:02:57.0335 2216  [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
09:02:58.0146 2216  USBAAPL - ok
09:02:58.0255 2216  [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
09:02:58.0458 2216  usbaudio - ok
09:02:58.0707 2216  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:02:59.0066 2216  usbccgp - ok
09:02:59.0319 2216  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:02:59.0615 2216  usbcir - ok
09:02:59.0678 2216  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:02:59.0880 2216  usbehci - ok
09:03:00.0021 2216  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:03:00.0317 2216  usbhub - ok
09:03:00.0442 2216  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:03:00.0926 2216  usbohci - ok
09:03:01.0160 2216  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:03:01.0362 2216  usbprint - ok
09:03:01.0503 2216  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:03:01.0737 2216  usbscan - ok
09:03:02.0205 2216  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:03:02.0314 2216  USBSTOR - ok
09:03:02.0579 2216  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
09:03:02.0813 2216  usbuhci - ok
09:03:02.0985 2216  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
09:03:03.0312 2216  usbvideo - ok
09:03:03.0359 2216  [ 8C5094A8AB24DE7496C7C19942F2DF04 ] UVCFTR          C:\Windows\system32\Drivers\UVCFTR_S.SYS
09:03:03.0515 2216  UVCFTR - ok
09:03:03.0780 2216  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
09:03:04.0108 2216  UxSms - ok
09:03:04.0451 2216  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
09:03:05.0106 2216  vds - ok
09:03:05.0231 2216  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:03:05.0590 2216  vga - ok
09:03:05.0637 2216  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:03:05.0746 2216  VgaSave - ok
09:03:06.0339 2216  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
09:03:06.0651 2216  viaagp - ok
09:03:06.0869 2216  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
09:03:07.0025 2216  ViaC7 - ok
09:03:07.0197 2216  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
09:03:07.0322 2216  viaide - ok
09:03:07.0478 2216  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:03:07.0602 2216  volmgr - ok
09:03:07.0899 2216  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:03:08.0601 2216  volmgrx - ok
09:03:08.0882 2216  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:03:09.0818 2216  volsnap - ok
09:03:10.0972 2216  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:03:11.0658 2216  vsmraid - ok
09:03:12.0626 2216  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
09:03:15.0044 2216  VSS - ok
09:03:17.0415 2216  [ 222D84CBE6A428A66A513B339EC633C8 ] vToolbarUpdater14.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
09:03:17.0430 2216  vToolbarUpdater14.2.0 - ok
09:03:17.0883 2216  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
09:03:18.0803 2216  W32Time - ok
09:03:19.0646 2216  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:03:19.0802 2216  WacomPen - ok
09:03:21.0346 2216  [ 4AA2CC5979AFF984227364F2C23B04F3 ] WajamUpdater    C:\Program Files\Wajam\Updater\WajamUpdater.exe
09:03:22.0828 2216  WajamUpdater - ok
09:03:22.0890 2216  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
09:03:23.0156 2216  Wanarp - ok
09:03:23.0468 2216  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:03:23.0483 2216  Wanarpv6 - ok
09:03:24.0170 2216  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:03:24.0185 2216  wcncsvc - ok
09:03:24.0762 2216  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:03:25.0090 2216  WcsPlugInService - ok
09:03:25.0371 2216  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
09:03:25.0745 2216  Wd - ok
09:03:26.0369 2216  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:03:29.0006 2216  Wdf01000 - ok
09:03:29.0099 2216  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:03:29.0458 2216  WdiServiceHost - ok
09:03:29.0988 2216  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:03:30.0004 2216  WdiSystemHost - ok
09:03:30.0940 2216  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
09:03:31.0782 2216  WebClient - ok
09:03:32.0142 2216  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:03:33.0251 2216  Wecsvc - ok
09:03:33.0516 2216  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:03:33.0844 2216  wercplsupport - ok
09:03:34.0093 2216  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:03:34.0296 2216  WerSvc - ok
09:03:35.0014 2216  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
09:03:35.0638 2216  WinDefend - ok
09:03:35.0669 2216  WinHttpAutoProxySvc - ok
09:03:37.0650 2216  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:03:38.0212 2216  Winmgmt - ok
09:03:39.0179 2216  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:03:43.0486 2216  WinRM - ok
09:03:44.0672 2216  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:03:46.0216 2216  Wlansvc - ok
09:03:46.0466 2216  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:03:46.0934 2216  WmiAcpi - ok
09:03:47.0152 2216  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:03:47.0839 2216  wmiApSrv - ok
09:03:48.0400 2216  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
09:03:50.0740 2216  WMPNetworkSvc - ok
09:03:50.0850 2216  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:03:51.0193 2216  WPCSvc - ok
09:03:51.0474 2216  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:03:52.0020 2216  WPDBusEnum - ok
09:03:52.0254 2216  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
09:03:52.0519 2216  WpdUsb - ok
09:03:54.0656 2216  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:03:56.0731 2216  WPFFontCache_v0400 - ok
09:03:56.0840 2216  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:03:56.0934 2216  ws2ifsl - ok
09:03:57.0246 2216  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
09:03:57.0277 2216  wscsvc - ok
09:03:57.0324 2216  WSearch - ok
09:03:58.0618 2216  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
09:04:00.0399 2216  wuauserv - ok
09:04:00.0633 2216  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:04:00.0773 2216  WudfPf - ok
09:04:01.0132 2216  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:04:02.0021 2216  WUDFRd - ok
09:04:02.0224 2216  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:04:02.0505 2216  wudfsvc - ok
09:04:02.0754 2216  ================ Scan global ===============================
09:04:04.0377 2216  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
09:04:05.0219 2216  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
09:04:06.0311 2216  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
09:04:06.0732 2216  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
09:04:06.0732 2216  [Global] - ok
09:04:06.0732 2216  ================ Scan MBR ==================================
09:04:07.0044 2216  [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
09:04:47.0855 2216  \Device\Harddisk0\DR0 - ok
09:04:47.0855 2216  ================ Scan VBR ==================================
09:04:47.0902 2216  [ B309D787E66E6D883FD97405F4805245 ] \Device\Harddisk0\DR0\Partition1
09:04:47.0949 2216  \Device\Harddisk0\DR0\Partition1 - ok
09:04:47.0949 2216  ============================================================
09:04:47.0949 2216  Scan finished
09:04:47.0949 2216  ============================================================
09:04:47.0980 4328  Detected object count: 0
09:04:47.0980 4328  Actual detected object count: 0
09:08:33.0855 5580  Deinitialize success
 

The DDS scan asked that I zip one of the notes that popped up and attach it but I can't seem to figure out how to do that on this reply >_<

 

Thanks for all your help!



#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,076 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:03 AM

Posted 17 February 2013 - 12:41 PM

Hello again,

Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#5 Icyfyre

Icyfyre
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 17 February 2013 - 03:12 PM

# AdwCleaner v2.112 - Logfile created 02/17/2013 at 13:10:38
# Updated 10/02/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Icyfyre - ICYFYRE-PC
# Boot Mode : Normal
# Running from : C:\Users\Icyfyre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1CJQQ85\AdwCleaner.exe
# Option [Search]


***** [Services] *****

Found : Application Updater
Found : WajamUpdater

***** [Files / Folders] *****

Folder Found : C:\Program Files\4shared.com
Folder Found : C:\Program Files\Application Updater
Folder Found : C:\Program Files\Common Files\AVG Secure Search
Folder Found : C:\Program Files\Common Files\spigot
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\ConduitEngine
Folder Found : C:\Program Files\FunWebProducts
Folder Found : C:\Program Files\MyWebSearch
Folder Found : C:\Program Files\Vuze Remote toolbar
Folder Found : C:\Program Files\Vuze_Remote
Folder Found : C:\Program Files\Vuze_Remote
Folder Found : C:\Program Files\Wajam
Folder Found : C:\Program Files\Zynga
Folder Found : C:\Program Files\Zynga
Folder Found : C:\ProgramData\Trymedia
Folder Found : C:\Users\Icyfyre\AppData\Local\Conduit
Folder Found : C:\Users\Icyfyre\AppData\Local\Smartbar
Folder Found : C:\Users\Icyfyre\AppData\Local\Temp\Smartbar
Folder Found : C:\Users\Icyfyre\AppData\Local\Wajam
Folder Found : C:\Users\Icyfyre\AppData\LocalLow\4shared.com
Folder Found : C:\Users\Icyfyre\AppData\LocalLow\Conduit
Folder Found : C:\Users\Icyfyre\AppData\LocalLow\ConduitEngine
Folder Found : C:\Users\Icyfyre\AppData\LocalLow\FunWebProducts
Folder Found : C:\Users\Icyfyre\AppData\LocalLow\MyWebSearch
Folder Found : C:\Users\Icyfyre\AppData\LocalLow\Search Settings
Folder Found : C:\Users\Icyfyre\AppData\LocalLow\Smartbar
Folder Found : C:\Users\Icyfyre\AppData\LocalLow\Vuze Remote
Folder Found : C:\Users\Icyfyre\AppData\LocalLow\Vuze_Remote
Folder Found : C:\Users\Icyfyre\AppData\LocalLow\Vuze_Remote
Folder Found : C:\Users\Icyfyre\AppData\LocalLow\Zynga
Folder Found : C:\Users\Icyfyre\AppData\LocalLow\Zynga
Folder Found : C:\Users\Icyfyre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\4shared.com
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Found : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Found : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\AppDataLow\Software\Vuze_Remote
Key Found : HKCU\Software\AppDataLow\Software\Zynga
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{69517302-6571-4D2B-8F9A-9ACA38B82A43}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\4shared.com Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Vuze_Remote Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Zynga Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{69517302-6571-4D2B-8F9A-9ACA38B82A43}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{69517302-6571-4D2B-8F9A-9ACA38B82A43}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F28F9852-5AF7-4A5F-8694-EAD119F1A9FB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDC2A269-D3AD-4895-8366-C6D442B24F82}
Key Found : HKCU\Software\Search Settings
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\SmartbarBackup
Key Found : HKCU\Software\SmartbarLog
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Wajam
Key Found : HKLM\Software\4shared.com
Key Found : HKLM\Software\Application Updater
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Found : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03CF7794-BB49-4995-B1B0-A21190F01DF4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69517302-6571-4D2B-8F9A-9ACA38B82A43}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F28F9852-5AF7-4A5F-8694-EAD119F1A9FB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FDC2A269-D3AD-4895-8366-C6D442B24F82}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2233703
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2438727
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Found : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Found : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Found : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\FocusInteractive
Key Found : HKLM\Software\Fun Web Products
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2EDBB298-8B70-4E83-B594-C6CC17C6D96A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95D6D737-96CC-4F0A-AA86-BA81D264D255}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9DE4F73F-1468-4FC8-9623-771F8BBB8CDD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Found : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03CF7794-BB49-4995-B1B0-A21190F01DF4}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F28F9852-5AF7-4A5F-8694-EAD119F1A9FB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FDC2A269-D3AD-4895-8366-C6D442B24F82}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\4shared.com Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Zynga Toolbar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\MyWebSearch
Key Found : HKLM\Software\Search Settings
Key Found : HKLM\SOFTWARE\Software
Key Found : HKLM\Software\Vuze_Remote
Key Found : HKLM\Software\Wajam
Key Found : HKLM\Software\Zynga
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Found : HKU\S-1-5-21-3017558816-1494471094-2194061350-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKU\S-1-5-21-3017558816-1494471094-2194061350-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{05478A66-EDB6-4A22-A870-A5987F80A7DA}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{05478A66-EDB6-4A22-A870-A5987F80A7DA}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Icyfyre\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [19692 octets] - [17/02/2013 13:10:38]

########## EOF - C:\AdwCleaner[R1].txt - [19753 octets] ##########



#6 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,076 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:03 AM

Posted 17 February 2013 - 03:24 PM

Please rerun AdwCleaner with the Delete option and post the resulting log.

When done let me know what problems you still have left.


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#7 Icyfyre

Icyfyre
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 17 February 2013 - 04:33 PM

Everything seems to be running well! Google no longer takes me to random websites and the computer's speed is back up to what it was a few days ago.

 

# AdwCleaner v2.112 - Logfile created 02/17/2013 at 13:41:22
# Updated 10/02/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Icyfyre - ICYFYRE-PC
# Boot Mode : Normal
# Running from : C:\Users\Icyfyre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1CJQQ85\AdwCleaner (1).exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Application Updater
Stopped & Deleted : WajamUpdater

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\4shared.com
Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\Common Files\spigot
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\ConduitEngine
Folder Deleted : C:\Program Files\FunWebProducts
Folder Deleted : C:\Program Files\MyWebSearch
Folder Deleted : C:\Program Files\Vuze Remote toolbar
Folder Deleted : C:\Program Files\Vuze_Remote
Folder Deleted : C:\Program Files\Wajam
Folder Deleted : C:\Program Files\Zynga
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\Icyfyre\AppData\Local\Conduit
Folder Deleted : C:\Users\Icyfyre\AppData\Local\Smartbar
Folder Deleted : C:\Users\Icyfyre\AppData\Local\Temp\Smartbar
Folder Deleted : C:\Users\Icyfyre\AppData\Local\Wajam
Folder Deleted : C:\Users\Icyfyre\AppData\LocalLow\4shared.com
Folder Deleted : C:\Users\Icyfyre\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Icyfyre\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Icyfyre\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Icyfyre\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\Icyfyre\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Icyfyre\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\Icyfyre\AppData\LocalLow\Vuze Remote
Folder Deleted : C:\Users\Icyfyre\AppData\LocalLow\Vuze_Remote
Folder Deleted : C:\Users\Icyfyre\AppData\LocalLow\Zynga
Folder Deleted : C:\Users\Icyfyre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\4shared.com
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\Vuze_Remote
Key Deleted : HKCU\Software\AppDataLow\Software\Zynga
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{69517302-6571-4D2B-8F9A-9ACA38B82A43}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\4shared.com Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Vuze_Remote Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Zynga Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{69517302-6571-4D2B-8F9A-9ACA38B82A43}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{69517302-6571-4D2B-8F9A-9ACA38B82A43}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F28F9852-5AF7-4A5F-8694-EAD119F1A9FB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDC2A269-D3AD-4895-8366-C6D442B24F82}
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\SmartbarBackup
Key Deleted : HKCU\Software\SmartbarLog
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKLM\Software\4shared.com
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03CF7794-BB49-4995-B1B0-A21190F01DF4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69517302-6571-4D2B-8F9A-9ACA38B82A43}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F28F9852-5AF7-4A5F-8694-EAD119F1A9FB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDC2A269-D3AD-4895-8366-C6D442B24F82}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2233703
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2438727
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\FocusInteractive
Key Deleted : HKLM\Software\Fun Web Products
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2EDBB298-8B70-4E83-B594-C6CC17C6D96A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95D6D737-96CC-4F0A-AA86-BA81D264D255}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9DE4F73F-1468-4FC8-9623-771F8BBB8CDD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03CF7794-BB49-4995-B1B0-A21190F01DF4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F28F9852-5AF7-4A5F-8694-EAD119F1A9FB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FDC2A269-D3AD-4895-8366-C6D442B24F82}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\4shared.com Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Zynga Toolbar
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\MyWebSearch
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\Software\Vuze_Remote
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKLM\Software\Zynga
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{05478A66-EDB6-4A22-A870-A5987F80A7DA}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{05478A66-EDB6-4A22-A870-A5987F80A7DA}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Icyfyre\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [19823 octets] - [17/02/2013 13:10:38]
AdwCleaner[S1].txt - [18872 octets] - [17/02/2013 13:41:22]

########## EOF - C:\AdwCleaner[S1].txt - [18933 octets] ##########



#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,076 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:03 AM

Posted 18 February 2013 - 03:11 AM

I'm glad to hear that! :)

Could you please rerun DDS and this time check the option for attach.txt as well, post me both logs (no need to attach them, just paste them into the reply box)


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#9 Icyfyre

Icyfyre
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 18 February 2013 - 10:56 AM

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16464  BrowserJavaVersion: 1.6.0_06
Run by Icyfyre at 8:48:05 on 2013-02-18
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.2939.1215 [GMT -7:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\ProgramData\DatacardService\DCService.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\iWin Games\iWinTrusted.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Norton Security Suite\Engine\6.4.1.14\ccSvcHst.exe
C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Norton Security Suite\Engine\6.4.1.14\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\FixCleaner\FixCleaner.exe
C:\Windows\system32\taskeng.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\DriverUpdate\DriverUpdate.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\Program Files\Real\realplayer\Update\realsched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\igfxext.exe
C:\ProgramData\Cricket Broadband EC1705\userdata\ouc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.0.318\McAfeeMSS_IE.dll
BHO: {1036AD63-AEAC-460B-9060-C96005D4DC86} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton security suite\engine\6.4.1.14\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton security suite\engine\6.4.1.14\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_06\bin\ssv.dll
BHO: IEHlprObj Class: {8CA5ED52-F3FB-4414-A105-2E3491156990} - c:\program files\iwin games\iWinGamesHookIE.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Privacy Safeguard BHO: {A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} - c:\program files\privacysafeguard\PrivacySafeGuard.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\6.4.1.14\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\6.4.1.14\coieplg.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [HW_OPENEYE_OUC_Cricket Broadband EC1705] "c:\program files\cricket broadband ec1705\updatedog\ouc.exe"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start
mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
mRun: [HSON] c:\program files\toshiba\tbs\HSON.exe
mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [NDSTray.exe] NDSTray.exe
mRun: [cfFncEnabler.exe] cfFncEnabler.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Conime] c:\windows\system32\conime.exe
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [IJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.exe
mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [BackupNowEZtray] "c:\program files\nti\nti backup now ez\BackupNowEZtray.exe" -k
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.318\SSScheduler.exe
uPolicies-Explorer: NoThumbnailCache = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: netzero.com
Trusted Zone: netzero.net
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
TCP: NameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{9202F140-B62C-4A6E-9E3F-3275DE1C6B69} : DHCPNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{9A244977-5B2A-415B-AD3B-59762EEFBAC8} : DHCPNameServer = 8.8.8.8
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs=  
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0604010.00e\symds.sys [2013-2-5 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0604010.00e\symefa.sys [2013-2-5 924320]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-2-16 33112]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.1.2.10\definitions\bashdefs\20130208.001\BHDrvx86.sys [2013-2-12 997464]
R1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\n360\0604010.00e\ccsetx86.sys [2013-2-5 132768]
R1 CFRMD;CFRMD;c:\windows\system32\drivers\CFRMD.sys [2012-9-3 35064]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-10-5 65584]
R1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\drivers\hssdrv6.sys [2012-11-14 35592]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.1.2.10\definitions\ipsdefs\20130215.002\IDSvix86.sys [2013-2-15 386720]
R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\drivers\jswpslwf.sys [2009-4-20 20384]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0604010.00e\ironx86.sys [2013-2-5 149624]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\0604010.00e\symtdiv.sys [2013-2-5 345208]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-4-17 40960]
R2 DCService.exe;DCService.exe;c:\programdata\datacardservice\DCService.exe [2009-12-22 225280]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 hshld;Hotspot Shield Service;c:\program files\hotspot shield\bin\openvpnas.exe [2012-11-15 527728]
R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe [2012-11-14 389488]
R2 iWinTrusted;iWinTrusted;c:\program files\iwin games\iWinTrusted.exe [2010-9-27 176408]
R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\6.4.1.14\ccsvchst.exe [2013-2-5 138272]
R2 NTI BackupNowEZSvr;NTI BackupNowEZSvr;c:\program files\nti\nti backup now ez\BackupNowEZSvr.exe [2011-9-23 45592]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2008-8-18 46392]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\14.2.0\ToolbarUpdater.exe [2013-2-16 968880]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-11-11 106656]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-8-18 7168]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2011-5-18 70656]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2012-11-10 193640]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\toshiba\smartfacev\SmartFaceVWatchSrv.exe [2008-4-24 73728]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\drivers\taphss6.sys [2012-11-14 35592]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\EKAiOHostService.exe [2011-3-9 366000]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2011-5-18 101504]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2011-5-18 116736]
S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-7-28 25112]
S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\jumpstart\jswpsapi.exe [2009-4-20 954368]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.318\McCHSvc.exe [2013-2-5 235216]
S3 SVRPEDRV;SVRPEDRV;c:\windows\system32\sysprep\PEDRV.SYS [2008-8-21 9216]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2012-11-9 13024]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-02-17 21:01:19 -------- d-----w- c:\users\icyfyre\appdata\local\AVG Secure Search
2013-02-17 20:42:36 115 ----a-w- c:\windows\DeleteOnReboot.bat
2013-02-17 02:18:50 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2013-02-17 02:12:39 -------- d-----w- c:\programdata\Comodo
2013-02-17 02:11:56 -------- d-----w- c:\program files\COMODO
2013-02-17 02:11:54 1060864 ----a-w- c:\windows\system32\mfc71.dll
2013-02-17 02:11:53 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2013-02-17 00:04:04 -------- d-----w- c:\programdata\Sophos
2013-02-17 00:02:33 73728 ----a-r- c:\users\icyfyre\appdata\roaming\microsoft\installer\{b829e117-d072-41ea-9606-9826a38d34c1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2013-02-17 00:02:33 73728 ----a-r- c:\users\icyfyre\appdata\roaming\microsoft\installer\{b829e117-d072-41ea-9606-9826a38d34c1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2013-02-17 00:02:33 73728 ----a-r- c:\users\icyfyre\appdata\roaming\microsoft\installer\{b829e117-d072-41ea-9606-9826a38d34c1}\ARPPRODUCTICON.exe
2013-02-17 00:02:11 -------- d-----w- c:\program files\Sophos
2013-02-16 23:50:42 -------- d-----w- c:\users\icyfyre\appdata\roaming\Malwarebytes
2013-02-16 23:50:26 -------- d-----w- c:\programdata\Malwarebytes
2013-02-16 23:50:25 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-16 23:50:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-16 23:40:18 -------- d-----w- c:\users\icyfyre\appdata\local\AVG SafeGuard toolbar
2013-02-16 23:40:06 -------- d-----w- c:\programdata\AVG SafeGuard toolbar
2013-02-16 23:39:54 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-02-16 23:39:51 -------- d-----w- c:\program files\common files\AVG Secure Search
2013-02-16 23:39:50 -------- d-----w- c:\program files\AVG SafeGuard toolbar
2013-02-16 23:39:05 -------- d--h--w- c:\programdata\Common Files
2013-02-13 15:17:07 2048512 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 15:10:24 1314816 ----a-w- c:\windows\system32\quartz.dll
2013-02-13 15:10:14 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 15:09:53 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-13 15:09:53 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-06 03:36:48 924320 ----a-w- c:\windows\system32\drivers\n360\0604010.00e\symefa.sys
2013-02-06 03:36:48 345208 ----a-r- c:\windows\system32\drivers\n360\0604010.00e\symtdiv.sys
2013-02-06 03:36:48 340088 ----a-r- c:\windows\system32\drivers\n360\0604010.00e\symds.sys
2013-02-06 03:36:48 32928 ----a-w- c:\windows\system32\drivers\n360\0604010.00e\srtspx.sys
2013-02-06 03:36:48 318584 ----a-r- c:\windows\system32\drivers\n360\0604010.00e\symnets.sys
2013-02-06 03:36:47 574112 ----a-w- c:\windows\system32\drivers\n360\0604010.00e\srtsp.sys
2013-02-06 03:36:47 149624 ----a-r- c:\windows\system32\drivers\n360\0604010.00e\ironx86.sys
2013-02-06 03:36:47 132768 ----a-w- c:\windows\system32\drivers\n360\0604010.00e\ccsetx86.sys
2013-02-06 03:36:31 8942 ----a-w- c:\windows\system32\drivers\n360\0604010.00e\symvtcer.dat
2013-02-06 03:36:31 -------- d-----w- c:\windows\system32\drivers\n360\0604010.00E
.
==================== Find3M  ====================
.
2013-02-18 15:40:01 13024 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2013-02-16 23:17:26 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-16 23:17:26 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-08 22:11:21 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-24 18:24:15 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-12-24 18:24:15 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-12-16 13:12:54 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 10:50:29 293376 ----a-w- c:\windows\system32\atmfd.dll
.
============= FINISH:  8:53:07.96 ===============
 

 

Attach:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 4/20/2009 7:48:35 AM
System Uptime: 2/18/2013 8:37:45 AM (0 hours ago)
.
Motherboard: TOSHIBA |  | Portable PC
Processor: Intel® Pentium® Dual  CPU  T3400  @ 2.16GHz | CPU | 2166/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 224 GiB total, 56.174 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
 Millennium  A New Hope
 Update for Microsoft Office 2007 (KB2508958)
7-Zip 4.65
A Gypsy's Tale:  The Tower of Secrets (remove only)
A Vampire Romance - Paris Stories
AC3Filter (remove only)
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.01)
Adobe Shockwave Player 11.5
aioprnt
aioscnnr
Alice in Wonderland (remove only)
Amazon MP3 Downloader 1.0.12
Angel Code- A Linda Hyde Mystery
Anime Zodiac Free Screensaver (remove only)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Are You Smarter Than A 5th Grader (remove only)
Atheros Driver Installation Program
Atheros Wi-Fi Protected Setup Library
AVG SafeGuard toolbar
Big Fish Games: Game Manager
Blood and Ruby New 1.00
Blood and Ruby v2
Bloodline of the Fallen Anna's Sacrifice
Bonjour
Book of Legends (remove only)
Camera Assistant Software for Toshiba
Canon Easy-WebPrint EX
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP Navigator EX 3.1
Canon MX340 series MP Drivers
Canon MX340 series User Registration
Canon Speed Dial Utility
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
CD/DVD Drive Acoustic Silencer
CDisplay 1.8
center
Charlaine Harris Dying for Daylight 1.00
Chronicles of Albian - The Magic Convention
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
Compatibility Pack for the 2007 Office system
Cricket Broadband EC1705
Dark Parables-The Exiled Prince Collector's Edition
Dark Tales - Edgar Allan Poes Murders in the Rue Morgue Collectors Edition
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Web Player
Dracula Love Kills Collectors Edition 1.00
Dreamland
DriverUpdate
DVD MovieFactory for TOSHIBA
Echoes of Sorrow
Empress of the Deep 2 Song of Blue Whale CE
essentials
Fairy Tales Iridescence Village
FixCleaner
For The Morning Sun
Ghost Town Mysteries: Bodie (remove only)
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GPL MPEG-1/2 DirectShow Decoder Filter
Graboid Video 1.65
Guardian Dragons
Guardians of Magic - Amanda's Awakening
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotspot Shield 2.78
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes
iWin Games (remove only)
Jane Angel: Templar Mystery (remove only)
Jane Austen - Pride and Prejudice
Java 7 Update 13
Java Auto Updater
Java™ 6 Update 6
Jisei 1
Junk Mail filter update
Kodak AIO Printer
KODAK AiO Software
Letters from Nowhere
Letters from Nowhere (remove only)
Letters from Nowhere 2
Love & Death ™: Bitten ™
Love and Death - Bitten
Maestro - Music of Death Collector's  BugFix
Malwarebytes Anti-Malware version 1.70.0.1100
Margrave - The Curse of the Severed Heart CE
McAfee Security Scan Plus
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft WSE 3.0 Runtime
Microsoft XML Parser
Miss Chic 2 - Romantic Girl
Miss Popularity (remove only)
Monopoly 2012
Morrowind
Move Media Player
MSVCRT
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Murder Island - Secret of Tantalus
My Kingdom for the Princess (remove only)
Mystery Agency - A Vampires Kiss
Mystery Legends - Sleepy Hollow 1.00
Mystery Series - A Vampire Tale
Nancy Drew® - The Haunting of Castle Malloy
Nightfall Mysteries 2:  Asylum Conspiracy (remove only)
Nora Roberts Vision In White
Norton Security Suite
NTI Backup Now EZ
NVIDIA PhysX v8.10.29
ocr
Origin
Our Worst Fears - Stained Skin
Picasa 3
PreReq
Pride & Prejudice - Hidden Anthologies
Privacy SafeGuard version 1.1
Project64 1.6
QuickTime
RE: Alistair++ 1
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
RealUpgrade 1.1
Reimage SmartBar
Righteous Kill (remove only)
Ripples 1
Royal Trouble
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Shades of Death - Royal Blood
Shiver - Vanishing Hitchhiker Collector's Edition
Slingo Mystery (remove only)
Slingo Quest Egypt
Slingo Supreme (remove only)
Sophos Virus Removal Tool
Soul Journey
Spelling Dictionaries Support For Adobe Reader 8
Sphera
Spirited Heart Demo
Super Mario All-Stars & World
Super Mario World
Synaptics Pointing Device Driver
TES Construction Set
The Flower Shop - Winter In Fairbrook V2
THE GAME OF LIFE
The Game Of Life by Hasbro
The Hidden Prophecies of Nostradamus (remove only)
The Revenge
The Sims™ 3
The Sims™ 3 Late Night
The Stroke of Midnight and Guide
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Desktop Links
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA Recovery Disc Creator
Toshiba Registration
TOSHIBA Service Station
TOSHIBA Software Modem
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
Twilight City Love as a Cure
Twisted Lands: Shadow Town: Collector's Edition (remove only)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
VC80CRTRedist - 8.0.50727.762
VideoLAN VLC media player 0.8.6d
Vuze
Vuze Remote Toolbar v6.9
Wedding Salon
WildTangent Games App (HP Games)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Encoder 9 Series
Women's Murder Club  Death in Scarlet (remove only)
Womens Murder Club Twice in a Blue Moon
Zodiac Prophecies - The Serpent Bearer With Guide
.
==== End Of File ===========================
 



#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,076 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:03 AM

Posted 18 February 2013 - 11:37 AM

That all looks good! Lets do one last scan before calling it clean. smile.png

ESET ONLINE SCANNER
----------------------------
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#11 Icyfyre

Icyfyre
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 18 February 2013 - 11:40 PM

C:\Windows\Installer\7e2c2.msi probably a variant of Win32/Toolbar.Widgi application 
C:\Users\Icyfyre\AppData\Local\Apple Computer\CrashDumps\owhadxih.dll a variant of Win32/Kryptik.AUQC trojan cleaned by deleting - quarantined
C:\Program Files\Windows Live\Messenger\msimg32.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files\Windows Live\Messenger\riched20.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\11.11.2012_21.37.28\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\Users\Icyfyre\AppData\Local\Google\Chrome\User Data\Default\Default\aaggdcgbdddhdddigedddedidedddfde\background.js Win32/TrojanDownloader.Tracur.V trojan cleaned by deleting - quarantined
C:\Users\Icyfyre\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\36cc4c3a-1aa8916a probably a variant of Java/Agent.AV trojan deleted - quarantined
 



#12 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,076 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:03 AM

Posted 19 February 2013 - 02:46 AM

That cleaned up also the last traces of malware. smile.png

ALL CLEAN
--------------
Your machine appears to be clean, please take the time to read below on how to secure the machine and take the necessary steps to keep it clean smile.png

Please do the following to remove the remaining programs from your PC:

 

  • You can remove the tools and logs by right-clicking and selecting delete.

 

  • Please read the following advice on how to prevent reinfecting your PC:
    • Install and update the following programs regularly:
    • an outbound firewall. If you are connected to the internet through a router, you are already behind a hardware firewall and as such you do not need an extra software firewall.
      A comprehensive tutorial and a list of possible firewalls can be found here.
    • an AntiVirus Software
      It is imperative that you update your AntiVirus Software on regular basis.If you do not update your AntiVirus Software then it will not be able to catch the latest threats.
  • Keep Windows (and your other Microsoft software) up to date!
    I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holes will allow an attacker unrestricted access to your computer.
    Therefore, please, visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!!
  • Keep your other software up to date as well
    Software does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on yourmachine.
  • Stay up to date!
    The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing.
  • Some more links you might find of interest:

Please reply to this topic if you have read the above information. If your computer is working fine, this topic will be closed afterwards.


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#13 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,076 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:03 AM

Posted 12 April 2013 - 09:09 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users