Jump to content

Droolsport

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

0 Neutral
  1. ran it again same results ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK
  2. ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK
  3. Performed all steps. Proxy server was not active. Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Database version: 5315 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 12/14/2010 9:19:13 PM mbam-log-2010-12-14 (21-19-13).txt Scan type: Full scan (C:\|) Objects scanned: 299095 Time elapsed: 51 minute(s), 36 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FE4C2C37-EDC8-4C00-B864-3C38CF3BA834} (Adware.Adshot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3f6555c4-0a24-11dc-8314-0800200c9a66} (Rogue.PcMightyMax) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\Users\Eric\AppData\Roaming\dwm.exe (Trojan.FakeAV) -> Quarantined and deleted successfully. Still not able to run Trend Antivirus protection Thanks for all the help Eric
  4. finally got the Combofix to run. Nothing to report. Got the blue screen then nothing happened and it closed itself. No log. Everything seems to be working normal except for a pop up antivirus that slides up from the task bar. I can exit it and it goes away for a few hours. Doesnt seem to affect computer. It may be from one of the many antivirus apps I have downloaded. I am still unable to turn on my Trend antivirus software for future protection. Eric
  5. When I try to run Combofix again I get a warning that I have a corrupt version. I tried to re-load the software from both sources and got the same warning when I try to launch it.
  6. Followed instructions above. No log created. Computer seem normal however I cannot run my normal antivirus software for protection.
  7. Computer seems to be running normal. I do have a warning that I need to change my security settings. ComboFix 10-12-09.04 - Eric 12/10/2010 16:59:38.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3964.2112 [GMT -7:00] Running from: c:\users\Jennifer\Desktop\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\install.exe c:\users\Eric\.COMMgr c:\users\Eric\AppData\Local\{707DEC27-9DED-40AC-9B38-271B9A741BBD} c:\users\Eric\AppData\Local\{707DEC27-9DED-40AC-9B38-271B9A741BBD}\chrome.manifest c:\users\Eric\AppData\Local\{707DEC27-9DED-40AC-9B38-271B9A741BBD}\chrome\content\_cfg.js c:\users\Eric\AppData\Local\{707DEC27-9DED-40AC-9B38-271B9A741BBD}\chrome\content\overlay.xul c:\users\Eric\AppData\Local\{707DEC27-9DED-40AC-9B38-271B9A741BBD}\install.rdf c:\users\Jennifer\Desktop\Internet Explorer.lnk c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . Failed to delete c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . Failed to delete . ((((((((((((((((((((((((( Files Created from 2010-11-11 to 2010-12-11 ))))))))))))))))))))))))))))))) . 2010-12-11 04:22 . 2010-12-11 04:22 -------- d-----w- c:\users\Jennifer\AppData\Local\Apple Computer 2010-12-11 04:18 . 2010-12-11 04:18 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-12-10 19:54 . 2010-12-10 19:54 -------- d-----w- c:\users\Jennifer\AppData\Local\Threat Expert 2010-12-10 17:37 . 2010-12-10 20:00 -------- d-----w- c:\users\Jennifer\AppData\Local\Adobe 2010-12-10 04:23 . 2010-12-10 05:55 139776 ----a-w- c:\users\Eric\AppData\Roaming\dwm.exe 2010-12-10 04:04 . 2010-12-10 04:04 -------- d-----w- c:\programdata\WinZipSE 2010-12-10 04:04 . 2010-12-10 04:04 -------- d-----w- c:\program files (x86)\WinZip Self-Extractor 2010-12-08 04:50 . 2010-12-08 04:47 105552 ----a-w- c:\windows\system32\drivers\tmtdi.sys 2010-12-08 04:50 . 2010-12-08 04:47 90704 ----a-w- c:\windows\system32\drivers\tmactmon.sys 2010-12-08 04:50 . 2010-12-08 04:47 67664 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys 2010-12-08 04:50 . 2010-12-08 04:47 144464 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2010-12-08 04:42 . 2010-12-08 04:41 232272 ----a-w- c:\windows\TmNSCIns.dll 2010-12-08 04:42 . 2010-12-08 04:41 525792 ----a-w- c:\windows\DIFxAPI.dll 2010-12-08 04:38 . 2010-12-08 04:38 -------- d-----w- c:\users\Jennifer\AppData\Roaming\PCMM2009 2010-12-08 04:32 . 2010-12-08 04:48 -------- d-----w- C:\temp 2010-12-08 04:09 . 2010-12-08 04:09 388096 ----a-r- c:\users\Jennifer\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-12-08 04:09 . 2010-12-08 04:09 -------- d-----w- c:\program files (x86)\Trend Micro 2010-12-08 03:05 . 2010-12-08 03:05 -------- d-----w- c:\programdata\ParetoLogic 2010-12-08 03:05 . 2010-12-08 03:05 -------- d-----w- c:\programdata\FileCure 2010-12-08 03:05 . 2010-12-08 03:05 -------- d-----w- c:\program files (x86)\Common Files\ParetoLogic 2010-12-08 03:05 . 2010-12-08 03:05 -------- d-----w- c:\program files (x86)\ParetoLogic 2010-12-08 03:01 . 2010-12-08 03:01 -------- d-----w- c:\users\Eric\AppData\Roaming\licenses 2010-12-08 03:01 . 2010-12-08 03:03 -------- d-----w- c:\users\Eric\AppData\Roaming\PCMM2009 2010-12-08 03:01 . 2010-12-08 03:01 -------- d-----w- c:\users\Eric\AppData\Roaming\PCMM2010 2010-12-08 03:00 . 2010-12-08 03:01 -------- d-----w- c:\program files (x86)\PC MightyMax 2010 2010-12-08 02:59 . 2010-12-08 02:59 -------- d-----w- c:\program files (x86)\RegWork 2010-12-07 02:57 . 2010-12-08 04:49 -------- d-----w- c:\program files\Trend Micro 2010-12-02 17:22 . 2010-12-02 17:22 -------- d-----w- c:\programdata\V CAST Media Manager 2010-12-02 17:18 . 2010-12-02 17:29 -------- d-----w- c:\users\Eric\AppData\Roaming\vlc 2010-12-02 17:18 . 2010-12-02 17:18 -------- d-----w- c:\programdata\Verizon 2010-12-02 17:17 . 2010-12-02 17:48 -------- d-----w- c:\users\Eric\AppData\Local\V CAST Media Manager 2010-12-02 17:16 . 2010-12-02 17:16 -------- d-----w- c:\program files\Motorola Inc 2010-12-02 17:15 . 2008-12-18 02:22 57344 ----a-w- c:\windows\SysWow64\ff_vfw.dll 2010-12-02 17:15 . 2008-12-11 20:26 60273 ----a-w- c:\windows\SysWow64\pthreadGC2.dll 2010-12-02 17:15 . 2010-12-02 17:15 -------- d-----w- c:\program files (x86)\ffdshow 2010-12-02 17:14 . 2010-12-02 17:18 -------- d-----w- c:\program files\Verizon V CAST Media Manager 2010-11-23 22:43 . 2010-10-19 08:47 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll 2010-11-23 22:43 . 2010-10-19 08:10 7680 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-30 00:42 . 2010-07-23 20:03 24152 ----a-w- c:\windows\system32\drivers\mbam.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MyTOSHIBA"="c:\program files (x86)\Toshiba\My Toshiba\MyToshiba.exe" [2009-08-06 264048] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-04 39408] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2010-05-14 26192168] "HLBackupScheduler"="c:\program files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe" [2010-11-18 5251720] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "TWebCamera"="%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun" [X] "NortonOnlineBackupReminder"="c:\program files (x86)\Toshiba\Toshiba Online Backup\Activation\TobuActivation.exe" [2009-07-16 529256] "ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-08-17 1294136] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2009-11-11 417792] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-02-16 141608] "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2010-02-18 177472] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] "ISTray"="c:\program files (x86)\Spyware Doctor\pctsTray.exe" [2010-07-23 1287120] "TkBellExe"="c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe" [2010-08-08 202256] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] c:\users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech . Product Registration.lnk - c:\program files\Logitech\Logitech WebCam Software\eReg.exe [2009-10-14 517384] PMB Media Check Tool.lnk - c:\program files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-12-6 333088] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-07 135664] R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [2009-07-10 31744] R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [2009-01-30 6144] R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704] R3 LVUVC64;Logitech Webcam 200(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288] R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x] R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2009-01-30 9216] R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [2010-04-01 26624] R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [2010-01-26 10240] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-08-06 222208] R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x] R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-20 1255736] S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [2010-07-23 233488] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2007-10-24 53488] S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x] S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592] S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-11 248688] S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-15 42368] S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448] S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 191000] S2 lxdu_device;lxdu_device;c:\windows\system32\lxducoms.exe [2009-10-16 1039360] S2 MotoConnect Service;MotoConnect Service;c:\program files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [2010-06-24 91456] S2 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840] S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-12-08 67664] S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-08-11 252272] S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472] S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216] S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232] S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-23 35008] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-07-31 236544] S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2009-08-27 942080] S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-09-17 137560] S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224] --- Other Services/Drivers In Memory --- *Deregistered* - PCTSDInjDriver64 [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}] 2009-08-06 16:15 264048 ----a-w- c:\program files (x86)\Toshiba\My Toshiba\MyToshiba.exe . Contents of the 'Scheduled Tasks' folder 2010-12-11 c:\windows\Tasks\AWC Startup.job - c:\program files (x86)\IObit\Advanced SystemCare 3\AWC.exe [2010-07-01 22:10] 2010-12-08 c:\windows\Tasks\FileCure Default.job - c:\program files (x86)\ParetoLogic\FileCure\FileCure.exe [2010-10-12 17:21] 2010-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-07 02:14] 2010-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-07 02:14] 2010-12-11 c:\windows\Tasks\ParetoLogic Registration3.job - c:\windows\system32\rundll32.exe [2009-07-13 01:14] 2010-12-10 c:\windows\Tasks\ParetoLogic Update Version3.job - c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-08-04 18:19] . --------- x86-64 ----------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 165912] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 387608] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 365592] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-29 7982112] "TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-09-17 709976] "PC MightyMax 2010 Tray Icon"="c:\program files (x86)\PC MightyMax 2010\TrayIcon.exe" [2010-01-24 122368] "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-12-08 192008] "Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2010-12-08 1062224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "000_TmTdiUninstall"="c:\windows\TmNSCIns.dll" [2010-12-08 232272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ig?hl=en mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyServer = http=127.0.0.1:43902 uInternet Settings,ProxyOverride = <local> IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://remoteaccess.caremark.com/dana-cached/sc/JuniperSetupClient.cab . - - - - ORPHANS REMOVED - - - - Toolbar-Locked - (no file) Toolbar-Locked - (no file) HKLM-Run-(Default) - (no file) HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe HKLM-Run-TPwrMain - %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE HKLM-Run-HSON - %ProgramFiles%\TOSHIBA\TBS\HSON.exe HKLM-Run-SmoothView - %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe HKLM-Run-00TCrdMain - %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe HKLM-Run-TosWaitSrv - %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe HKLM-Run-Teco - %ProgramFiles%\TOSHIBA\TECO\Teco.exe HKLM-Run-SmartFaceVWatcher - %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files (x86)\Bonjour\mDNSResponder.exe c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe c:\program files (x86)\Spyware Doctor\pctsSvc.exe c:\program files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe c:\program files (x86)\Motorola\MotoConnectService\MotoConnect.exe . ************************************************************************** . Completion time: 2010-12-10 21:31:00 - machine was rebooted ComboFix-quarantined-files.txt 2010-12-11 04:30 Pre-Run: 244,517,253,120 bytes free Post-Run: 244,716,597,248 bytes free - - End Of File - - 6E96C6823B77A9DAFCF8065ADD80B926
  8. Found it 2010/12/09 21:16:17.0033 TDSS rootkit removing tool 2.4.11.0 Dec 8 2010 14:46:40 2010/12/09 21:16:17.0033 ================================================================================ 2010/12/09 21:16:17.0034 SystemInfo: 2010/12/09 21:16:17.0034 2010/12/09 21:16:17.0034 OS Version: 6.1.7600 ServicePack: 0.0 2010/12/09 21:16:17.0034 Product type: Workstation 2010/12/09 21:16:17.0034 ComputerName: ERIC-PC 2010/12/09 21:16:17.0034 UserName: Eric 2010/12/09 21:16:17.0034 Windows directory: C:\windows 2010/12/09 21:16:17.0035 System windows directory: C:\windows 2010/12/09 21:16:17.0035 Running under WOW64 2010/12/09 21:16:17.0035 Processor architecture: Intel x64 2010/12/09 21:16:17.0035 Number of processors: 2 2010/12/09 21:16:17.0035 Page size: 0x1000 2010/12/09 21:16:17.0035 Boot type: Normal boot 2010/12/09 21:16:17.0035 ================================================================================ 2010/12/09 21:16:17.0035 Utility is running under WOW64 2010/12/09 21:16:17.0489 Initialize success 2010/12/09 21:16:23.0535 ================================================================================ 2010/12/09 21:16:23.0535 Scan started 2010/12/09 21:16:23.0535 Mode: Manual; 2010/12/09 21:16:23.0535 ================================================================================ 2010/12/09 21:16:25.0652 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\windows\system32\DRIVERS\1394ohci.sys 2010/12/09 21:16:25.0779 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys 2010/12/09 21:16:25.0911 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys 2010/12/09 21:16:26.0071 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys 2010/12/09 21:16:26.0233 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys 2010/12/09 21:16:26.0378 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys 2010/12/09 21:16:26.0570 AFD (b9384e03479d2506bc924c16a3db87bc) C:\windows\system32\drivers\afd.sys 2010/12/09 21:16:26.0747 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\windows\system32\DRIVERS\agrsm64.sys 2010/12/09 21:16:26.0894 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys 2010/12/09 21:16:27.0040 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys 2010/12/09 21:16:27.0165 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys 2010/12/09 21:16:27.0285 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys 2010/12/09 21:16:27.0414 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys 2010/12/09 21:16:27.0579 amdsata (7a4b413614c055935567cf88a9734d38) C:\windows\system32\DRIVERS\amdsata.sys 2010/12/09 21:16:27.0722 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys 2010/12/09 21:16:27.0952 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\windows\system32\DRIVERS\amdxata.sys 2010/12/09 21:16:28.0098 androidusb (d69f1e9a944a5f46a494af901ed41118) C:\windows\system32\Drivers\motoandroid.sys 2010/12/09 21:16:28.0279 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys 2010/12/09 21:16:28.0448 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys 2010/12/09 21:16:28.0573 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys 2010/12/09 21:16:28.0717 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys 2010/12/09 21:16:28.0842 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys 2010/12/09 21:16:29.0149 atikmdag (3efd964d52221360af0673cd61c2f4f5) C:\windows\system32\DRIVERS\atikmdag.sys 2010/12/09 21:16:29.0443 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys 2010/12/09 21:16:29.0573 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys 2010/12/09 21:16:29.0717 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys 2010/12/09 21:16:29.0895 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys 2010/12/09 21:16:30.0017 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\windows\system32\DRIVERS\bowser.sys 2010/12/09 21:16:30.0146 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys 2010/12/09 21:16:30.0258 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys 2010/12/09 21:16:30.0405 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys 2010/12/09 21:16:30.0534 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys 2010/12/09 21:16:30.0657 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys 2010/12/09 21:16:30.0773 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys 2010/12/09 21:16:30.0923 BTCFilterService (ff7c57973eead140062238c5a0b7d455) C:\windows\system32\DRIVERS\motfilt.sys 2010/12/09 21:16:31.0044 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys 2010/12/09 21:16:31.0184 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys 2010/12/09 21:16:31.0304 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys 2010/12/09 21:16:31.0465 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys 2010/12/09 21:16:31.0572 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys 2010/12/09 21:16:31.0727 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys 2010/12/09 21:16:31.0839 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys 2010/12/09 21:16:31.0999 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\windows\system32\Drivers\cng.sys 2010/12/09 21:16:32.0148 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys 2010/12/09 21:16:32.0268 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys 2010/12/09 21:16:32.0419 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys 2010/12/09 21:16:32.0600 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\windows\system32\Drivers\dfsc.sys 2010/12/09 21:16:32.0743 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys 2010/12/09 21:16:32.0872 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys 2010/12/09 21:16:33.0030 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys 2010/12/09 21:16:33.0158 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\windows\System32\drivers\dxgkrnl.sys 2010/12/09 21:16:33.0374 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys 2010/12/09 21:16:33.0652 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys 2010/12/09 21:16:33.0778 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys 2010/12/09 21:16:33.0937 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys 2010/12/09 21:16:34.0080 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys 2010/12/09 21:16:34.0209 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys 2010/12/09 21:16:34.0343 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys 2010/12/09 21:16:34.0464 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys 2010/12/09 21:16:34.0588 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys 2010/12/09 21:16:34.0717 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys 2010/12/09 21:16:34.0851 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys 2010/12/09 21:16:34.0973 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys 2010/12/09 21:16:35.0140 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys 2010/12/09 21:16:35.0292 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\windows\system32\DRIVERS\FwLnk.sys 2010/12/09 21:16:35.0416 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys 2010/12/09 21:16:35.0554 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys 2010/12/09 21:16:35.0693 grmnusb (2ed7ff3e1ada4092632393781518b3a7) C:\windows\system32\drivers\grmnusb.sys 2010/12/09 21:16:35.0845 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys 2010/12/09 21:16:36.0011 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys 2010/12/09 21:16:36.0148 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys 2010/12/09 21:16:36.0266 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys 2010/12/09 21:16:36.0381 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys 2010/12/09 21:16:36.0499 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys 2010/12/09 21:16:36.0642 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys 2010/12/09 21:16:36.0803 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys 2010/12/09 21:16:36.0959 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys 2010/12/09 21:16:37.0088 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys 2010/12/09 21:16:37.0222 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys 2010/12/09 21:16:37.0385 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\windows\system32\DRIVERS\iaStor.sys 2010/12/09 21:16:37.0571 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\windows\system32\DRIVERS\iaStorV.sys 2010/12/09 21:16:37.0936 igfx (3c3f27002abc69c5afe29cbe6cf7addf) C:\windows\system32\DRIVERS\igdkmd64.sys 2010/12/09 21:16:38.0231 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys 2010/12/09 21:16:38.0415 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\windows\system32\drivers\RTKVHD64.sys 2010/12/09 21:16:38.0550 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys 2010/12/09 21:16:38.0682 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys 2010/12/09 21:16:38.0807 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys 2010/12/09 21:16:38.0940 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys 2010/12/09 21:16:39.0051 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys 2010/12/09 21:16:39.0184 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys 2010/12/09 21:16:39.0315 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys 2010/12/09 21:16:39.0442 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys 2010/12/09 21:16:39.0579 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys 2010/12/09 21:16:39.0690 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys 2010/12/09 21:16:39.0827 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\windows\system32\Drivers\ksecdd.sys 2010/12/09 21:16:39.0940 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\windows\system32\Drivers\ksecpkg.sys 2010/12/09 21:16:40.0061 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys 2010/12/09 21:16:40.0277 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys 2010/12/09 21:16:40.0433 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys 2010/12/09 21:16:40.0602 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys 2010/12/09 21:16:40.0768 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys 2010/12/09 21:16:40.0945 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys 2010/12/09 21:16:41.0178 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys 2010/12/09 21:16:41.0338 lvpopf64 (b2085e335f2b57077b0cbadb6f1245cd) C:\windows\system32\DRIVERS\lvpopf64.sys 2010/12/09 21:16:41.0484 LVPr2M64 (ded333dbdbbcc3555a6e6244522e2f1a) C:\windows\system32\DRIVERS\LVPr2M64.sys 2010/12/09 21:16:41.0528 LVPr2Mon (ded333dbdbbcc3555a6e6244522e2f1a) C:\windows\system32\DRIVERS\LVPr2M64.sys 2010/12/09 21:16:41.0679 LVRS64 (986c1cb787a007baa5f74e7d316d7246) C:\windows\system32\DRIVERS\lvrs64.sys 2010/12/09 21:16:42.0113 LVUVC64 (5747bc465abea2858c5d037252aed84e) C:\windows\system32\DRIVERS\lvuvc64.sys 2010/12/09 21:16:42.0469 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys 2010/12/09 21:16:42.0645 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys 2010/12/09 21:16:42.0827 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys 2010/12/09 21:16:43.0019 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys 2010/12/09 21:16:43.0353 motccgpfl (d51e009baeda07ebc107d49d224c2414) C:\windows\system32\DRIVERS\motccgpfl.sys 2010/12/09 21:16:43.0642 MotoSwitchService (ebd05f60cafc5bba2602b8d7101082d3) C:\windows\system32\DRIVERS\motswch.sys 2010/12/09 21:16:43.0799 Motousbnet (87701078c3f720ac7a028e937994cc49) C:\windows\system32\DRIVERS\Motousbnet.sys 2010/12/09 21:16:43.0971 motusbdevice (307727f9829fb46ff4be0e4d1dac5002) C:\windows\system32\DRIVERS\motusbdevice.sys 2010/12/09 21:16:44.0115 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys 2010/12/09 21:16:44.0260 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys 2010/12/09 21:16:44.0387 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys 2010/12/09 21:16:44.0516 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys 2010/12/09 21:16:44.0669 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys 2010/12/09 21:16:44.0823 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys 2010/12/09 21:16:44.0944 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\windows\system32\DRIVERS\mrxsmb.sys 2010/12/09 21:16:45.0203 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\windows\system32\DRIVERS\mrxsmb10.sys 2010/12/09 21:16:45.0366 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\windows\system32\DRIVERS\mrxsmb20.sys 2010/12/09 21:16:45.0524 msahci (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys 2010/12/09 21:16:45.0709 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys 2010/12/09 21:16:45.0934 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys 2010/12/09 21:16:46.0137 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys 2010/12/09 21:16:46.0345 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys 2010/12/09 21:16:46.0542 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys 2010/12/09 21:16:46.0688 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys 2010/12/09 21:16:46.0981 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys 2010/12/09 21:16:47.0141 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys 2010/12/09 21:16:47.0264 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys 2010/12/09 21:16:47.0404 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys 2010/12/09 21:16:47.0530 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys 2010/12/09 21:16:47.0728 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys 2010/12/09 21:16:47.0929 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys 2010/12/09 21:16:48.0082 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys 2010/12/09 21:16:48.0211 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys 2010/12/09 21:16:48.0363 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys 2010/12/09 21:16:48.0518 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys 2010/12/09 21:16:48.0633 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys 2010/12/09 21:16:48.0751 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys 2010/12/09 21:16:48.0785 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys 2010/12/09 21:16:48.0903 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys 2010/12/09 21:16:49.0060 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys 2010/12/09 21:16:49.0209 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys 2010/12/09 21:16:49.0329 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys 2010/12/09 21:16:49.0489 Ntfs (356698a13c4630d5b31c37378d469196) C:\windows\system32\drivers\Ntfs.sys 2010/12/09 21:16:49.0692 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys 2010/12/09 21:16:49.0837 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\windows\system32\DRIVERS\nvraid.sys 2010/12/09 21:16:49.0987 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\windows\system32\DRIVERS\nvstor.sys 2010/12/09 21:16:50.0112 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys 2010/12/09 21:16:50.0277 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys 2010/12/09 21:16:50.0421 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys 2010/12/09 21:16:50.0545 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys 2010/12/09 21:16:50.0700 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys 2010/12/09 21:16:50.0860 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys 2010/12/09 21:16:51.0003 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys 2010/12/09 21:16:51.0136 PCTCore (60f19af0a9a26851ad9bc2d981afbac6) C:\windows\system32\drivers\PCTCore64.sys 2010/12/09 21:16:51.0252 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys 2010/12/09 21:16:51.0373 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys 2010/12/09 21:16:51.0529 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys 2010/12/09 21:16:51.0701 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys 2010/12/09 21:16:51.0826 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys 2010/12/09 21:16:51.0997 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys 2010/12/09 21:16:52.0333 PxHlpa64 (46851bc18322da70f3f2299a1007c479) C:\windows\system32\Drivers\PxHlpa64.sys 2010/12/09 21:16:52.0536 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys 2010/12/09 21:16:52.0945 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys 2010/12/09 21:16:53.0079 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys 2010/12/09 21:16:53.0162 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys 2010/12/09 21:16:53.0356 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys 2010/12/09 21:16:53.0509 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys 2010/12/09 21:16:53.0640 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys 2010/12/09 21:16:53.0776 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys 2010/12/09 21:16:53.0910 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys 2010/12/09 21:16:54.0069 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys 2010/12/09 21:16:54.0244 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys 2010/12/09 21:16:54.0373 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys 2010/12/09 21:16:54.0496 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys 2010/12/09 21:16:54.0534 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\windows\system32\drivers\RDPWD.sys 2010/12/09 21:16:54.0689 rdyboost (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys 2010/12/09 21:16:54.0891 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys 2010/12/09 21:16:55.0025 RSUSBSTOR (8c22f21c924413d4e109995f748e18bb) C:\windows\system32\Drivers\RtsUStor.sys 2010/12/09 21:16:55.0152 RTL8167 (f65f171165fbb613f7aa3cc78e8cab42) C:\windows\system32\DRIVERS\Rt64win7.sys 2010/12/09 21:16:55.0291 RTL8187Se (3ec7911ed886dc5d8a9f70129254679c) C:\windows\system32\DRIVERS\RTL8187Se.sys 2010/12/09 21:16:55.0431 rtl8192se (a9ede191b5478d18f0a1bff3b822f7a5) C:\windows\system32\DRIVERS\rtl8192se.sys 2010/12/09 21:16:55.0568 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys 2010/12/09 21:16:55.0698 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys 2010/12/09 21:16:55.0843 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys 2010/12/09 21:16:56.0023 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys 2010/12/09 21:16:56.0189 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys 2010/12/09 21:16:56.0319 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys 2010/12/09 21:16:56.0473 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys 2010/12/09 21:16:56.0597 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys 2010/12/09 21:16:56.0749 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\windows\system32\DRIVERS\sffp_sd.sys 2010/12/09 21:16:56.0879 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys 2010/12/09 21:16:57.0045 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys 2010/12/09 21:16:57.0181 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys 2010/12/09 21:16:57.0288 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys 2010/12/09 21:16:57.0471 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys 2010/12/09 21:16:57.0613 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\windows\system32\DRIVERS\srv.sys 2010/12/09 21:16:57.0739 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\windows\system32\DRIVERS\srv2.sys 2010/12/09 21:16:57.0924 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\windows\system32\DRIVERS\srvnet.sys 2010/12/09 21:16:58.0074 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys 2010/12/09 21:16:58.0248 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys 2010/12/09 21:16:58.0421 SynTP (be7311da9d6833fa69ed04b744a1c8f8) C:\windows\system32\DRIVERS\SynTP.sys 2010/12/09 21:16:58.0652 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\windows\system32\drivers\tcpip.sys 2010/12/09 21:16:58.0898 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\windows\system32\DRIVERS\tcpip.sys 2010/12/09 21:16:59.0051 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys 2010/12/09 21:16:59.0185 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys 2010/12/09 21:16:59.0292 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys 2010/12/09 21:16:59.0405 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys 2010/12/09 21:16:59.0522 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys 2010/12/09 21:16:59.0652 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys 2010/12/09 21:16:59.0819 tmactmon (73aaffdd2ac3c8814b26c440e5dd9dd4) C:\windows\system32\DRIVERS\tmactmon.sys 2010/12/09 21:16:59.0983 tmcomm (360e61217d4e1e333583d0c721057f70) C:\windows\system32\DRIVERS\tmcomm.sys 2010/12/09 21:17:00.0130 tmevtmgr (699d34eb7c670139ca23a65372bd5743) C:\windows\system32\DRIVERS\tmevtmgr.sys 2010/12/09 21:17:00.0254 tmtdi (262198efb734012bfcd17e7479ae4a09) C:\windows\system32\DRIVERS\tmtdi.sys 2010/12/09 21:17:00.0487 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys 2010/12/09 21:17:00.0653 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys 2010/12/09 21:17:00.0869 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys 2010/12/09 21:17:00.0966 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS 2010/12/09 21:17:01.0104 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys 2010/12/09 21:17:01.0233 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys 2010/12/09 21:17:01.0272 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys 2010/12/09 21:17:01.0457 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys 2010/12/09 21:17:01.0577 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys 2010/12/09 21:17:01.0616 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys 2010/12/09 21:17:01.0683 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\windows\system32\drivers\usbaudio.sys 2010/12/09 21:17:01.0810 usbccgp (b26afb54a534d634523c4fb66765b026) C:\windows\system32\DRIVERS\usbccgp.sys 2010/12/09 21:17:01.0983 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys 2010/12/09 21:17:02.0060 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\windows\system32\DRIVERS\usbehci.sys 2010/12/09 21:17:02.0185 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\windows\system32\DRIVERS\usbhub.sys 2010/12/09 21:17:02.0305 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\windows\system32\DRIVERS\usbohci.sys 2010/12/09 21:17:02.0446 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys 2010/12/09 21:17:02.0601 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys 2010/12/09 21:17:02.0719 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\windows\system32\DRIVERS\USBSTOR.SYS 2010/12/09 21:17:02.0760 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\windows\system32\DRIVERS\usbuhci.sys 2010/12/09 21:17:02.0908 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\System32\Drivers\usbvideo.sys 2010/12/09 21:17:03.0051 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys 2010/12/09 21:17:03.0185 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys 2010/12/09 21:17:03.0289 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys 2010/12/09 21:17:03.0401 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys 2010/12/09 21:17:03.0512 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys 2010/12/09 21:17:03.0623 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys 2010/12/09 21:17:03.0728 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys 2010/12/09 21:17:03.0836 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys 2010/12/09 21:17:03.0956 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys 2010/12/09 21:17:04.0068 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys 2010/12/09 21:17:04.0186 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys 2010/12/09 21:17:04.0239 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys 2010/12/09 21:17:04.0357 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys 2010/12/09 21:17:04.0399 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys 2010/12/09 21:17:04.0547 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys 2010/12/09 21:17:04.0674 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys 2010/12/09 21:17:04.0832 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys 2010/12/09 21:17:04.0928 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys 2010/12/09 21:17:05.0148 winusb (817eaff5d38674edd7713b9dfb8e9791) C:\windows\system32\DRIVERS\WinUSB.SYS 2010/12/09 21:17:05.0268 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys 2010/12/09 21:17:05.0425 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys 2010/12/09 21:17:05.0600 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys 2010/12/09 21:17:05.0723 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys 2010/12/09 21:17:05.0802 ================================================================================ 2010/12/09 21:17:05.0802 Scan finished 2010/12/09 21:17:05.0802 ================================================================================ 2010/12/09 21:17:17.0088 Deinitialize success
  9. Hi I have a recurrent pop up antivirus... malware. Browser is diasabled wont run programs etc... Thanks for any help. MB Anti-Malware software found no virus. Ran Defogger: defogger_disable by jpshortstuff (23.02.10.1) Log created at 20:54 on 07/12/2010 (Eric) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- GMER found nothing no log to post DDS would not run, need program to run PEV.DAT file Hijack This log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:10:41 PM, on 12/7/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16671) Boot mode: Normal Running processes: C:\Program Files (x86)\Spyware Doctor\pctsTray.exe C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe C:\Users\Jennifer\Desktop\dds.pif C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E43KP892\HijackThis[1].exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr C:\windows\SysWOW64\cmd.exe C:\Users\Jennifer\Desktop\dds.scr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iSTray] "C:\Program Files (x86)\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [MyTOSHIBA] "C:\Program Files (x86)\Toshiba\My Toshiba\MyToshiba.exe" /AUTO O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install-ie/alttiff.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.5.0.cab O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://dot.pima.gov/gis/mapguide/viewer/ver65/mgaxctrl.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-31-0.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553550000} - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://remoteaccess.caremark.com/dana-cach...SetupClient.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: lxdu_device - Unknown owner - C:\windows\system32\lxducoms.exe (file missing) O23 - Service: MotoConnect Service - Unknown owner - C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 19319 bytes
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.