Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan.Zeroaccess!inf4 removal?


  • This topic is locked This topic is locked
11 replies to this topic

#1 cody56

cody56

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:56 PM

Posted 23 April 2013 - 08:35 AM

Hey guys. I'm the IT dept for the my company and an employee has somehow gotten this virus on his computer. I tried the Trojan Removal tool that Symantec recommended but it couldn't find the virus. Anyone else had success in removing this? Thanks in advance.

 



BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:56 PM

Posted 24 April 2013 - 11:24 AM

Please do the following:

 

Please download DDS from either of these links

 

LINK 1

LINK 2

 

and save it to your desktop.

  • Disable any script blocking protection

  • Double click dds to run the tool.

  • When done, two DDS.txt's will open.

  • Save both reports to your desktop.

---------------------------------------------------

Please include the contents of the following in your next reply:

 

DDS.txt

Attach.txt.

 

 

NEXT

 

Please download aswMBR  to your desktop.

  • Double click the aswMBR.exe icon to run it

  • When asked if you want to download Avast's virus definitions please select Yes.

  • Click the Scan button to start the scan

  • On completion of the scan, click the  save log button, save it to your desktop and post it in your next reply.

  • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well


Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 cody56

cody56
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:56 PM

Posted 01 May 2013 - 02:35 PM

dds.txt

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16476
Run by Brooks at 10:24:36 on 2013-04-29
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8191.3745 [GMT -5:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\Windows\system32\svchost.exe -k bthaudiosvc
C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Softland\FBackup 4\fbaSched.exe
C:\Windows\Explorer.EXE
C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
C:\Windows\System32\vds.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Windows Live\Companion\companionuser.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\AutoCAD 2004\acad.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\WSCommCntr1.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe
C:\Users\Brooks\AppData\Local\Temp\Foxit Updater.exe
C:\Users\Brooks\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mURLSearchHooks: FreemakeGold Toolbar: {1d053bb5-c922-44e3-9910-66585f017505} - C:\Program Files (x86)\FreemakeGold\prxtbFree.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: FreemakeGold Toolbar: {1d053bb5-c922-44e3-9910-66585f017505} - C:\Program Files (x86)\FreemakeGold\prxtbFree.dll
BHO: Winamp Toolbar Loader: {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ips\ipsbho.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Spam Free Search Helper Object: {BAE35237-8D73-44D0-905C-8A95EA1E7E69} - C:\Program Files (x86)\blekko\spamfreesearch\1.6.9.1\bh\spamfreesearch.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Winamp Toolbar: {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
TB: FreemakeGold Toolbar: {1D053BB5-C922-44E3-9910-66585F017505} - C:\Program Files (x86)\FreemakeGold\prxtbFree.dll
TB: Winamp Toolbar: {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Spam Free Search Toolbar: {EECF410C-006C-4A05-AD13-6741A0814DBF} - C:\Program Files (x86)\blekko\spamfreesearch\1.6.9.1\spamfreesearchTlbr.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: FreemakeGold Toolbar: {1d053bb5-c922-44e3-9910-66585f017505} - C:\Program Files (x86)\FreemakeGold\prxtbFree.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [FBackup Scheduler] <no file>
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [Google Quick Search Box] "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
mRun: [SolidWorks_CheckForUpdates] "C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe" /scheduler
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
mRun: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent
mRun: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {12545791-AC9A-44B2-8964-0DA216C4A4E5} - hxxp://wago.partcommunity.com/PARTcommunity/static/all/cnsViewer3D/cnsweb3d.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxps://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - hxxp://www.opentopia.com/support/activex/AxisCamControl.cab
DPF: {9B479D7B-916A-45B0-B042-D42865A60E21} - hxxp://trophycam.myq-see.com/DvrOcx.cab
DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} - hxxp://192.168.0.30/plugin/h263ctrl.cab
DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} - hxxp://aknisley.homeip.net/cab/OCXChecker_8310.cab
DPF: {B9940246-4344-4D1B-BD82-DBAF7E657FF9} - hxxp://p.viewnetcam.com:60001/SysCamInst.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FAA26872-BB40-4AB2-8A6D-A49183581AAA} - hxxp://70.167.100.164/user/TSBnwCam.CAB
DPF: {FE92D9C3-4A69-4EC7-8651-1DC8531D0075} - hxxp://24.97.183.50/user/TSBnwCam.CAB
TCP: NameServer = 172.29.135.19
TCP: Interfaces\{C8451577-169B-414C-9751-86FEBA2F0609} : DHCPNameServer = 172.29.135.19
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
x64-Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
x64-Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartup
x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
x64-DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-12-5 55856]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1403010.016\symds64.sys [2013-4-8 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1403010.016\symefa64.sys [2013-4-8 1139800]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20130412.001\BHDrvx64.sys [2013-4-12 1390680]
R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1403010.016\ccsetx64.sys [2013-4-8 168096]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20130426.001\IDSviA64.sys [2013-4-26 513184]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1403010.016\ironx64.sys [2013-4-8 224416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1403010.016\symnets.sys [2013-4-8 432800]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-12-5 92160]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-1-21 100864]
R2 HFGService;Handsfree Headset Service;C:\Windows\System32\svchost.exe -k bthaudiosvc [2009-7-13 27136]
R2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2010-7-8 25824]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccsvchst.exe [2013-4-8 144520]
R2 Remote Solver for Flow Simulation 2009;Remote Solver for Flow Simulation 2009;C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [2008-9-3 248104]
R2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-1 14088]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2009-12-5 656624]
R2 XMouseButton Launcher;XMouseButton Launcher;C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe [2010-3-28 84480]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-3-26 138912]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2009-6-10 166384]
S2 SessionLauncher;SessionLauncher;C:\Users\Brooks\AppData\Local\Temp\DX9\SessionLauncher.exe --> C:\Users\Brooks\AppData\Local\Temp\DX9\SessionLauncher.exe [?]
S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2010-4-29 32768]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 BthAudioHF;BthAudioHF Service;C:\Windows\System32\drivers\BthAudioHF.sys [2009-12-21 52224]
S3 BthAvrcp;Bluetooth AVRCP Profile;C:\Windows\System32\drivers\BthAvrcp.sys [2009-8-13 29184]
S3 clr_optimization_v4.0.21006_32;Microsoft .NET Framework NGEN v4.0.21006_X86;C:\Windows\Microsoft.NET\Framework\v4.0.21006\mscorsvw.exe [2009-10-7 129856]
S3 clr_optimization_v4.0.21006_64;Microsoft .NET Framework NGEN v4.0.21006_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.21006\mscorsvw.exe [2009-10-7 138560]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2008-9-9 79144]
S3 csr_a2dp;Bluetooth AV Profile;C:\Windows\System32\drivers\bthav.sys [2009-12-21 78848]
S3 EuDisk;EASEUS Disk Enumerator;C:\Windows\System32\drivers\EuDisk.sys [2010-9-13 137608]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-25 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-6-10 1124848]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-8-1 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-3-30 1255736]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.21006\WPF\WPFFontCache_v0400.exe [2009-10-7 1007448]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys [2010-7-30 29288]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys [2010-7-30 29288]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys [2010-7-30 29288]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys [2010-7-30 29288]
S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys [2010-7-30 29288]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RoxLiveShare10;LiveShare P2P Server 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2009-6-10 309744]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile="C:\Windows\notepad.exe" "%1"
FileExt: .vbs: VBSFile=C:\Windows\System32\WScript.exe "%1" %* [UserChoice]
.
=============== Created Last 30 ================
.
2013-04-24 11:50:44 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-22 14:38:18 27256 ----a-w- C:\Windows\System32\drivers\FixZeroAccess.sys
2013-04-10 11:23:43 44032 ----a-w- C:\Windows\System32\tsgqec.dll
2013-04-10 11:23:43 3717632 ----a-w- C:\Windows\System32\mstscax.dll
2013-04-10 11:23:43 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2013-04-10 11:23:43 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll
2013-04-10 11:23:43 158720 ----a-w- C:\Windows\System32\aaclient.dll
2013-04-10 11:23:43 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll
2013-04-10 11:23:40 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-04-10 11:22:51 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-04-10 11:22:48 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-04-10 11:22:47 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-04-10 11:22:47 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-04-10 11:22:47 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-04-10 11:22:47 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-04-10 11:22:47 112640 ----a-w- C:\Windows\System32\smss.exe
2013-04-09 00:00:09 796248 ----a-w- C:\Windows\System32\drivers\N360x64\1403010.016\srtsp64.sys
2013-04-09 00:00:09 493656 ----a-w- C:\Windows\System32\drivers\N360x64\1403010.016\symds64.sys
2013-04-09 00:00:09 432800 ----a-w- C:\Windows\System32\drivers\N360x64\1403010.016\symnets.sys
2013-04-09 00:00:09 36952 ----a-w- C:\Windows\System32\drivers\N360x64\1403010.016\srtspx64.sys
2013-04-09 00:00:09 23448 ----a-r- C:\Windows\System32\drivers\N360x64\1403010.016\symelam.sys
2013-04-09 00:00:09 1139800 ----a-w- C:\Windows\System32\drivers\N360x64\1403010.016\symefa64.sys
2013-04-09 00:00:08 224416 ----a-w- C:\Windows\System32\drivers\N360x64\1403010.016\ironx64.sys
2013-04-09 00:00:08 168096 ----a-w- C:\Windows\System32\drivers\N360x64\1403010.016\ccsetx64.sys
2013-04-08 23:59:44 -------- d-----w- C:\Windows\System32\drivers\N360x64\1403010.016
.
==================== Find3M ====================
.
2013-03-21 17:54:12 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-03-13 13:52:29 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-13 13:52:29 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-22 06:27:49 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-22 06:20:51 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-02-22 06:19:37 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-02-22 06:15:48 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-02-22 06:15:23 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-02-22 06:12:41 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-02-22 03:46:00 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-02-22 03:38:00 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-02-22 03:37:50 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-02-22 03:34:17 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-02-22 03:34:03 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-02-22 03:31:46 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-02-12 04:12:06 19968 ----a-w- C:\Windows\System32\drivers\usb8023x.sys
2013-02-12 04:12:05 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
.
============= FINISH: 10:25:10.70 ===============

 

 

 

attach.txt

 

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 12/10/2009 1:20:11 PM
System Uptime: 4/25/2013 3:30:12 AM (103 hours ago)
.
Motherboard: Dell Inc. | | 0M017G
Processor: Intel® Core™2 Quad CPU Q9400 @ 2.66GHz | CPU 1 | 2002/333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 687 GiB total, 546.952 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is FIXED (NTFS) - 373 GiB total, 294.367 GiB free.
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP920: 4/25/2013 3:00:11 AM - Windows Update
RP921: 4/26/2013 3:00:24 AM - Windows Update
RP922: 4/27/2013 3:00:10 AM - Windows Update
RP923: 4/28/2013 3:00:10 AM - Windows Update
RP924: 4/29/2013 3:00:10 AM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
µTorrent
2007 Microsoft Office system
232Analyzer
50 FREE MP3s +1 Free Audiobook!
7-Zip 9.10 (x64 edition)
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.4)
Advanced IP Scanner v1.5
Aimersoft Media Converter(Build 1.4.2.1)
Amazon Unbox Video
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Ask Toolbar Updater
AutoCAD 2004
Autodesk Express Viewer
AxCrypt (Remove Only)
Banctec Service Agreement
Bing Bar
BlackBerry Desktop Software 4.0.1
Bonjour
Business Contact Manager for Outlook 2007 SP2
CADENAS PARTwebViewer
Cloudy Video Converter version 3.01
Crystal Reports for Visual Studio
Cucusoft Ultimate DVD + Video Converter Suite 7.7.7.6
CutePDF Writer 2.8
D3DX10
D9-Viewer V1.1.9.42
Dashwire
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Dock
Dell Driver Download Manager
Dell Edoc Viewer
Dell Getting Started Guide
Dell Support Center (Support Software)
DeLorme Topo USA 8.0
DirectXInstallService
doPDF 7.3 printer
Dotfuscator Software Services - Community Edition
Draw 4 App
DWGeditor
EchoLink
EMCGadgets64
FBackup 4
Foxit Reader
Free WMA to MP3 Converter 1.16
Freemake Video Converter version 3.2.1
FreemakeGold Toolbar
Garmin Communicator Plugin
Garmin USB Drivers
Garmin WebUpdater
GeoVision ADPCM
GeoVision H264
GeoVision JPEG
GeoVision MPEG2
GeoVision MPEG4
GeoVision MPEG4 ASP
GeoVision MPEG4 AVC
Google Apps
Google Chrome
Google Earth
Google Quick Search Box
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
iTunes
Japanese Fonts Support For Adobe Reader X
Java Auto Updater
Java™ 6 Update 14 (64-bit)
Java™ 6 Update 24
Junk Mail filter update
Kensington Share Central
KONICA MINOLTA Universal PS
Loki ActiveX Control
LuxRiot Digital Video Recorder 1.7.1
Memeo AutoSync
Memeo Instant Backup
Memeo Send
Memeo Share
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile Beta 2
Microsoft .NET Framework 4 Extended Beta 2
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
Microsoft Help 3.0 Beta 2
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Development Tools for Visual Studio 2010 (x64)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Live Add-in 1.5
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Word MUI (English) 2007
Microsoft SharePoint Development Tools
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 R2 Data-Tier Application Framework
Microsoft SQL Server 2008 R2 Data-Tier Application Project
Microsoft SQL Server 2008 R2 Transact-SQL Language Service
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Compact 3.5 SP2 Beta English
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime v1.0 SP1 Beta (x64)
Microsoft Sync Framework SDK v1.0 SP1 Beta
Microsoft Sync Framework Services v1.0 SP1 Beta (x64)
Microsoft Sync Services for ADO.NET v2.0 SP1 Beta (x64)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 Beta 2 x64 Designtime - 10.0.21006
Microsoft Visual C++ 2010 Beta 2 x64 Runtime - 10.0.21006
Microsoft Visual C++ 2010 Beta 2 x86 Runtime - 10.0.21006
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual F# Runtime 1.0
Microsoft Visual Studio 2005 Tools for Applications - ENU
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Beta 2
Microsoft Visual Studio 2010 Professional Beta 2 - ENU
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio Macro Tools
Morgan Multimedia Motion JPEG Codec 3.0.0.9
MorsePlay 1.1
MSVC80_x64
MSVC80_x86
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network Updater
Norton 360
NVIDIA Drivers
Pad2Pad 1.9.72
PC Connectivity Solution
PhotoView 360
Picasa 3
PL-2303 USB-to-Serial
PowerDVD DX
QuickTime
R-Studio 5.1
Radio Mobile
RadioWORKS
Realtek High Definition Audio Driver
Recuva
Roxio Activation Module
Roxio CinePlayer Decoder Pack
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator Premier
Roxio Creator Premier 10
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Seagate Dashboard
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Update for Microsoft Visual Studio Macro Tools (KB2669970)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit)
Skype™ for Windows Mobile 3.0
SmartDraw 2012
SmartPhone Viewer V3
SolidWorks 2009 x64 Edition SP0
SolidWorks eDrawings 2009
SolidWorks Explorer 2009 sp0 x64 Edition
SolidWorks Flow Simulation 2009 SP0 x64 Edition
SolidWorks Motion 2009 SP0 x64 Edition
SolidWorks Simulation 2009 SP0 x64 Edition
Spam Free Search Toolbar
SQL Server 2008 R2 Management Objects
Sql Server Customer Experience Improvement Program
SQL Server System CLR Types
SUPERAntiSpyware
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VD64Inst
Visual C++ 2008 Runtime (x64)
Visual Studio 2010 Beta 2 Tools for SQL Server Compact ENU
Visual Studio 2010 Prerequisites - English
Web Deployment Tool
WildTangent Games
Winamp
Winamp Detector Plug-in
Winamp Remote
Winamp Toolbar
Wincore MediaBar
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Mobile Device Center
X-Mouse Button Control 1.50
.
==== Event Viewer Messages From Past Week ========
.
4/25/2013 7:02:33 AM, Error: XMouseButton Launcher [0] -
4/25/2013 3:31:47 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
4/25/2013 3:31:32 AM, Error: Service Control Manager [7000] - The SessionLauncher service failed to start due to the following error: The system cannot find the file specified.
4/25/2013 3:31:27 AM, Error: Service Control Manager [7009] - A timeout was reached (120000 milliseconds) while waiting for the Roxio Hard Drive Watcher 10 service to connect.
4/22/2013 9:39:17 AM, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: A system shutdown is in progress.
.
==== End Of File ===========================

 

 

The Avast scan kept crashing at a file that it thought was infected. The file I attached was saved before it crashed, so probably mostly useless.

Attached Files

  • Attached File  MBR.zip   570bytes   0 downloads


#4 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:56 PM

Posted 01 May 2013 - 05:04 PM

Please run the following:

Please download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • when the window opens, click on Change Parameters
  • under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
  • click OK
  • Press Start Scan
    • If Malicious objects are found then ensure Cure is selected
    • If TDLFS File System/TDSS File system is found then ensure Cure is selected (if cure is not available, choose skip)
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)
NEXT


Refer to the ComboFix User's Guide
  • Download ComboFix from the following location:

    Link

    * IMPORTANT !!! Place ComboFix.exe on your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
    You can get help on disabling your protection programs here
  • Double click on ComboFix.exe & follow the prompts.
  • Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
  • When finished, it shall produce a log for you. Post that log in your next reply

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


    ---------------------------------------------------------------------------------------------
  • Ensure your AntiVirus and AntiSpyware applications are re-enabled.

    ---------------------------------------------------------------------------------------------
NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#5 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:56 PM

Posted 09 May 2013 - 08:16 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#6 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:56 PM

Posted 10 May 2013 - 01:22 PM

This topic has been re-opened at the request of the person who originally posted.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#7 cody56

cody56
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:56 PM

Posted 10 May 2013 - 02:40 PM

Thank you CatByte. Sorry it took me so long.

 

TDSSKiller Report:

 

13:08:41.0646 28276 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:08:42.0040 28276 ============================================================
13:08:42.0040 28276 Current date / time: 2013/05/10 13:08:42.0040
13:08:42.0040 28276 SystemInfo:
13:08:42.0040 28276
13:08:42.0041 28276 OS Version: 6.1.7601 ServicePack: 1.0
13:08:42.0041 28276 Product type: Workstation
13:08:42.0041 28276 ComputerName: BROOKS-STUDIO
13:08:42.0041 28276 UserName: Brooks
13:08:42.0041 28276 Windows directory: C:\Windows
13:08:42.0041 28276 System windows directory: C:\Windows
13:08:42.0041 28276 Running under WOW64
13:08:42.0041 28276 Processor architecture: Intel x64
13:08:42.0041 28276 Number of processors: 4
13:08:42.0041 28276 Page size: 0x1000
13:08:42.0041 28276 Boot type: Normal boot
13:08:42.0041 28276 ============================================================
13:08:43.0287 28276 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:08:43.0307 28276 Drive \Device\Harddisk1\DR1 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBD435, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000040
13:08:43.0323 28276 Drive \Device\Harddisk6\DR6 - Size: 0x1DD180000 (7.45 Gb), SectorSize: 0x200, Cylinders: 0x3CD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:08:43.0326 28276 ============================================================
13:08:43.0326 28276 \Device\Harddisk0\DR0:
13:08:43.0326 28276 MBR partitions:
13:08:43.0326 28276 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1F800, BlocksNum 0x175F000
13:08:43.0326 28276 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x177E800, BlocksNum 0x55DC7000
13:08:43.0326 28276 \Device\Harddisk1\DR1:
13:08:43.0332 28276 MBR partitions:
13:08:43.0332 28276 \Device\Harddisk6\DR6:
13:08:43.0333 28276 MBR partitions:
13:08:43.0333 28276 \Device\Harddisk6\DR6\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0xEE8BE0
13:08:43.0333 28276 ============================================================
13:08:43.0356 28276 C: <-> \Device\Harddisk0\DR0\Partition2
13:08:43.0356 28276 ============================================================
13:08:43.0356 28276 Initialize success
13:08:43.0356 28276 ============================================================
13:08:51.0517 17388 ============================================================
13:08:51.0517 17388 Scan started
13:08:51.0517 17388 Mode: Manual; TDLFS;
13:08:51.0517 17388 ============================================================
13:08:52.0040 17388 ================ Scan system memory ========================
13:08:52.0040 17388 System memory - ok
13:08:52.0040 17388 ================ Scan services =============================
13:08:52.0118 17388 [ A0709B82FA3B5AFAD1467E565B8B3BA0 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
13:08:52.0120 17388 !SASCORE - ok
13:08:52.0234 17388 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:08:52.0235 17388 1394ohci - ok
13:08:52.0275 17388 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:08:52.0277 17388 ACPI - ok
13:08:52.0308 17388 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:08:52.0308 17388 AcpiPmi - ok
13:08:52.0383 17388 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:08:52.0384 17388 AdobeARMservice - ok
13:08:52.0485 17388 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:08:52.0487 17388 AdobeFlashPlayerUpdateSvc - ok
13:08:52.0518 17388 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:08:52.0521 17388 adp94xx - ok
13:08:52.0536 17388 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:08:52.0538 17388 adpahci - ok
13:08:52.0549 17388 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:08:52.0551 17388 adpu320 - ok
13:08:52.0619 17388 [ 985E43B02D2443F6C0F440771C77E5D1 ] ADVService C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
13:08:52.0619 17388 ADVService - ok
13:08:52.0657 17388 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:08:52.0658 17388 AeLookupSvc - ok
13:08:52.0685 17388 [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
13:08:52.0686 17388 AERTFilters - ok
13:08:52.0736 17388 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:08:52.0739 17388 AFD - ok
13:08:52.0778 17388 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:08:52.0779 17388 agp440 - ok
13:08:52.0791 17388 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:08:52.0792 17388 ALG - ok
13:08:52.0805 17388 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:08:52.0805 17388 aliide - ok
13:08:52.0814 17388 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:08:52.0815 17388 amdide - ok
13:08:52.0830 17388 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:08:52.0831 17388 AmdK8 - ok
13:08:52.0846 17388 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:08:52.0847 17388 AmdPPM - ok
13:08:52.0858 17388 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:08:52.0859 17388 amdsata - ok
13:08:52.0875 17388 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:08:52.0876 17388 amdsbs - ok
13:08:52.0889 17388 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:08:52.0890 17388 amdxata - ok
13:08:52.0939 17388 [ 363571BC0C79E394E69300D1F2E3DDAE ] androidusb C:\Windows\system32\Drivers\androidusb.sys
13:08:52.0940 17388 androidusb - ok
13:08:52.0968 17388 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:08:52.0969 17388 AppID - ok
13:08:52.0985 17388 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:08:52.0985 17388 AppIDSvc - ok
13:08:53.0114 17388 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:08:53.0115 17388 Appinfo - ok
13:08:53.0308 17388 [ 018857EAD9A077A56AEDFC0E5EF7A24A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:08:53.0309 17388 Apple Mobile Device - ok
13:08:53.0334 17388 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
13:08:53.0335 17388 AppMgmt - ok
13:08:53.0349 17388 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
13:08:53.0350 17388 arc - ok
13:08:53.0355 17388 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:08:53.0356 17388 arcsas - ok
13:08:53.0618 17388 [ CB8FEA6B15F97BF90BE3D6F6F135411C ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.21006\aspnet_state.exe
13:08:53.0619 17388 aspnet_state - ok
13:08:53.0639 17388 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:08:53.0639 17388 AsyncMac - ok
13:08:53.0685 17388 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:08:53.0686 17388 atapi - ok
13:08:53.0722 17388 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:08:53.0726 17388 AudioEndpointBuilder - ok
13:08:53.0736 17388 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:08:53.0740 17388 AudioSrv - ok
13:08:53.0779 17388 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:08:53.0780 17388 AxInstSV - ok
13:08:53.0809 17388 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:08:53.0812 17388 b06bdrv - ok
13:08:53.0828 17388 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:08:53.0829 17388 b57nd60a - ok
13:08:53.0865 17388 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
13:08:53.0866 17388 BBSvc - ok
13:08:53.0906 17388 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
13:08:53.0907 17388 BcmSqlStartupSvc - ok
13:08:53.0924 17388 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:08:53.0925 17388 BDESVC - ok
13:08:53.0954 17388 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:08:53.0955 17388 Beep - ok
13:08:53.0998 17388 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:08:54.0002 17388 BFE - ok
13:08:54.0135 17388 [ 7B56A40EAAACF1867FF178501D3EA185 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20130502.001\BHDrvx64.sys
13:08:54.0144 17388 BHDrvx64 - ok
13:08:54.0174 17388 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
13:08:54.0180 17388 BITS - ok
13:08:54.0197 17388 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:08:54.0198 17388 blbdrive - ok
13:08:54.0242 17388 [ 673CF4F6BB1FBE09331B526802FBB892 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
13:08:54.0245 17388 Bonjour Service - ok
13:08:54.0280 17388 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:08:54.0281 17388 bowser - ok
13:08:54.0292 17388 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:08:54.0293 17388 BrFiltLo - ok
13:08:54.0303 17388 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:08:54.0304 17388 BrFiltUp - ok
13:08:54.0331 17388 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
13:08:54.0332 17388 BridgeMP - ok
13:08:54.0360 17388 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:08:54.0361 17388 Browser - ok
13:08:54.0376 17388 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:08:54.0378 17388 Brserid - ok
13:08:54.0392 17388 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:08:54.0392 17388 BrSerWdm - ok
13:08:54.0412 17388 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:08:54.0412 17388 BrUsbMdm - ok
13:08:54.0421 17388 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:08:54.0422 17388 BrUsbSer - ok
13:08:54.0460 17388 [ 07DCB3C254D584E3949FE2C0EE3963F2 ] BthAudioHF C:\Windows\system32\DRIVERS\BthAudioHF.sys
13:08:54.0460 17388 BthAudioHF - ok
13:08:54.0472 17388 [ 832B121E4532919CC49F2438F1DCAA21 ] BthAvrcp C:\Windows\system32\DRIVERS\BthAvrcp.sys
13:08:54.0472 17388 BthAvrcp - ok
13:08:54.0505 17388 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
13:08:54.0506 17388 BthEnum - ok
13:08:54.0520 17388 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:08:54.0521 17388 BTHMODEM - ok
13:08:54.0551 17388 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
13:08:54.0552 17388 BthPan - ok
13:08:54.0576 17388 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
13:08:54.0579 17388 BTHPORT - ok
13:08:54.0607 17388 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:08:54.0608 17388 bthserv - ok
13:08:54.0620 17388 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
13:08:54.0621 17388 BTHUSB - ok
13:08:54.0627 17388 catchme - ok
13:08:54.0700 17388 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1403010.016\ccSetx64.sys
13:08:54.0701 17388 ccSet_N360 - ok
13:08:54.0722 17388 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:08:54.0723 17388 cdfs - ok
13:08:54.0757 17388 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
13:08:54.0758 17388 cdrom - ok
13:08:54.0793 17388 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:08:54.0794 17388 CertPropSvc - ok
13:08:54.0805 17388 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:08:54.0806 17388 circlass - ok
13:08:54.0823 17388 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:08:54.0825 17388 CLFS - ok
13:08:54.0860 17388 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:08:54.0862 17388 clr_optimization_v2.0.50727_32 - ok
13:08:54.0895 17388 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:08:54.0896 17388 clr_optimization_v2.0.50727_64 - ok
13:08:54.0980 17388 [ 375AA2DC060EC01DA3AA49BA45489D4E ] clr_optimization_v4.0.21006_32 C:\Windows\Microsoft.NET\Framework\v4.0.21006\mscorsvw.exe
13:08:54.0981 17388 clr_optimization_v4.0.21006_32 - ok
13:08:54.0995 17388 [ F535684259FF511CD89A730573DCC410 ] clr_optimization_v4.0.21006_64 C:\Windows\Microsoft.NET\Framework64\v4.0.21006\mscorsvw.exe
13:08:54.0996 17388 clr_optimization_v4.0.21006_64 - ok
13:08:55.0056 17388 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:08:55.0057 17388 clr_optimization_v4.0.30319_32 - ok
13:08:55.0070 17388 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:08:55.0071 17388 clr_optimization_v4.0.30319_64 - ok
13:08:55.0088 17388 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:08:55.0089 17388 CmBatt - ok
13:08:55.0105 17388 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:08:55.0106 17388 cmdide - ok
13:08:55.0145 17388 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:08:55.0148 17388 CNG - ok
13:08:55.0163 17388 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:08:55.0164 17388 Compbatt - ok
13:08:55.0200 17388 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:08:55.0201 17388 CompositeBus - ok
13:08:55.0215 17388 COMSysApp - ok
13:08:55.0370 17388 [ C72DDF7E7C7B13298CFC6787D3797020 ] CoordinatorServiceHost C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
13:08:55.0371 17388 CoordinatorServiceHost - ok
13:08:55.0445 17388 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:08:55.0446 17388 crcdisk - ok
13:08:55.0539 17388 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:08:55.0541 17388 CryptSvc - ok
13:08:55.0579 17388 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
13:08:55.0582 17388 CSC - ok
13:08:55.0606 17388 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
13:08:55.0611 17388 CscService - ok
13:08:55.0654 17388 [ DF07C6D98BA7F81D0571E366B1CD6672 ] csr_a2dp C:\Windows\system32\drivers\bthav.sys
13:08:55.0655 17388 csr_a2dp - ok
13:08:55.0677 17388 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:08:55.0681 17388 DcomLaunch - ok
13:08:55.0708 17388 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:08:55.0711 17388 defragsvc - ok
13:08:55.0745 17388 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:08:55.0746 17388 DfsC - ok
13:08:55.0771 17388 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:08:55.0773 17388 Dhcp - ok
13:08:55.0787 17388 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:08:55.0788 17388 discache - ok
13:08:55.0811 17388 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:08:55.0811 17388 Disk - ok
13:08:55.0847 17388 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:08:55.0849 17388 Dnscache - ok
13:08:55.0900 17388 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
13:08:55.0901 17388 DockLoginService - ok
13:08:55.0929 17388 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:08:55.0931 17388 dot3svc - ok
13:08:55.0949 17388 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:08:55.0951 17388 DPS - ok
13:08:55.0968 17388 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:08:55.0969 17388 drmkaud - ok
13:08:55.0996 17388 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:08:56.0001 17388 DXGKrnl - ok
13:08:56.0018 17388 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:08:56.0019 17388 EapHost - ok
13:08:56.0084 17388 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:08:56.0104 17388 ebdrv - ok
13:08:56.0144 17388 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
13:08:56.0147 17388 eeCtrl - ok
13:08:56.0179 17388 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:08:56.0180 17388 EFS - ok
13:08:56.0218 17388 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:08:56.0223 17388 ehRecvr - ok
13:08:56.0244 17388 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:08:56.0245 17388 ehSched - ok
13:08:56.0261 17388 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:08:56.0264 17388 elxstor - ok
13:08:56.0290 17388 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:08:56.0291 17388 EraserUtilRebootDrv - ok
13:08:56.0320 17388 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:08:56.0321 17388 ErrDev - ok
13:08:56.0361 17388 [ CE1F5CDCD1DF4B0B574033B37784B57F ] EuDisk C:\Windows\system32\DRIVERS\EuDisk.sys
13:08:56.0362 17388 EuDisk - ok
13:08:56.0388 17388 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:08:56.0391 17388 EventSystem - ok
13:08:56.0404 17388 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:08:56.0406 17388 exfat - ok
13:08:56.0425 17388 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:08:56.0427 17388 fastfat - ok
13:08:56.0464 17388 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:08:56.0469 17388 Fax - ok
13:08:56.0488 17388 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:08:56.0488 17388 fdc - ok
13:08:56.0504 17388 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:08:56.0505 17388 fdPHost - ok
13:08:56.0519 17388 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:08:56.0520 17388 FDResPub - ok
13:08:56.0533 17388 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:08:56.0533 17388 FileInfo - ok
13:08:56.0554 17388 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:08:56.0555 17388 Filetrace - ok
13:08:56.0570 17388 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:08:56.0570 17388 flpydisk - ok
13:08:56.0585 17388 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:08:56.0587 17388 FltMgr - ok
13:08:56.0625 17388 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
13:08:56.0632 17388 FontCache - ok
13:08:56.0678 17388 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:08:56.0679 17388 FontCache3.0.0.0 - ok
13:08:56.0763 17388 [ 028C74A5CE10345A868AE96EABFBDDF9 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
13:08:56.0764 17388 Freemake Improver - ok
13:08:56.0774 17388 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:08:56.0775 17388 FsDepends - ok
13:08:56.0816 17388 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
13:08:56.0816 17388 fssfltr - ok
13:08:56.0879 17388 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:08:56.0888 17388 fsssvc - ok
13:08:56.0921 17388 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:08:56.0922 17388 Fs_Rec - ok
13:08:56.0952 17388 [ ED07200CFF78FACFB66EBB0B89F503A4 ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
13:08:56.0953 17388 FTDIBUS - ok
13:08:56.0982 17388 [ 9980E7584484A009E77E9BFA14C0C18A ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
13:08:56.0983 17388 FTSER2K - ok
13:08:57.0008 17388 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:08:57.0010 17388 fvevol - ok
13:08:57.0020 17388 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:08:57.0021 17388 gagp30kx - ok
13:08:57.0069 17388 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
13:08:57.0071 17388 GameConsoleService - ok
13:08:57.0085 17388 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:08:57.0086 17388 GEARAspiWDM - ok
13:08:57.0103 17388 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
13:08:57.0103 17388 GoToAssist - ok
13:08:57.0151 17388 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:08:57.0156 17388 gpsvc - ok
13:08:57.0189 17388 [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
13:08:57.0190 17388 grmnusb - ok
13:08:57.0231 17388 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:08:57.0232 17388 gupdate - ok
13:08:57.0242 17388 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:08:57.0243 17388 gupdatem - ok
13:08:57.0282 17388 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:08:57.0283 17388 gusvc - ok
13:08:57.0299 17388 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:08:57.0300 17388 hcw85cir - ok
13:08:57.0330 17388 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:08:57.0331 17388 HDAudBus - ok
13:08:57.0384 17388 [ EE8C05F926521A0E24EDAF40F45D01E6 ] HFGService C:\Windows\System32\HFGService.dll
13:08:57.0387 17388 HFGService - ok
13:08:57.0400 17388 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:08:57.0401 17388 HidBatt - ok
13:08:57.0422 17388 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:08:57.0423 17388 HidBth - ok
13:08:57.0448 17388 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:08:57.0449 17388 HidIr - ok
13:08:57.0469 17388 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
13:08:57.0470 17388 hidserv - ok
13:08:57.0508 17388 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
13:08:57.0509 17388 HidUsb - ok
13:08:57.0700 17388 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:08:58.0020 17388 hkmsvc - ok
13:08:58.0049 17388 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:08:58.0051 17388 HomeGroupListener - ok
13:08:58.0062 17388 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:08:58.0065 17388 HomeGroupProvider - ok
13:08:58.0094 17388 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:08:58.0095 17388 HpSAMD - ok
13:08:58.0139 17388 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:08:58.0143 17388 HTTP - ok
13:08:58.0155 17388 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:08:58.0155 17388 hwpolicy - ok
13:08:58.0175 17388 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:08:58.0175 17388 i8042prt - ok
13:08:58.0294 17388 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
13:08:58.0297 17388 iaStor - ok
13:08:58.0322 17388 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:08:58.0325 17388 iaStorV - ok
13:08:58.0358 17388 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:08:58.0362 17388 idsvc - ok
13:08:58.0485 17388 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20130509.001\IDSvia64.sys
13:08:58.0489 17388 IDSVia64 - ok
13:08:58.0511 17388 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:08:58.0511 17388 iirsp - ok
13:08:58.0537 17388 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:08:58.0541 17388 IKEEXT - ok
13:08:58.0645 17388 [ F2B52C7B1C8E6A4FC4C4564F4A421F23 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:08:58.0655 17388 IntcAzAudAddService - ok
13:08:58.0670 17388 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:08:59.0021 17388 intelide - ok
13:08:59.0098 17388 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:08:59.0099 17388 intelppm - ok
13:08:59.0120 17388 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:08:59.0122 17388 IPBusEnum - ok
13:08:59.0153 17388 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:08:59.0154 17388 IpFilterDriver - ok
13:08:59.0196 17388 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:08:59.0201 17388 iphlpsvc - ok
13:08:59.0231 17388 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:08:59.0232 17388 IPMIDRV - ok
13:08:59.0250 17388 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:08:59.0251 17388 IPNAT - ok
13:08:59.0316 17388 [ E94503089DF8976F5C4C9D5168E9765F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:08:59.0321 17388 iPod Service - ok
13:08:59.0331 17388 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:08:59.0332 17388 IRENUM - ok
13:08:59.0363 17388 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:08:59.0364 17388 isapnp - ok
13:08:59.0385 17388 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:08:59.0387 17388 iScsiPrt - ok
13:08:59.0400 17388 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
13:08:59.0401 17388 kbdclass - ok
13:08:59.0415 17388 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:08:59.0416 17388 kbdhid - ok
13:08:59.0426 17388 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:08:59.0427 17388 KeyIso - ok
13:08:59.0462 17388 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:08:59.0463 17388 KSecDD - ok
13:08:59.0491 17388 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:08:59.0493 17388 KSecPkg - ok
13:08:59.0500 17388 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:08:59.0501 17388 ksthunk - ok
13:08:59.0528 17388 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:08:59.0531 17388 KtmRm - ok
13:08:59.0562 17388 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
13:08:59.0564 17388 LanmanServer - ok
13:08:59.0598 17388 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:08:59.0601 17388 LanmanWorkstation - ok
13:08:59.0624 17388 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:08:59.0624 17388 lltdio - ok
13:08:59.0643 17388 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:09:00.0036 17388 lltdsvc - ok
13:09:00.0049 17388 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:09:00.0050 17388 lmhosts - ok
13:09:00.0063 17388 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:09:00.0064 17388 LSI_FC - ok
13:09:00.0075 17388 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:09:00.0076 17388 LSI_SAS - ok
13:09:00.0088 17388 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:09:00.0089 17388 LSI_SAS2 - ok
13:09:00.0115 17388 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:09:00.0116 17388 LSI_SCSI - ok
13:09:00.0132 17388 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:09:00.0133 17388 luafv - ok
13:09:00.0162 17388 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:09:00.0164 17388 Mcx2Svc - ok
13:09:00.0170 17388 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:09:00.0171 17388 megasas - ok
13:09:00.0184 17388 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:09:00.0186 17388 MegaSR - ok
13:09:00.0294 17388 [ C1C9061B7AFD36442058E13E5C3BCE21 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
13:09:00.0295 17388 MemeoBackgroundService - ok
13:09:00.0310 17388 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:09:00.0311 17388 MMCSS - ok
13:09:00.0323 17388 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:09:00.0324 17388 Modem - ok
13:09:00.0346 17388 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:09:00.0346 17388 monitor - ok
13:09:00.0361 17388 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
13:09:00.0362 17388 mouclass - ok
13:09:00.0381 17388 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:09:00.0382 17388 mouhid - ok
13:09:00.0409 17388 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:09:00.0410 17388 mountmgr - ok
13:09:00.0441 17388 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:09:00.0442 17388 mpio - ok
13:09:00.0457 17388 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:09:00.0458 17388 mpsdrv - ok
13:09:00.0579 17388 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:09:00.0585 17388 MpsSvc - ok
13:09:00.0617 17388 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:09:00.0967 17388 MRxDAV - ok
13:09:01.0037 17388 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:09:01.0038 17388 mrxsmb - ok
13:09:01.0072 17388 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:09:01.0074 17388 mrxsmb10 - ok
13:09:01.0085 17388 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:09:01.0086 17388 mrxsmb20 - ok
13:09:01.0120 17388 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:09:01.0121 17388 msahci - ok
13:09:01.0154 17388 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:09:01.0155 17388 msdsm - ok
13:09:01.0172 17388 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:09:01.0174 17388 MSDTC - ok
13:09:01.0198 17388 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:09:01.0199 17388 Msfs - ok
13:09:01.0207 17388 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:09:01.0207 17388 mshidkmdf - ok
13:09:01.0213 17388 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:09:01.0213 17388 msisadrv - ok
13:09:01.0242 17388 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:09:01.0244 17388 MSiSCSI - ok
13:09:01.0247 17388 msiserver - ok
13:09:01.0266 17388 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:09:01.0267 17388 MSKSSRV - ok
13:09:01.0271 17388 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:09:01.0272 17388 MSPCLOCK - ok
13:09:01.0284 17388 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:09:01.0285 17388 MSPQM - ok
13:09:01.0321 17388 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:09:01.0323 17388 MsRPC - ok
13:09:01.0335 17388 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:09:01.0336 17388 mssmbios - ok
13:09:01.0388 17388 MSSQL$MSSMLBIZ - ok
13:09:01.0418 17388 MSSQL$SQLEXPRESS - ok
13:09:01.0431 17388 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
13:09:01.0431 17388 MSSQLServerADHelper - ok
13:09:01.0491 17388 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
13:09:01.0491 17388 MSSQLServerADHelper100 - ok
13:09:01.0499 17388 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:09:01.0499 17388 MSTEE - ok
13:09:01.0515 17388 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:09:01.0516 17388 MTConfig - ok
13:09:01.0546 17388 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:09:01.0916 17388 Mup - ok
13:09:02.0182 17388 [ 241BD3019FB31E812A51B31B06906335 ] N360 C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe
13:09:02.0183 17388 N360 - ok
13:09:02.0216 17388 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:09:02.0220 17388 napagent - ok
13:09:02.0244 17388 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:09:02.0247 17388 NativeWifiP - ok
13:09:02.0329 17388 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130510.003\ENG64.SYS
13:09:02.0331 17388 NAVENG - ok
13:09:02.0370 17388 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130510.003\EX64.SYS
13:09:02.0381 17388 NAVEX15 - ok
13:09:02.0510 17388 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:09:02.0516 17388 NDIS - ok
13:09:02.0533 17388 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:09:02.0534 17388 NdisCap - ok
13:09:02.0560 17388 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:09:02.0918 17388 NdisTapi - ok
13:09:03.0000 17388 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:09:03.0001 17388 Ndisuio - ok
13:09:03.0043 17388 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:09:03.0044 17388 NdisWan - ok
13:09:03.0055 17388 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:09:03.0056 17388 NDProxy - ok
13:09:03.0071 17388 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:09:03.0072 17388 NetBIOS - ok
13:09:03.0104 17388 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:09:03.0106 17388 NetBT - ok
13:09:03.0114 17388 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:09:03.0115 17388 Netlogon - ok
13:09:03.0140 17388 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:09:03.0143 17388 Netman - ok
13:09:03.0225 17388 [ 7A233D169D5F03E202030C14C5BAF843 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.21006\SMSvcHost.exe
13:09:03.0226 17388 NetMsmqActivator - ok
13:09:03.0231 17388 [ 7A233D169D5F03E202030C14C5BAF843 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.21006\SMSvcHost.exe
13:09:03.0232 17388 NetPipeActivator - ok
13:09:03.0241 17388 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:09:03.0245 17388 netprofm - ok
13:09:03.0249 17388 [ 7A233D169D5F03E202030C14C5BAF843 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.21006\SMSvcHost.exe
13:09:03.0250 17388 NetTcpActivator - ok
13:09:03.0254 17388 [ 7A233D169D5F03E202030C14C5BAF843 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.21006\SMSvcHost.exe
13:09:03.0256 17388 NetTcpPortSharing - ok
13:09:03.0270 17388 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:09:03.0271 17388 nfrd960 - ok
13:09:03.0308 17388 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:09:03.0311 17388 NlaSvc - ok
13:09:03.0325 17388 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:09:03.0326 17388 Npfs - ok
13:09:03.0334 17388 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:09:03.0335 17388 nsi - ok
13:09:03.0347 17388 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:09:03.0347 17388 nsiproxy - ok
13:09:03.0399 17388 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:09:03.0408 17388 Ntfs - ok
13:09:03.0421 17388 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:09:03.0421 17388 Null - ok
13:09:03.0460 17388 [ AD37248BD442D41C9A896E53EB8A85EE ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
13:09:03.0461 17388 NVHDA - ok
13:09:03.0658 17388 [ 51BD7EF17F0B525994AD5B3748C8288B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:09:03.0712 17388 nvlddmkm - ok
13:09:03.0744 17388 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:09:03.0745 17388 nvraid - ok
13:09:03.0773 17388 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:09:03.0774 17388 nvstor - ok
13:09:03.0790 17388 [ FCE8537BF5D504680212D536A3BFE5E2 ] nvsvc C:\Windows\system32\nvvsvc.exe
13:09:03.0793 17388 nvsvc - ok
13:09:03.0806 17388 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:09:03.0807 17388 nv_agp - ok
13:09:03.0879 17388 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:09:03.0882 17388 odserv - ok
13:09:03.0911 17388 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:09:03.0912 17388 ohci1394 - ok
13:09:03.0929 17388 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:09:03.0930 17388 ose - ok
13:09:03.0964 17388 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:09:03.0967 17388 p2pimsvc - ok
13:09:03.0987 17388 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:09:03.0991 17388 p2psvc - ok
13:09:04.0002 17388 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:09:04.0003 17388 Parport - ok
13:09:04.0038 17388 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:09:04.0039 17388 partmgr - ok
13:09:04.0054 17388 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:09:04.0056 17388 PcaSvc - ok
13:09:04.0078 17388 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
13:09:04.0079 17388 pccsmcfd - ok
13:09:04.0095 17388 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:09:04.0097 17388 pci - ok
13:09:04.0111 17388 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:09:04.0112 17388 pciide - ok
13:09:04.0128 17388 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:09:04.0130 17388 pcmcia - ok
13:09:04.0254 17388 PCTINDIS5X64 - ok
13:09:04.0332 17388 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:09:04.0333 17388 pcw - ok
13:09:04.0349 17388 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:09:04.0353 17388 PEAUTH - ok
13:09:04.0399 17388 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:09:04.0408 17388 PeerDistSvc - ok
13:09:04.0464 17388 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:09:04.0466 17388 PerfHost - ok
13:09:04.0527 17388 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:09:04.0537 17388 pla - ok
13:09:04.0571 17388 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:09:04.0575 17388 PlugPlay - ok
13:09:04.0589 17388 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:09:04.0591 17388 PNRPAutoReg - ok
13:09:04.0605 17388 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:09:04.0608 17388 PNRPsvc - ok
13:09:04.0622 17388 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:09:04.0626 17388 PolicyAgent - ok
13:09:04.0645 17388 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:09:04.0648 17388 Power - ok
13:09:04.0688 17388 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:09:04.0689 17388 PptpMiniport - ok
13:09:04.0697 17388 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:09:04.0698 17388 Processor - ok
13:09:04.0733 17388 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:09:04.0736 17388 ProfSvc - ok
13:09:04.0746 17388 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:09:04.0747 17388 ProtectedStorage - ok
13:09:04.0788 17388 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:09:04.0789 17388 Psched - ok
13:09:04.0809 17388 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
13:09:04.0809 17388 PxHlpa64 - ok
13:09:04.0850 17388 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:09:04.0860 17388 ql2300 - ok
13:09:04.0876 17388 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:09:04.0877 17388 ql40xx - ok
13:09:04.0892 17388 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:09:04.0895 17388 QWAVE - ok
13:09:04.0908 17388 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:09:04.0909 17388 QWAVEdrv - ok
13:09:04.0967 17388 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
13:09:04.0968 17388 RapiMgr - ok
13:09:04.0979 17388 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:09:04.0979 17388 RasAcd - ok
13:09:04.0991 17388 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:09:04.0992 17388 RasAgileVpn - ok
13:09:05.0003 17388 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:09:05.0005 17388 RasAuto - ok
13:09:05.0039 17388 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:09:05.0040 17388 Rasl2tp - ok
13:09:05.0058 17388 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:09:05.0061 17388 RasMan - ok
13:09:05.0079 17388 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:09:05.0080 17388 RasPppoe - ok
13:09:05.0094 17388 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:09:05.0095 17388 RasSstp - ok
13:09:05.0127 17388 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:09:05.0129 17388 rdbss - ok
13:09:05.0139 17388 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:09:05.0140 17388 rdpbus - ok
13:09:05.0159 17388 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:09:05.0159 17388 RDPCDD - ok
13:09:05.0194 17388 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:09:05.0196 17388 RDPDR - ok
13:09:05.0216 17388 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:09:05.0217 17388 RDPENCDD - ok
13:09:05.0223 17388 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:09:05.0224 17388 RDPREFMP - ok
13:09:05.0250 17388 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:09:05.0252 17388 RDPWD - ok
13:09:05.0288 17388 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:09:05.0290 17388 rdyboost - ok
13:09:05.0391 17388 [ 44C1DAF7BEF42CDEF200A26A3BC44311 ] Remote Solver for Flow Simulation 2009 C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe
13:09:05.0393 17388 Remote Solver for Flow Simulation 2009 - ok
13:09:05.0413 17388 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:09:05.0415 17388 RemoteAccess - ok
13:09:05.0446 17388 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:09:05.0448 17388 RemoteRegistry - ok
13:09:05.0489 17388 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
13:09:05.0491 17388 RFCOMM - ok
13:09:05.0512 17388 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
13:09:05.0513 17388 RimUsb - ok
13:09:05.0581 17388 [ E0BEF062C8950B698E3D79DF432AD250 ] RoxLiveShare10 C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
13:09:05.0583 17388 RoxLiveShare10 - ok
13:09:05.0623 17388 [ 8475CEF8C9C7DE0918C61235ED06606A ] RoxMediaDB10 C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
13:09:05.0630 17388 RoxMediaDB10 - ok
13:09:05.0653 17388 [ 5AB029B4CF15E5FD7BBA73694856C477 ] RoxWatch10 C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
13:09:05.0654 17388 RoxWatch10 - ok
13:09:05.0666 17388 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:09:05.0667 17388 RpcEptMapper - ok
13:09:05.0676 17388 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:09:05.0677 17388 RpcLocator - ok
13:09:05.0709 17388 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
13:09:05.0714 17388 RpcSs - ok
13:09:05.0744 17388 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
13:09:05.0747 17388 RsFx0103 - ok
13:09:05.0776 17388 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:09:05.0777 17388 rspndr - ok
13:09:05.0818 17388 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:09:05.0821 17388 RTL8167 - ok
13:09:05.0852 17388 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
13:09:05.0852 17388 s3cap - ok
13:09:05.0856 17388 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:09:05.0858 17388 SamSs - ok
13:09:05.0934 17388 [ 99DF79C258B3342B6C8A5F802998DE56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
13:09:05.0934 17388 SASDIFSV - ok
13:09:05.0955 17388 [ 2859C35C0651E8EB0D86D48E740388F2 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
13:09:05.0955 17388 SASKUTIL - ok
13:09:05.0987 17388 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:09:05.0988 17388 sbp2port - ok
13:09:06.0003 17388 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:09:06.0006 17388 SCardSvr - ok
13:09:06.0035 17388 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:09:06.0036 17388 scfilter - ok
13:09:06.0084 17388 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:09:06.0092 17388 Schedule - ok
13:09:06.0124 17388 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:09:06.0125 17388 SCPolicySvc - ok
13:09:06.0151 17388 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:09:06.0154 17388 SDRSVC - ok
13:09:06.0203 17388 [ 2C542FB84B26459D437B22A9BC63C14D ] SeagateDashboardService C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
13:09:06.0203 17388 SeagateDashboardService - ok
13:09:06.0258 17388 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
13:09:06.0260 17388 SeaPort - ok
13:09:06.0284 17388 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:09:06.0284 17388 secdrv - ok
13:09:06.0295 17388 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:09:06.0298 17388 seclogon - ok
13:09:06.0312 17388 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
13:09:06.0314 17388 SENS - ok
13:09:06.0323 17388 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:09:06.0325 17388 SensrSvc - ok
13:09:06.0474 17388 [ 9F6490423AC3271E84A90A0DD9D30A3B ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys
13:09:06.0475 17388 Ser2pl - ok
13:09:06.0535 17388 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:09:06.0535 17388 Serenum - ok
13:09:06.0548 17388 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:09:06.0549 17388 Serial - ok
13:09:06.0573 17388 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:09:06.0574 17388 sermouse - ok
13:09:06.0644 17388 [ 3EC8DE67B1C78C31E54C0F030E6BD7D5 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
13:09:06.0648 17388 ServiceLayer - ok
13:09:06.0688 17388 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:09:06.0690 17388 SessionEnv - ok
13:09:06.0768 17388 SessionLauncher - ok
13:09:06.0794 17388 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:09:06.0794 17388 sffdisk - ok
13:09:06.0824 17388 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:09:06.0824 17388 sffp_mmc - ok
13:09:06.0841 17388 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:09:06.0842 17388 sffp_sd - ok
13:09:06.0850 17388 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:09:06.0851 17388 sfloppy - ok
13:09:06.0896 17388 [ DBEB7C353FB71E7D8B9ABCE62D93D590 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
13:09:06.0900 17388 SftService - ok
13:09:06.0936 17388 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:09:06.0939 17388 SharedAccess - ok
13:09:06.0951 17388 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:09:06.0955 17388 ShellHWDetection - ok
13:09:06.0966 17388 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:09:06.0966 17388 SiSRaid2 - ok
13:09:06.0979 17388 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:09:06.0980 17388 SiSRaid4 - ok
13:09:06.0996 17388 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:09:06.0997 17388 Smb - ok
13:09:07.0018 17388 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:09:07.0020 17388 SNMPTRAP - ok
13:09:07.0076 17388 [ 4945020BC094C322571184A6E8056B3A ] SolidWorks Licensing Service C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
13:09:07.0077 17388 SolidWorks Licensing Service - ok
13:09:07.0094 17388 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:09:07.0094 17388 spldr - ok
13:09:07.0112 17388 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:09:07.0117 17388 Spooler - ok
13:09:07.0205 17388 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:09:07.0227 17388 sppsvc - ok
13:09:07.0240 17388 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:09:07.0241 17388 sppuinotify - ok
13:09:07.0268 17388 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
13:09:07.0270 17388 sprtsvc_DellSupportCenter - ok
13:09:07.0327 17388 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
13:09:07.0330 17388 SQLAgent$SQLEXPRESS - ok
13:09:07.0359 17388 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
13:09:07.0360 17388 SQLBrowser - ok
13:09:07.0378 17388 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
13:09:07.0379 17388 SQLWriter - ok
13:09:07.0460 17388 [ 378A0748DE5ADF90BF9DB897DA8564E6 ] SRTSP C:\Windows\System32\Drivers\N360x64\1403010.016\SRTSP64.SYS
13:09:07.0465 17388 SRTSP - ok
13:09:07.0475 17388 [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX C:\Windows\system32\drivers\N360x64\1403010.016\SRTSPX64.SYS
13:09:07.0476 17388 SRTSPX - ok
13:09:07.0506 17388 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:09:07.0509 17388 srv - ok
13:09:07.0529 17388 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:09:07.0532 17388 srv2 - ok
13:09:07.0541 17388 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:09:07.0542 17388 srvnet - ok
13:09:07.0562 17388 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:09:07.0564 17388 SSDPSRV - ok
13:09:07.0576 17388 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:09:07.0578 17388 SstpSvc - ok
13:09:07.0600 17388 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:09:07.0600 17388 stexstor - ok
13:09:07.0645 17388 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:09:07.0650 17388 stisvc - ok
13:09:07.0678 17388 [ 5889618EEBD7D2FF13C30D73FCFF8CD0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
13:09:07.0678 17388 stllssvr - ok
13:09:07.0705 17388 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:09:07.0706 17388 storflt - ok
13:09:07.0731 17388 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
13:09:07.0733 17388 StorSvc - ok
13:09:07.0748 17388 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:09:07.0749 17388 storvsc - ok
13:09:07.0774 17388 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
13:09:07.0775 17388 swenum - ok
13:09:07.0793 17388 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:09:07.0798 17388 swprv - ok
13:09:07.0832 17388 [ E174C8BC572E93AEEE1036DEDAC5F225 ] SymDS C:\Windows\system32\drivers\N360x64\1403010.016\SYMDS64.SYS
13:09:07.0835 17388 SymDS - ok
13:09:07.0873 17388 [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA C:\Windows\system32\drivers\N360x64\1403010.016\SYMEFA64.SYS
13:09:07.0880 17388 SymEFA - ok
13:09:07.0931 17388 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
13:09:07.0933 17388 SymEvent - ok
13:09:07.0965 17388 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1403010.016\Ironx64.SYS
13:09:07.0966 17388 SymIRON - ok
13:09:07.0982 17388 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\System32\Drivers\N360x64\1403010.016\SYMNETS.SYS
13:09:07.0985 17388 SymNetS - ok
13:09:08.0033 17388 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:09:08.0044 17388 SysMain - ok
13:09:08.0074 17388 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:09:08.0076 17388 TabletInputService - ok
13:09:08.0096 17388 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:09:08.0099 17388 TapiSrv - ok
13:09:08.0121 17388 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:09:08.0123 17388 TBS - ok
13:09:08.0183 17388 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:09:08.0194 17388 Tcpip - ok
13:09:08.0241 17388 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:09:08.0252 17388 TCPIP6 - ok
13:09:08.0282 17388 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:09:08.0283 17388 tcpipreg - ok
13:09:08.0300 17388 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:09:08.0300 17388 TDPIPE - ok
13:09:08.0325 17388 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:09:08.0326 17388 TDTCP - ok
13:09:08.0359 17388 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:09:08.0361 17388 tdx - ok
13:09:08.0390 17388 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:09:08.0391 17388 TermDD - ok
13:09:08.0409 17388 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:09:08.0415 17388 TermService - ok
13:09:08.0420 17388 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:09:08.0423 17388 Themes - ok
13:09:08.0434 17388 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:09:08.0436 17388 THREADORDER - ok
13:09:08.0464 17388 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:09:08.0466 17388 TrkWks - ok
13:09:08.0581 17388 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:09:08.0583 17388 TrustedInstaller - ok
13:09:08.0670 17388 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:09:08.0671 17388 tssecsrv - ok
13:09:08.0736 17388 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:09:08.0737 17388 TsUsbFlt - ok
13:09:08.0770 17388 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:09:08.0772 17388 tunnel - ok
13:09:08.0783 17388 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:09:08.0784 17388 uagp35 - ok
13:09:08.0801 17388 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:09:08.0803 17388 udfs - ok
13:09:08.0823 17388 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:09:08.0825 17388 UI0Detect - ok
13:09:08.0845 17388 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:09:08.0846 17388 uliagpkx - ok
13:09:08.0867 17388 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
13:09:08.0868 17388 umbus - ok
13:09:08.0889 17388 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:09:08.0889 17388 UmPass - ok
13:09:08.0906 17388 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
13:09:08.0909 17388 UmRdpService - ok
13:09:08.0921 17388 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:09:08.0925 17388 upnphost - ok
13:09:08.0935 17388 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:09:08.0937 17388 usbccgp - ok
13:09:08.0964 17388 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:09:08.0965 17388 usbcir - ok
13:09:08.0980 17388 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:09:08.0981 17388 usbehci - ok
13:09:08.0992 17388 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:09:08.0994 17388 usbhub - ok
13:09:09.0008 17388 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:09:09.0008 17388 usbohci - ok
13:09:09.0020 17388 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:09:09.0021 17388 usbprint - ok
13:09:09.0036 17388 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:09:09.0037 17388 USBSTOR - ok
13:09:09.0048 17388 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:09:09.0049 17388 usbuhci - ok
13:09:09.0087 17388 [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
13:09:09.0087 17388 usb_rndisx - ok
13:09:09.0110 17388 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:09:09.0112 17388 UxSms - ok
13:09:09.0124 17388 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:09:09.0126 17388 VaultSvc - ok
13:09:09.0137 17388 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:09:09.0138 17388 vdrvroot - ok
13:09:09.0177 17388 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:09:09.0182 17388 vds - ok
13:09:09.0187 17388 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:09:09.0188 17388 vga - ok
13:09:09.0201 17388 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:09:09.0202 17388 VgaSave - ok
13:09:09.0237 17388 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:09:09.0239 17388 vhdmp - ok
13:09:09.0253 17388 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:09:09.0253 17388 viaide - ok
13:09:09.0270 17388 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:09:09.0272 17388 vmbus - ok
13:09:09.0288 17388 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
13:09:09.0288 17388 VMBusHID - ok
13:09:09.0302 17388 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:09:09.0303 17388 volmgr - ok
13:09:09.0335 17388 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:09:09.0337 17388 volmgrx - ok
13:09:09.0349 17388 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:09:09.0351 17388 volsnap - ok
13:09:09.0368 17388 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:09:09.0370 17388 vsmraid - ok
13:09:09.0402 17388 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:09:09.0413 17388 VSS - ok
13:09:09.0425 17388 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:09:09.0426 17388 vwifibus - ok
13:09:09.0453 17388 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:09:09.0457 17388 W32Time - ok
13:09:09.0470 17388 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:09:09.0471 17388 WacomPen - ok
13:09:09.0496 17388 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:09:09.0497 17388 WANARP - ok
13:09:09.0501 17388 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:09:09.0501 17388 Wanarpv6 - ok
13:09:09.0555 17388 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:09:09.0563 17388 WatAdminSvc - ok
13:09:09.0600 17388 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:09:09.0610 17388 wbengine - ok
13:09:09.0624 17388 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:09:09.0627 17388 WbioSrvc - ok
13:09:09.0674 17388 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
13:09:09.0677 17388 WcesComm - ok
13:09:09.0691 17388 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:09:09.0695 17388 wcncsvc - ok
13:09:09.0705 17388 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:09:09.0707 17388 WcsPlugInService - ok
13:09:09.0722 17388 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:09:09.0722 17388 Wd - ok
13:09:09.0767 17388 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:09:09.0772 17388 Wdf01000 - ok
13:09:09.0784 17388 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:09:09.0787 17388 WdiServiceHost - ok
13:09:09.0791 17388 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:09:09.0793 17388 WdiSystemHost - ok
13:09:09.0800 17388 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:09:09.0803 17388 WebClient - ok
13:09:09.0821 17388 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:09:09.0824 17388 Wecsvc - ok
13:09:09.0832 17388 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:09:09.0834 17388 wercplsupport - ok
13:09:09.0851 17388 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:09:09.0854 17388 WerSvc - ok
13:09:09.0878 17388 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:09:09.0878 17388 WfpLwf - ok
13:09:09.0903 17388 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
13:09:09.0905 17388 WimFltr - ok
13:09:09.0916 17388 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:09:09.0917 17388 WIMMount - ok
13:09:09.0956 17388 WinDefend - ok
13:09:09.0963 17388 WinHttpAutoProxySvc - ok
13:09:10.0015 17388 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:09:10.0016 17388 Winmgmt - ok
13:09:10.0059 17388 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:09:10.0073 17388 WinRM - ok
13:09:10.0124 17388 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:09:10.0125 17388 WinUsb - ok
13:09:10.0148 17388 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:09:10.0155 17388 Wlansvc - ok
13:09:10.0192 17388 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:09:10.0193 17388 wlcrasvc - ok
13:09:10.0266 17388 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:09:10.0280 17388 wlidsvc - ok
13:09:10.0303 17388 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:09:10.0304 17388 WmiAcpi - ok
13:09:10.0319 17388 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:09:10.0320 17388 wmiApSrv - ok
13:09:10.0323 17388 WMPNetworkSvc - ok
13:09:10.0331 17388 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:09:10.0334 17388 WPCSvc - ok
13:09:10.0344 17388 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:09:10.0347 17388 WPDBusEnum - ok
13:09:10.0453 17388 [ 97959D374D4317D8FABB515BAE479D85 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.21006\WPF\WPFFontCache_v0400.exe
13:09:10.0459 17388 WPFFontCache_v0400 - ok
13:09:10.0478 17388 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:09:10.0479 17388 ws2ifsl - ok
13:09:10.0503 17388 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(1) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
13:09:10.0504 17388 WsAudio_DeviceS(1) - ok
13:09:10.0517 17388 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(2) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
13:09:10.0518 17388 WsAudio_DeviceS(2) - ok
13:09:10.0533 17388 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(3) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys
13:09:10.0534 17388 WsAudio_DeviceS(3) - ok
13:09:10.0562 17388 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(4) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys
13:09:10.0563 17388 WsAudio_DeviceS(4) - ok
13:09:10.0589 17388 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(5) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys
13:09:10.0590 17388 WsAudio_DeviceS(5) - ok
13:09:10.0616 17388 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
13:09:10.0619 17388 wscsvc - ok
13:09:10.0623 17388 WSearch - ok
13:09:10.0686 17388 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:09:10.0702 17388 wuauserv - ok
13:09:10.0812 17388 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:09:10.0813 17388 WudfPf - ok
13:09:10.0939 17388 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:09:10.0941 17388 WUDFRd - ok
13:09:10.0972 17388 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:09:10.0975 17388 wudfsvc - ok
13:09:10.0994 17388 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:09:10.0997 17388 WwanSvc - ok
13:09:11.0038 17388 [ 8099B6FC8F02233EBB778A7E229F4165 ] XMouseButton Launcher C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe
13:09:11.0039 17388 XMouseButton Launcher - ok
13:09:11.0053 17388 ================ Scan global ===============================
13:09:11.0072 17388 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:09:11.0102 17388 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:09:11.0110 17388 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:09:11.0126 17388 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:09:11.0172 17388 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:09:11.0176 17388 [Global] - ok
13:09:11.0176 17388 ================ Scan MBR ==================================
13:09:11.0184 17388 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:09:11.0413 17388 \Device\Harddisk0\DR0 - ok
13:09:11.0428 17388 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
13:09:11.0522 17388 \Device\Harddisk1\DR1 - ok
13:09:11.0527 17388 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk6\DR6
13:09:11.0662 17388 \Device\Harddisk6\DR6 - ok
13:09:11.0663 17388 ================ Scan VBR ==================================
13:09:11.0665 17388 [ 517A1438786A6587C95D5D74EF52C4E8 ] \Device\Harddisk0\DR0\Partition1
13:09:11.0667 17388 \Device\Harddisk0\DR0\Partition1 - ok
13:09:11.0680 17388 [ 8CFC64181C03AF3729AA1DCAF39FE810 ] \Device\Harddisk0\DR0\Partition2
13:09:11.0682 17388 \Device\Harddisk0\DR0\Partition2 - ok
13:09:11.0686 17388 [ 89AE92F43C09C1D25590EAF6BE7437B8 ] \Device\Harddisk6\DR6\Partition1
13:09:11.0688 17388 \Device\Harddisk6\DR6\Partition1 - ok
13:09:11.0688 17388 ============================================================
13:09:11.0688 17388 Scan finished
13:09:11.0688 17388 ============================================================
13:09:11.0697 29744 Detected object count: 0
13:09:11.0698 29744 Actual detected object count: 0

 

ComboFix Report:

 

 

ComboFix 13-05-10.03 - Brooks 05/10/2013 11:31:03.3.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8191.4969 [GMT -5:00]
Running from: c:\users\Brooks\Desktop\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((( Files Created from 2013-04-10 to 2013-05-10 )))))))))))))))))))))))))))))))
.
.
2013-05-10 16:38 . 2013-05-10 16:38 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-05-10 16:38 . 2013-05-10 16:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-10 16:38 . 2013-05-10 16:38 -------- d-----w- c:\users\CURRENT_USER\AppData\Local\temp
2013-04-29 16:29 . 2013-04-30 19:24 -------- d-----w- c:\users\Brooks\AppData\Local\CrashDumps
2013-04-24 11:50 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-22 14:38 . 2013-04-22 14:38 27256 ----a-w- c:\windows\system32\drivers\FixZeroAccess.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-11 08:06 . 2009-12-10 21:58 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-21 17:54 . 2013-03-21 17:54 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-03-19 06:04 . 2013-04-10 11:22 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 11:22 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 11:22 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 11:22 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 11:22 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 11:22 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-13 13:52 . 2012-04-13 12:10 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-13 13:52 . 2011-08-19 12:55 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-01 03:36 . 2013-04-10 11:23 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-15 06:08 . 2013-04-10 11:23 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-02-15 06:06 . 2013-04-10 11:23 3717632 ----a-w- c:\windows\system32\mstscax.dll
2013-02-15 06:02 . 2013-04-10 11:23 158720 ----a-w- c:\windows\system32\aaclient.dll
2013-02-15 04:37 . 2013-04-10 11:23 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-02-15 04:34 . 2013-04-10 11:23 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-02-15 03:25 . 2013-04-10 11:23 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-02-12 05:45 . 2013-03-13 08:26 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 08:26 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 08:26 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 08:26 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 08:26 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 08:26 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 04:12 . 2013-03-26 00:49 19968 ----a-w- c:\windows\system32\drivers\usb8023x.sys
2013-02-12 04:12 . 2013-03-26 00:49 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1d053bb5-c922-44e3-9910-66585f017505}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\FreemakeGold\prxtbFree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}]
2012-08-08 12:32 250472 ----a-w- c:\program files (x86)\blekko\spamfreesearch\1.6.9.1\bh\spamfreesearch.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-01-03 22:31 1514152 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
"{EECF410C-006C-4A05-AD13-6741A0814DBF}"= "c:\program files (x86)\blekko\spamfreesearch\1.6.9.1\spamfreesearchTlbr.dll" [2012-08-08 276072]
"{1d053bb5-c922-44e3-9910-66585f017505}"= "c:\program files (x86)\FreemakeGold\prxtbFree.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{eecf410c-006c-4a05-ad13-6741a0814dbf}]
[HKEY_CLASSES_ROOT\spamfreesearch.dskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\spamfreesearch.dskBnd]
.
[HKEY_CLASSES_ROOT\clsid\{1d053bb5-c922-44e3-9910-66585f017505}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-11 39408]
"FBackup Scheduler"="" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2009-06-10 244208]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"Google Quick Search Box"="c:\program files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-12-11 122880]
"SolidWorks_CheckForUpdates"="c:\program files (x86)\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe" [2008-09-15 7218472]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-11-18 421160]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Memeo Instant Backup"="c:\program files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe" [2010-07-08 136416]
"Memeo AutoSync"="c:\program files (x86)\Memeo\AutoSync\MemeoLauncher2.exe" [2010-04-16 144608]
"Seagate Dashboard"="c:\program files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-06-01 79112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe" [2009-08-17 165104]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-01-11 100864]
R2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2009-06-10 166384]
R2 SessionLauncher;SessionLauncher;c:\users\Brooks\AppData\Local\Temp\DX9\SessionLauncher.exe [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [2010-04-29 32768]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 BthAudioHF;BthAudioHF Service;c:\windows\system32\DRIVERS\BthAudioHF.sys [2009-12-21 52224]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
R3 clr_optimization_v4.0.21006_32;Microsoft .NET Framework NGEN v4.0.21006_X86;c:\windows\Microsoft.NET\Framework\v4.0.21006\mscorsvw.exe [2009-10-07 129856]
R3 clr_optimization_v4.0.21006_64;Microsoft .NET Framework NGEN v4.0.21006_X64;c:\windows\Microsoft.NET\Framework64\v4.0.21006\mscorsvw.exe [2009-10-07 138560]
R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2008-09-09 79144]
R3 csr_a2dp;Bluetooth AV Profile;c:\windows\system32\drivers\bthav.sys [2009-12-21 78848]
R3 EuDisk;EASEUS Disk Enumerator;c:\windows\system32\DRIVERS\EuDisk.sys [2009-12-02 137608]
R3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;c:\windows\system32\PCTINDIS5X64.SYS [x]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-10 1124848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-30 1255736]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2010-04-13 29288]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2010-04-13 29288]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2010-04-13 29288]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2010-04-13 29288]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2010-04-13 29288]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RoxLiveShare10;LiveShare P2P Server 10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2009-06-10 309744]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-03-04 55856]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1403010.016\SYMDS64.SYS [2013-01-22 493656]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1403010.016\SYMEFA64.SYS [2013-01-31 1139800]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20130502.001\BHDrvx64.sys [2013-04-12 1390680]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1403010.016\ccSetx64.sys [2012-11-16 168096]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20130509.001\IDSvia64.sys [2013-03-20 513184]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1403010.016\Ironx64.SYS [2012-11-16 224416]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1403010.016\SYMNETS.SYS [2013-01-31 432800]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-03-31 92160]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
S2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2010-07-08 25824]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe [2012-12-24 144520]
S2 Remote Solver for Flow Simulation 2009;Remote Solver for Flow Simulation 2009;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [2008-09-03 248104]
S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-06-01 14088]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2009-08-17 656624]
S2 XMouseButton Launcher;XMouseButton Launcher;c:\program files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe [2010-03-28 84480]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-03-20 138912]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 90594326
*Deregistered* - 90594326
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 04:44 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 13:52]
.
2013-05-09 c:\windows\Tasks\fba_New Backup(1).job
- c:\program files (x86)\Softland\FBackup 4\fbaSchedStarter.exe [2010-03-08 16:56]
.
2013-05-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-11 16:31]
.
2013-05-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-11 16:31]
.
2013-05-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1573257160-1653632105-873568818-1003Core.job
- c:\users\Brooks\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-31 15:12]
.
2013-05-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1573257160-1653632105-873568818-1003UA.job
- c:\users\Brooks\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-31 15:12]
.
2013-05-05 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~2\SMARTD~1\Messages\SDNotify.exe [2012-08-22 18:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-06-03 7834656]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [BU]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-26 16327712]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 172.29.135.19
DPF: {12545791-AC9A-44B2-8964-0DA216C4A4E5} - hxxp://wago.partcommunity.com/PARTcommunity/static/all/cnsViewer3D/cnsweb3d.cab
DPF: {9B479D7B-916A-45B0-B042-D42865A60E21} - hxxp://trophycam.myq-see.com/DvrOcx.cab
DPF: {FAA26872-BB40-4AB2-8A6D-A49183581AAA} - hxxp://70.167.100.164/user/TSBnwCam.CAB
DPF: {FE92D9C3-4A69-4EC7-8651-1DC8531D0075} - hxxp://24.97.183.50/user/TSBnwCam.CAB
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{1D053BB5-C922-44E3-9910-66585F017505} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\20.3.1.22\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-05-10 11:42:25
ComboFix-quarantined-files.txt 2013-05-10 16:42
ComboFix2.txt 2012-08-03 13:44
ComboFix3.txt 2012-08-02 20:14
.
Pre-Run: 588,161,269,760 bytes free
Post-Run: 588,069,236,736 bytes free
.
- - End Of File - - 7E1EB16161E4C423C0770F2643F693DE



#8 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:56 PM

Posted 10 May 2013 - 03:43 PM

Please run the following:

Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Right-mouse click JRT.exe and select Run as administrator
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

NEXT


Download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Delete
  • Once done it will ask to reboot, allow the reboot
  • On reboot a log will be produced, please attach the content of the log to your next reply
NEXT
  • Please open your MalwareBytes AntiMalware Program
  • Click the Update Tab and search for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected. <-- very important
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



NEXT


Go here to run an online scanner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activeX control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan completes, press the LIST OF THREATS FOUND button
  • Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
  • Include the contents of this report in your next reply.
  • Press the BACK button.
  • Press Finish

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#9 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:56 PM

Posted 17 May 2013 - 04:56 PM

do you still need help with your machine?

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#10 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:56 PM

Posted 09 June 2013 - 07:30 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#11 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:56 PM

Posted 09 June 2013 - 07:30 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#12 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:56 PM

Posted 09 June 2013 - 07:31 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users