Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My computer is infected with something


  • This topic is locked This topic is locked
11 replies to this topic

#1 Kim_K

Kim_K

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:43 AM

Posted 30 December 2012 - 06:22 PM

Hi everyone.

I have a Dell Inspiron laptop running windows 7. Lately it has been running slow. Programs are slow to load, freeze up and stop responding. I have trouble downloading things. I ran a full scan using the free edition of Avast. It found one infection but it froze up at 34% complete. I stopped the scan and clicked on show details. I got a chart of about 200 items. I'm posting from a different computer and can't copy the chart. I'll type the first few lines and hope that is enough help .

File Name; Severity; Status; Action;
C:\Users\Kim's\...\trzC17B.tmp; High; Threat:Other:Malware-gen[trj]; Move to chest
C:\...\IMG_17012012_002244.png; Error: The request could not be perf...;
C:\Users\Kim's\...\bgbutton.png; Error: Archive is password protect...
C:\Users\...\bgButtonFinished.png; Error: Archive is password protect...
C:\Users\...\bgCloseProgram.png; Error: Archive is password protect...

And so on. All the rest say "Error: Archive is password protect... "

I clicked on move to chest and get the error message, Error: Virus chest server is not running. RPC communication failed (2147422219). Avast has a log of the scan but there is nothing in the chest.

So, what do I do now? I still have the same problems that I started with.

My computer is a Dell Inspiron: Windows 7 home premium; AMD Athlon II Dual-core processor 2.30GHz: 4.0GB RAM; 64 bit operating system

Thanks
Kim

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,705 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:43 PM

Posted 30 December 2012 - 08:53 PM

Hello Kim,
You will always see some files that could not be scanned,are password protected or in use by another process.
A lot programs password protect there own files.

Files that can not be scanned are just that, and does not mean they are infected.
But if you are concerned,we can see them and scan them. How to see hidden files in Windows

But the others do need cleaning so let's do these.

Please download TFC (Temp File Cleaner) by Old Timer and save it to your desktop.
alternate download link
  • Save any unsaved work. TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • TFC will clear out all temp folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Note: It is normal for the computer to be slow to boot after running TFC cleaner the first time.

>>>

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

>>>>

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.

>>>>

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#3 Kim_K

Kim_K
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:43 AM

Posted 05 January 2013 - 04:22 PM

Hi Boopme. Thanks for your quick reply. Sorry it took me so long to get back to you. Holiday stuff and all but I'm back now.

Anyway, I followed your directions and here are the logs requested.

MiniToolBox by Farbar Version: 25-11-2012
Ran by Kim's (administrator) on 05-01-2013 at 03:26:19
Running from "C:\Users\Kim's\Desktop"
Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Kims-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 90-A4-DE-29-B6-AD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::70a8:9cca:df94:2462%15(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.12(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, January 05, 2013 3:10:06 AM
Lease Expires . . . . . . . . . . : Sunday, January 06, 2013 3:10:06 AM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 361800926
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-1D-3A-22-78-2B-CB-E3-DC-E8
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 78-2B-CB-E3-DC-E8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{25A8D8DE-0293-4BAE-8069-3D3732D0FFDA}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:3803:2bc5:b81f:4ccb(Preferred)
Link-local IPv6 Address . . . . . : fe80::3803:2bc5:b81f:4ccb%16(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 10.0.0.1

Name: google.com
Addresses: 2607:f8b0:4004:801::1008
74.125.228.97
74.125.228.101
74.125.228.103
74.125.228.100
74.125.228.105
74.125.228.96
74.125.228.98
74.125.228.102
74.125.228.99
74.125.228.104
74.125.228.110


Pinging google.com [74.125.228.32] with 32 bytes of data:
Reply from 74.125.228.32: bytes=32 time=16ms TTL=54
Reply from 74.125.228.32: bytes=32 time=18ms TTL=54

Ping statistics for 74.125.228.32:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 16ms, Maximum = 18ms, Average = 17ms
Server: UnKnown
Address: 10.0.0.1

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=91ms TTL=48
Reply from 72.30.38.140: bytes=32 time=101ms TTL=48

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 91ms, Maximum = 101ms, Average = 96ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...90 a4 de 29 b6 ad ......Atheros AR9285 802.11b/g/n WiFi Adapter
14...78 2b cb e3 dc e8 ......Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.12 25
10.0.0.0 255.255.255.0 On-link 10.0.0.12 281
10.0.0.12 255.255.255.255 On-link 10.0.0.12 281
10.0.0.255 255.255.255.255 On-link 10.0.0.12 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.12 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.12 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 58 ::/0 On-link
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:9d38:953c:3803:2bc5:b81f:4ccb/128
On-link
15 281 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::3803:2bc5:b81f:4ccb/128
On-link
15 281 fe80::70a8:9cca:df94:2462/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
15 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [46592] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/05/2013 03:23:32 AM) (Source: Software Protection Platform Service) (User: )
Description: Update Windows license and product key tokens failed with 0x8007045D.

Error: (01/05/2013 02:31:17 AM) (Source: Software Protection Platform Service) (User: )
Description: Update Windows license and product key tokens failed with 0x8007045D.

Error: (01/05/2013 02:13:12 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data

section contains the error code.

Error: (01/05/2013 02:13:12 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension

counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter

value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (12/31/2012 06:33:34 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10405

Error: (12/31/2012 06:33:34 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10405

Error: (12/31/2012 06:33:34 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/31/2012 06:33:29 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5351

Error: (12/31/2012 06:33:29 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5351

Error: (12/31/2012 06:33:29 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (01/05/2013 03:26:34 AM) (Source: NetBT) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.0.0.12.
The computer with the IP address 10.0.0.8 did not allow the name to be claimed by
this computer.

Error: (01/05/2013 03:21:24 AM) (Source: NetBT) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.0.0.12.
The computer with the IP address 10.0.0.8 did not allow the name to be claimed by
this computer.

Error: (01/05/2013 03:19:02 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection

service.

Error: (01/05/2013 03:16:33 AM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (01/05/2013 03:16:04 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection

service.

Error: (01/05/2013 03:15:51 AM) (Source: NetBT) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.0.0.12.
The computer with the IP address 10.0.0.8 did not allow the name to be claimed by
this computer.

Error: (01/05/2013 03:15:34 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection

service.

Error: (01/05/2013 03:15:04 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection

service.

Error: (01/05/2013 03:12:59 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (01/05/2013 03:12:59 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.


Microsoft Office Sessions:
=========================
Error: (01/05/2013 03:23:32 AM) (Source: Software Protection Platform Service)(User: )
Description: 0x8007045D

Error: (01/05/2013 02:31:17 AM) (Source: Software Protection Platform Service)(User: )
Description: 0x8007045D

Error: (01/05/2013 02:13:12 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (01/05/2013 02:13:12 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (12/31/2012 06:33:34 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10405

Error: (12/31/2012 06:33:34 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10405

Error: (12/31/2012 06:33:34 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/31/2012 06:33:29 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5351

Error: (12/31/2012 06:33:29 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5351

Error: (12/31/2012 06:33:29 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Acrobat 5.0 (Version: 5.0)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.135)
Adobe Flash Player 11 Plugin (Version: 11.5.502.135)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.15.4.0)
Ask Toolbar Updater (Version: 1.2.2.23821)
Atheros Client Installation Program (Version: 9.0)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.29)
ATI Catalyst Install Manager (Version: 3.0.769.0)
Augmented Reality (Version: 1.0.0)
avast! Free Antivirus (Version: 7.0.1474.0)
AVG Security Toolbar (Version: 13.2.0.5)
Back to the Future The Game - Episode 3 (Version: 1.0.0.0)
Back to the Future The Game - Episode 4 (Version: 1.0.0.15)
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0323.2153.37415)
Catalyst Control Center Graphics Full Existing (Version: 2010.0323.2153.37415)
Catalyst Control Center Graphics Full New (Version: 2010.0323.2153.37415)
Catalyst Control Center Graphics Light (Version: 2010.0323.2153.37415)
Catalyst Control Center Graphics Previews Common (Version: 2010.0323.2153.37415)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0323.2153.37415)
Catalyst Control Center InstallProxy (Version: 2010.0323.2153.37415)
Catalyst Control Center Localization All (Version: 2010.0323.2153.37415)
ccc-core-static (Version: 2010.0323.2153.37415)
ccc-utility64 (Version: 2010.0323.2153.37415)
CCC Help Chinese Standard (Version: 2010.0323.2152.37415)
CCC Help Chinese Traditional (Version: 2010.0323.2152.37415)
CCC Help Czech (Version: 2010.0323.2152.37415)
CCC Help Danish (Version: 2010.0323.2152.37415)
CCC Help Dutch (Version: 2010.0323.2152.37415)
CCC Help English (Version: 2010.0323.2152.37415)
CCC Help Finnish (Version: 2010.0323.2152.37415)
CCC Help French (Version: 2010.0323.2152.37415)
CCC Help German (Version: 2010.0323.2152.37415)
CCC Help Greek (Version: 2010.0323.2152.37415)
CCC Help Hungarian (Version: 2010.0323.2152.37415)
CCC Help Italian (Version: 2010.0323.2152.37415)
CCC Help Japanese (Version: 2010.0323.2152.37415)
CCC Help Korean (Version: 2010.0323.2152.37415)
CCC Help Norwegian (Version: 2010.0323.2152.37415)
CCC Help Polish (Version: 2010.0323.2152.37415)
CCC Help Portuguese (Version: 2010.0323.2152.37415)
CCC Help Russian (Version: 2010.0323.2152.37415)
CCC Help Spanish (Version: 2010.0323.2152.37415)
CCC Help Swedish (Version: 2010.0323.2152.37415)
CCC Help Thai (Version: 2010.0323.2152.37415)
CCC Help Turkish (Version: 2010.0323.2152.37415)
Coupon Companion (Version: 1.18.149.149)
Dell Resource CD (Version: 1.00.0000)
Dell Touchpad (Version: 7.1107.101.202)
Dell Wireless Driver Installation (Version: 8.0)
Digital Line Detect (Version: 1.21)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Fairway™
Funmoods on IE and Chrome
Google Chrome (Version: 23.0.1271.97)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.123)
iCloud (Version: 2.1.0.39)
IMVU Avatar Chat Software
iTunes (Version: 11.0.0.163)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java™ SE Runtime Environment 6 Update 1 (Version: 1.6.0.10)
JavaFX 2.1.1 (Version: 2.1.1)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MediaGet (Version: )
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft Zoo Tycoon
Modem Diagnostic Tool (Version: 1.0.28.0)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Firefox 16.0.1 (x86 en-US) (Version: 16.0.1)
Mozilla Maintenance Service (Version: 16.0.1)
MP3 Rocket
Mystery Case Files&reg;: Escape from Ravenhearst™
Netwaiting (Version: 2.5.59)
Origin (Version: 8.3.1.9)
PhotoScape
Portal
PowerISO (Version: 4.8)
Psychonauts
QuickTime (Version: 7.73.80.64)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.5)
Realtek High Definition Audio Driver (Version: 6.0.1.6110)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30109)
RealUpgrade 1.1 (Version: 1.1.0)
RollerCoaster Tycoon 2
RollerCoaster Tycoon 2: Wacky Worlds
Roxio Burn (Version: 1.01)
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.10 (Version: 5.10.116)
StartNow Toolbar (Version: 2.3.0)
SUPERAntiSpyware (Version: 5.5.1012)
The Sims™ 3 (Version: 1.42.130)
The Sims™ 3 Late Night (Version: 6.0.81)
WIDCOMM Bluetooth Software (Version: 6.2.0.9603)

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 3835.82 MB
Available physical RAM: 2273.03 MB
Total Pagefile: 7669.78 MB
Available Pagefile: 5746.8 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.93 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:298.09 GB) (Free:47.16 GB) NTFS
4 Drive f: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
5 Drive g: (CRUZER) (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT

========================= Users: ========================================

User accounts for \\KIMS-PC

Administrator Guest Kim's


**** End of log ****


03:29:44.0888 5424 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
03:29:45.0223 5424 ============================================================
03:29:45.0223 5424 Current date / time: 2013/01/05 03:29:45.0223
03:29:45.0223 5424 SystemInfo:
03:29:45.0223 5424
03:29:45.0223 5424 OS Version: 6.1.7600 ServicePack: 0.0
03:29:45.0223 5424 Product type: Workstation
03:29:45.0223 5424 ComputerName: KIMS-PC
03:29:45.0223 5424 UserName: Kim's
03:29:45.0223 5424 Windows directory: C:\Windows
03:29:45.0223 5424 System windows directory: C:\Windows
03:29:45.0223 5424 Running under WOW64
03:29:45.0223 5424 Processor architecture: Intel x64
03:29:45.0223 5424 Number of processors: 2
03:29:45.0228 5424 Page size: 0x1000
03:29:45.0228 5424 Boot type: Normal boot
03:29:45.0228 5424 ============================================================
03:29:46.0984 5424 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
03:29:47.0054 5424 Drive \Device\Harddisk1\DR1 - Size: 0x773FFE00 (1.86 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
03:29:47.0054 5424 ============================================================
03:29:47.0054 5424 \Device\Harddisk0\DR0:
03:29:47.0064 5424 MBR partitions:
03:29:47.0064 5424 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
03:29:47.0064 5424 \Device\Harddisk1\DR1:
03:29:47.0064 5424 MBR partitions:
03:29:47.0064 5424 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x81, BlocksNum 0x3B9D3F
03:29:47.0064 5424 ============================================================
03:29:47.0089 5424 C: <-> \Device\Harddisk0\DR0\Partition1
03:29:47.0089 5424 ============================================================
03:29:47.0089 5424 Initialize success
03:29:47.0089 5424 ============================================================
03:30:25.0949 6032 ============================================================
03:30:25.0949 6032 Scan started
03:30:25.0949 6032 Mode: Manual; TDLFS;
03:30:25.0949 6032 ============================================================
03:30:26.0639 6032 ================ Scan system memory ========================
03:30:26.0639 6032 System memory - ok
03:30:26.0639 6032 ================ Scan services =============================
03:30:26.0780 6032 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
03:30:26.0785 6032 !SASCORE - ok
03:30:26.0960 6032 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
03:30:26.0965 6032 1394ohci - ok
03:30:26.0995 6032 57171599 - ok
03:30:27.0045 6032 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
03:30:27.0070 6032 ACPI - ok
03:30:27.0095 6032 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
03:30:27.0095 6032 AcpiPmi - ok
03:30:27.0295 6032 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
03:30:27.0300 6032 AdobeFlashPlayerUpdateSvc - ok
03:30:27.0355 6032 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
03:30:27.0370 6032 adp94xx - ok
03:30:27.0410 6032 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
03:30:27.0415 6032 adpahci - ok
03:30:27.0445 6032 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
03:30:27.0455 6032 adpu320 - ok
03:30:27.0485 6032 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
03:30:27.0485 6032 AeLookupSvc - ok
03:30:27.0520 6032 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
03:30:27.0525 6032 AERTFilters - ok
03:30:27.0575 6032 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
03:30:27.0585 6032 AFD - ok
03:30:27.0610 6032 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
03:30:27.0615 6032 agp440 - ok
03:30:27.0645 6032 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
03:30:27.0645 6032 ALG - ok
03:30:27.0675 6032 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
03:30:27.0675 6032 aliide - ok
03:30:27.0740 6032 [ 2115FB360C02A4B4C3696BF8E9524BDB ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
03:30:27.0745 6032 AMD External Events Utility - ok
03:30:27.0765 6032 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
03:30:27.0765 6032 amdide - ok
03:30:27.0800 6032 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
03:30:27.0800 6032 AmdK8 - ok
03:30:28.0005 6032 [ D212E021F43891FBD0669DD8457D455C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
03:30:28.0130 6032 amdkmdag - ok
03:30:28.0180 6032 [ 1C2421393CDC5A97269109FB352DDF1A ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
03:30:28.0180 6032 amdkmdap - ok
03:30:28.0200 6032 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
03:30:28.0200 6032 AmdPPM - ok
03:30:28.0235 6032 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
03:30:28.0240 6032 amdsata - ok
03:30:28.0270 6032 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
03:30:28.0275 6032 amdsbs - ok
03:30:28.0300 6032 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
03:30:28.0305 6032 amdxata - ok
03:30:28.0345 6032 [ 98449A2957778A6F025C418438A380F4 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
03:30:28.0350 6032 ApfiltrService - ok
03:30:28.0390 6032 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
03:30:28.0395 6032 AppID - ok
03:30:28.0415 6032 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
03:30:28.0420 6032 AppIDSvc - ok
03:30:28.0430 6032 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
03:30:28.0435 6032 Appinfo - ok
03:30:28.0530 6032 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
03:30:28.0535 6032 Apple Mobile Device - ok
03:30:28.0570 6032 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
03:30:28.0575 6032 arc - ok
03:30:28.0595 6032 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
03:30:28.0600 6032 arcsas - ok
03:30:28.0670 6032 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
03:30:28.0670 6032 aswFsBlk - ok
03:30:28.0735 6032 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
03:30:28.0740 6032 aswMonFlt - ok
03:30:28.0816 6032 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
03:30:28.0821 6032 aswRdr - ok
03:30:28.0866 6032 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
03:30:28.0881 6032 aswSnx - ok
03:30:28.0961 6032 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
03:30:28.0966 6032 aswSP - ok
03:30:28.0986 6032 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
03:30:28.0986 6032 aswTdi - ok
03:30:29.0021 6032 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
03:30:29.0026 6032 AsyncMac - ok
03:30:29.0041 6032 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
03:30:29.0041 6032 atapi - ok
03:30:29.0156 6032 [ F8633CDD09647A64EE8DB550630427FF ] athr C:\Windows\system32\DRIVERS\athrx.sys
03:30:29.0186 6032 athr - ok
03:30:29.0236 6032 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
03:30:29.0236 6032 AtiPcie - ok
03:30:29.0291 6032 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
03:30:29.0306 6032 AudioEndpointBuilder - ok
03:30:29.0326 6032 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
03:30:29.0336 6032 AudioSrv - ok
03:30:29.0416 6032 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
03:30:29.0421 6032 avast! Antivirus - ok
03:30:29.0496 6032 [ BFD698CC6E1DE2E0D23155DECC513D2F ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
03:30:29.0501 6032 avgtp - ok
03:30:29.0546 6032 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
03:30:29.0551 6032 AxInstSV - ok
03:30:29.0601 6032 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
03:30:29.0611 6032 b06bdrv - ok
03:30:29.0656 6032 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
03:30:29.0661 6032 b57nd60a - ok
03:30:29.0706 6032 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
03:30:29.0711 6032 BDESVC - ok
03:30:29.0731 6032 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
03:30:29.0731 6032 Beep - ok
03:30:29.0786 6032 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
03:30:29.0801 6032 BFE - ok
03:30:29.0856 6032 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
03:30:29.0876 6032 BITS - ok
03:30:29.0916 6032 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
03:30:29.0921 6032 blbdrive - ok
03:30:29.0961 6032 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
03:30:29.0971 6032 Bonjour Service - ok
03:30:30.0041 6032 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
03:30:30.0046 6032 bowser - ok
03:30:30.0076 6032 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
03:30:30.0081 6032 BrFiltLo - ok
03:30:30.0091 6032 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
03:30:30.0096 6032 BrFiltUp - ok
03:30:30.0156 6032 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
03:30:30.0161 6032 Browser - ok
03:30:30.0196 6032 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
03:30:30.0201 6032 Brserid - ok
03:30:30.0231 6032 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
03:30:30.0231 6032 BrSerWdm - ok
03:30:30.0246 6032 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
03:30:30.0246 6032 BrUsbMdm - ok
03:30:30.0271 6032 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
03:30:30.0281 6032 BrUsbSer - ok
03:30:30.0311 6032 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
03:30:30.0311 6032 BthEnum - ok
03:30:30.0331 6032 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
03:30:30.0336 6032 BTHMODEM - ok
03:30:30.0356 6032 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
03:30:30.0361 6032 BthPan - ok
03:30:30.0396 6032 [ A51FA9D0E85D5ADABEF72E67F386309C ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
03:30:30.0411 6032 BTHPORT - ok
03:30:30.0446 6032 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
03:30:30.0451 6032 bthserv - ok
03:30:30.0481 6032 [ F740B9A16B2C06700F2130E19986BF3B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
03:30:30.0481 6032 BTHUSB - ok
03:30:30.0531 6032 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
03:30:30.0536 6032 btwaudio - ok
03:30:30.0561 6032 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
03:30:30.0566 6032 btwavdt - ok
03:30:30.0646 6032 [ 6DDE1E97BE4D50253DFB9090A6A62524 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
03:30:30.0666 6032 btwdins - ok
03:30:30.0686 6032 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
03:30:30.0691 6032 btwl2cap - ok
03:30:30.0701 6032 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
03:30:30.0706 6032 btwrchid - ok
03:30:30.0736 6032 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
03:30:30.0741 6032 cdfs - ok
03:30:30.0786 6032 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
03:30:30.0791 6032 cdrom - ok
03:30:30.0826 6032 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
03:30:30.0831 6032 CertPropSvc - ok
03:30:30.0871 6032 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
03:30:30.0871 6032 circlass - ok
03:30:30.0896 6032 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
03:30:30.0906 6032 CLFS - ok
03:30:30.0971 6032 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:30:30.0981 6032 clr_optimization_v2.0.50727_32 - ok
03:30:31.0026 6032 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
03:30:31.0031 6032 clr_optimization_v2.0.50727_64 - ok
03:30:31.0091 6032 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
03:30:31.0096 6032 CmBatt - ok
03:30:31.0111 6032 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
03:30:31.0111 6032 cmdide - ok
03:30:31.0171 6032 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
03:30:31.0181 6032 CNG - ok
03:30:31.0226 6032 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
03:30:31.0226 6032 Compbatt - ok
03:30:31.0266 6032 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
03:30:31.0271 6032 CompositeBus - ok
03:30:31.0286 6032 COMSysApp - ok
03:30:31.0311 6032 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
03:30:31.0316 6032 crcdisk - ok
03:30:31.0391 6032 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
03:30:31.0396 6032 CryptSvc - ok
03:30:31.0451 6032 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
03:30:31.0466 6032 DcomLaunch - ok
03:30:31.0511 6032 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
03:30:31.0516 6032 defragsvc - ok
03:30:31.0586 6032 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
03:30:31.0591 6032 DfsC - ok
03:30:31.0626 6032 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
03:30:31.0636 6032 Dhcp - ok
03:30:31.0671 6032 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
03:30:31.0676 6032 discache - ok
03:30:31.0711 6032 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
03:30:31.0716 6032 Disk - ok
03:30:31.0787 6032 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
03:30:31.0792 6032 Dnscache - ok
03:30:31.0847 6032 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
03:30:31.0857 6032 dot3svc - ok
03:30:31.0867 6032 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
03:30:31.0877 6032 DPS - ok
03:30:31.0912 6032 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
03:30:31.0912 6032 drmkaud - ok
03:30:31.0972 6032 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
03:30:31.0987 6032 DXGKrnl - ok
03:30:32.0032 6032 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
03:30:32.0037 6032 EapHost - ok
03:30:32.0142 6032 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
03:30:32.0242 6032 ebdrv - ok
03:30:32.0312 6032 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
03:30:32.0317 6032 EFS - ok
03:30:32.0397 6032 [ B91D81B3B54A54CCAFC03733DBC2E29E ] ehRecvr C:\Windows\ehome\ehRecvr.exe
03:30:32.0412 6032 ehRecvr - ok
03:30:32.0432 6032 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
03:30:32.0437 6032 ehSched - ok
03:30:32.0487 6032 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
03:30:32.0502 6032 elxstor - ok
03:30:32.0527 6032 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
03:30:32.0532 6032 ErrDev - ok
03:30:32.0587 6032 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
03:30:32.0597 6032 EventSystem - ok
03:30:32.0632 6032 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
03:30:32.0637 6032 exfat - ok
03:30:32.0667 6032 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
03:30:32.0672 6032 fastfat - ok
03:30:32.0722 6032 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
03:30:32.0747 6032 Fax - ok
03:30:32.0767 6032 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
03:30:32.0842 6032 fdc - ok
03:30:33.0012 6032 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
03:30:33.0017 6032 fdPHost - ok
03:30:33.0032 6032 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
03:30:33.0037 6032 FDResPub - ok
03:30:33.0087 6032 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
03:30:33.0087 6032 FileInfo - ok
03:30:33.0107 6032 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
03:30:33.0112 6032 Filetrace - ok
03:30:33.0147 6032 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
03:30:33.0152 6032 flpydisk - ok
03:30:33.0212 6032 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
03:30:33.0222 6032 FltMgr - ok
03:30:33.0287 6032 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
03:30:33.0307 6032 FontCache - ok
03:30:33.0357 6032 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
03:30:33.0362 6032 FontCache3.0.0.0 - ok
03:30:33.0392 6032 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
03:30:33.0397 6032 FsDepends - ok
03:30:33.0452 6032 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
03:30:33.0452 6032 Fs_Rec - ok
03:30:33.0492 6032 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
03:30:33.0497 6032 fvevol - ok
03:30:33.0527 6032 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
03:30:33.0527 6032 gagp30kx - ok
03:30:33.0592 6032 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
03:30:33.0592 6032 GEARAspiWDM - ok
03:30:33.0637 6032 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
03:30:33.0652 6032 gpsvc - ok
03:30:33.0722 6032 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:30:33.0727 6032 gupdate - ok
03:30:33.0752 6032 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:30:33.0757 6032 gupdatem - ok
03:30:33.0787 6032 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
03:30:33.0792 6032 hcw85cir - ok
03:30:33.0822 6032 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
03:30:33.0832 6032 HdAudAddService - ok
03:30:33.0862 6032 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
03:30:33.0862 6032 HDAudBus - ok
03:30:33.0887 6032 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
03:30:33.0887 6032 HidBatt - ok
03:30:33.0912 6032 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
03:30:33.0917 6032 HidBth - ok
03:30:33.0952 6032 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
03:30:33.0952 6032 HidIr - ok
03:30:33.0982 6032 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
03:30:33.0987 6032 hidserv - ok
03:30:34.0032 6032 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
03:30:34.0032 6032 HidUsb - ok
03:30:34.0067 6032 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
03:30:34.0077 6032 hkmsvc - ok
03:30:34.0097 6032 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
03:30:34.0102 6032 HomeGroupListener - ok
03:30:34.0137 6032 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
03:30:34.0147 6032 HomeGroupProvider - ok
03:30:34.0177 6032 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
03:30:34.0182 6032 HpSAMD - ok
03:30:34.0232 6032 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
03:30:34.0247 6032 HTTP - ok
03:30:34.0272 6032 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
03:30:34.0272 6032 hwpolicy - ok
03:30:34.0322 6032 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
03:30:34.0327 6032 i8042prt - ok
03:30:34.0367 6032 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
03:30:34.0377 6032 iaStorV - ok
03:30:34.0442 6032 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
03:30:34.0457 6032 idsvc - ok
03:30:34.0497 6032 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
03:30:34.0502 6032 iirsp - ok
03:30:34.0557 6032 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
03:30:34.0577 6032 IKEEXT - ok
03:30:34.0692 6032 [ 30CE3B186D3F661050BE6FED23D842BA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
03:30:34.0717 6032 IntcAzAudAddService - ok
03:30:34.0727 6032 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
03:30:34.0732 6032 intelide - ok
03:30:34.0772 6032 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
03:30:34.0777 6032 intelppm - ok
03:30:34.0812 6032 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
03:30:34.0817 6032 IPBusEnum - ok
03:30:34.0842 6032 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:30:34.0847 6032 IpFilterDriver - ok
03:30:34.0877 6032 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
03:30:34.0897 6032 iphlpsvc - ok
03:30:34.0912 6032 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
03:30:34.0932 6032 IPMIDRV - ok
03:30:34.0957 6032 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
03:30:34.0957 6032 IPNAT - ok
03:30:35.0027 6032 [ B474C756C13960793C7583B766F904C4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
03:30:35.0047 6032 iPod Service - ok
03:30:35.0087 6032 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
03:30:35.0087 6032 IRENUM - ok
03:30:35.0117 6032 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
03:30:35.0117 6032 isapnp - ok
03:30:35.0137 6032 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
03:30:35.0142 6032 iScsiPrt - ok
03:30:35.0162 6032 [ CC1E48A7B7C29FE97BAC482DAB69A14D ] itecir C:\Windows\system32\DRIVERS\itecir.sys
03:30:35.0167 6032 itecir - ok
03:30:35.0202 6032 [ 7DBAFE10C1B777305C80BEA42FBDA710 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
03:30:35.0202 6032 k57nd60a - ok
03:30:35.0242 6032 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
03:30:35.0247 6032 kbdclass - ok
03:30:35.0272 6032 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
03:30:35.0272 6032 kbdhid - ok
03:30:35.0287 6032 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
03:30:35.0297 6032 KeyIso - ok
03:30:35.0362 6032 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
03:30:35.0362 6032 KSecDD - ok
03:30:35.0387 6032 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
03:30:35.0392 6032 KSecPkg - ok
03:30:35.0422 6032 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
03:30:35.0427 6032 ksthunk - ok
03:30:35.0467 6032 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
03:30:35.0482 6032 KtmRm - ok
03:30:35.0512 6032 [ 9DDC68B87A9B837736A2B193EE14A4A5 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
03:30:35.0512 6032 L1C - ok
03:30:35.0587 6032 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
03:30:35.0602 6032 LanmanServer - ok
03:30:35.0632 6032 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
03:30:35.0647 6032 LanmanWorkstation - ok
03:30:35.0682 6032 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
03:30:35.0687 6032 lltdio - ok
03:30:35.0722 6032 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
03:30:35.0732 6032 lltdsvc - ok
03:30:35.0757 6032 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
03:30:35.0762 6032 lmhosts - ok
03:30:35.0817 6032 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
03:30:35.0822 6032 LSI_FC - ok
03:30:35.0837 6032 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
03:30:35.0842 6032 LSI_SAS - ok
03:30:35.0862 6032 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
03:30:35.0867 6032 LSI_SAS2 - ok
03:30:35.0892 6032 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
03:30:35.0897 6032 LSI_SCSI - ok
03:30:35.0927 6032 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
03:30:35.0927 6032 luafv - ok
03:30:35.0997 6032 [ 922CBAC7B992B9614CAB7122F4BF9406 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
03:30:36.0002 6032 ManyCam - ok
03:30:36.0067 6032 [ 34A42DD7CF525D0D2C5232916496E4B8 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
03:30:36.0067 6032 mcaudrv_simple - ok
03:30:36.0107 6032 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
03:30:36.0117 6032 Mcx2Svc - ok
03:30:36.0142 6032 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
03:30:36.0147 6032 megasas - ok
03:30:36.0182 6032 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
03:30:36.0192 6032 MegaSR - ok
03:30:36.0222 6032 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
03:30:36.0232 6032 MMCSS - ok
03:30:36.0252 6032 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
03:30:36.0257 6032 Modem - ok
03:30:36.0297 6032 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
03:30:36.0297 6032 monitor - ok
03:30:36.0322 6032 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
03:30:36.0322 6032 mouclass - ok
03:30:36.0362 6032 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
03:30:36.0367 6032 mouhid - ok
03:30:36.0392 6032 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
03:30:36.0397 6032 mountmgr - ok
03:30:36.0487 6032 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
03:30:36.0492 6032 MozillaMaintenance - ok
03:30:36.0537 6032 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
03:30:36.0542 6032 mpio - ok
03:30:36.0557 6032 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
03:30:36.0562 6032 mpsdrv - ok
03:30:36.0617 6032 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
03:30:36.0642 6032 MpsSvc - ok
03:30:36.0667 6032 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
03:30:36.0677 6032 MRxDAV - ok
03:30:36.0737 6032 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
03:30:36.0742 6032 mrxsmb - ok
03:30:36.0762 6032 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:30:36.0767 6032 mrxsmb10 - ok
03:30:36.0793 6032 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:30:36.0798 6032 mrxsmb20 - ok
03:30:36.0813 6032 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
03:30:36.0813 6032 msahci - ok
03:30:36.0838 6032 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
03:30:36.0843 6032 msdsm - ok
03:30:36.0868 6032 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
03:30:36.0878 6032 MSDTC - ok
03:30:36.0908 6032 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
03:30:36.0913 6032 Msfs - ok
03:30:36.0933 6032 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
03:30:36.0938 6032 mshidkmdf - ok
03:30:36.0953 6032 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
03:30:36.0958 6032 msisadrv - ok
03:30:37.0008 6032 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
03:30:37.0018 6032 MSiSCSI - ok
03:30:37.0038 6032 msiserver - ok
03:30:37.0068 6032 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
03:30:37.0068 6032 MSKSSRV - ok
03:30:37.0098 6032 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
03:30:37.0098 6032 MSPCLOCK - ok
03:30:37.0108 6032 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
03:30:37.0108 6032 MSPQM - ok
03:30:37.0138 6032 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
03:30:37.0143 6032 MsRPC - ok
03:30:37.0163 6032 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
03:30:37.0163 6032 mssmbios - ok
03:30:37.0178 6032 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
03:30:37.0183 6032 MSTEE - ok
03:30:37.0188 6032 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
03:30:37.0188 6032 MTConfig - ok
03:30:37.0228 6032 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
03:30:37.0228 6032 Mup - ok
03:30:37.0258 6032 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
03:30:37.0268 6032 napagent - ok
03:30:37.0308 6032 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
03:30:37.0313 6032 NativeWifiP - ok
03:30:37.0343 6032 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
03:30:37.0353 6032 NDIS - ok
03:30:37.0373 6032 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
03:30:37.0378 6032 NdisCap - ok
03:30:37.0403 6032 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
03:30:37.0408 6032 NdisTapi - ok
03:30:37.0428 6032 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
03:30:37.0433 6032 Ndisuio - ok
03:30:37.0458 6032 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
03:30:37.0463 6032 NdisWan - ok
03:30:37.0478 6032 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
03:30:37.0483 6032 NDProxy - ok
03:30:37.0513 6032 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
03:30:37.0518 6032 NetBIOS - ok
03:30:37.0543 6032 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
03:30:37.0548 6032 NetBT - ok
03:30:37.0568 6032 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
03:30:37.0573 6032 Netlogon - ok
03:30:37.0623 6032 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
03:30:37.0643 6032 Netman - ok
03:30:37.0663 6032 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
03:30:37.0678 6032 netprofm - ok
03:30:37.0708 6032 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
03:30:37.0713 6032 NetTcpPortSharing - ok
03:30:37.0933 6032 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
03:30:38.0113 6032 NETw5s64 - ok
03:30:38.0133 6032 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
03:30:38.0138 6032 nfrd960 - ok
03:30:38.0168 6032 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
03:30:38.0173 6032 NlaSvc - ok
03:30:38.0188 6032 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
03:30:38.0193 6032 Npfs - ok
03:30:38.0208 6032 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
03:30:38.0213 6032 nsi - ok
03:30:38.0228 6032 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
03:30:38.0228 6032 nsiproxy - ok
03:30:38.0298 6032 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
03:30:38.0333 6032 Ntfs - ok
03:30:38.0343 6032 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
03:30:38.0348 6032 Null - ok
03:30:38.0363 6032 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
03:30:38.0363 6032 nvraid - ok
03:30:38.0378 6032 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
03:30:38.0383 6032 nvstor - ok
03:30:38.0398 6032 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
03:30:38.0398 6032 nv_agp - ok
03:30:38.0423 6032 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
03:30:38.0423 6032 ohci1394 - ok
03:30:38.0463 6032 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
03:30:38.0473 6032 p2pimsvc - ok
03:30:38.0498 6032 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
03:30:38.0518 6032 p2psvc - ok
03:30:38.0553 6032 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
03:30:38.0558 6032 Parport - ok
03:30:38.0618 6032 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
03:30:38.0623 6032 partmgr - ok
03:30:38.0648 6032 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
03:30:38.0658 6032 PcaSvc - ok
03:30:38.0678 6032 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
03:30:38.0683 6032 pci - ok
03:30:38.0718 6032 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
03:30:38.0718 6032 pciide - ok
03:30:38.0738 6032 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
03:30:38.0743 6032 pcmcia - ok
03:30:38.0763 6032 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
03:30:38.0763 6032 pcw - ok
03:30:38.0798 6032 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
03:30:38.0803 6032 PEAUTH - ok
03:30:38.0898 6032 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
03:30:38.0903 6032 PerfHost - ok
03:30:38.0988 6032 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
03:30:39.0023 6032 pla - ok
03:30:39.0103 6032 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
03:30:39.0113 6032 PlugPlay - ok
03:30:39.0148 6032 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
03:30:39.0153 6032 PNRPAutoReg - ok
03:30:39.0183 6032 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
03:30:39.0198 6032 PNRPsvc - ok
03:30:39.0233 6032 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
03:30:39.0248 6032 PolicyAgent - ok
03:30:39.0288 6032 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
03:30:39.0303 6032 Power - ok
03:30:39.0358 6032 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
03:30:39.0363 6032 PptpMiniport - ok
03:30:39.0383 6032 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
03:30:39.0388 6032 Processor - ok
03:30:39.0433 6032 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
03:30:39.0443 6032 ProfSvc - ok
03:30:39.0468 6032 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
03:30:39.0473 6032 ProtectedStorage - ok
03:30:39.0503 6032 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
03:30:39.0508 6032 Psched - ok
03:30:39.0543 6032 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
03:30:39.0548 6032 PxHlpa64 - ok
03:30:39.0608 6032 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
03:30:39.0643 6032 ql2300 - ok
03:30:39.0688 6032 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
03:30:39.0693 6032 ql40xx - ok
03:30:39.0723 6032 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
03:30:39.0733 6032 QWAVE - ok
03:30:39.0753 6032 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
03:30:39.0753 6032 QWAVEdrv - ok
03:30:39.0783 6032 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
03:30:39.0788 6032 RasAcd - ok
03:30:39.0828 6032 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
03:30:39.0833 6032 RasAgileVpn - ok
03:30:39.0848 6032 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
03:30:39.0858 6032 RasAuto - ok
03:30:39.0883 6032 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
03:30:39.0888 6032 Rasl2tp - ok
03:30:39.0933 6032 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
03:30:39.0948 6032 RasMan - ok
03:30:39.0983 6032 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
03:30:39.0988 6032 RasPppoe - ok
03:30:40.0013 6032 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
03:30:40.0018 6032 RasSstp - ok
03:30:40.0058 6032 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
03:30:40.0063 6032 rdbss - ok
03:30:40.0078 6032 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
03:30:40.0078 6032 rdpbus - ok
03:30:40.0103 6032 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
03:30:40.0103 6032 RDPCDD - ok
03:30:40.0133 6032 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
03:30:40.0133 6032 RDPENCDD - ok
03:30:40.0148 6032 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
03:30:40.0148 6032 RDPREFMP - ok
03:30:40.0208 6032 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
03:30:40.0218 6032 RDPWD - ok
03:30:40.0258 6032 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
03:30:40.0263 6032 rdyboost - ok
03:30:40.0298 6032 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
03:30:40.0308 6032 RemoteAccess - ok
03:30:40.0338 6032 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
03:30:40.0348 6032 RemoteRegistry - ok
03:30:40.0388 6032 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
03:30:40.0393 6032 RFCOMM - ok
03:30:40.0448 6032 [ 77B3B747EB2413072B8E4306018D0C9B ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
03:30:40.0453 6032 RMCAST - ok
03:30:40.0488 6032 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
03:30:40.0498 6032 RpcEptMapper - ok
03:30:40.0523 6032 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
03:30:40.0533 6032 RpcLocator - ok
03:30:40.0573 6032 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
03:30:40.0588 6032 RpcSs - ok
03:30:40.0638 6032 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
03:30:40.0643 6032 rspndr - ok
03:30:40.0708 6032 [ 30F463768D5143BFD7B2DF822B53CF4D ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
03:30:40.0718 6032 RSUSBSTOR - ok
03:30:40.0733 6032 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
03:30:40.0738 6032 SamSs - ok
03:30:40.0878 6032 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
03:30:40.0878 6032 SASDIFSV - ok
03:30:40.0908 6032 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
03:30:40.0908 6032 SASKUTIL - ok
03:30:40.0933 6032 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
03:30:40.0938 6032 sbp2port - ok
03:30:40.0968 6032 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
03:30:40.0978 6032 SCardSvr - ok
03:30:41.0068 6032 [ B2F50286DC82B93C013E3FC57BA1A956 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
03:30:41.0068 6032 SCDEmu - ok
03:30:41.0103 6032 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
03:30:41.0103 6032 scfilter - ok
03:30:41.0193 6032 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
03:30:41.0223 6032 Schedule - ok
03:30:41.0258 6032 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
03:30:41.0263 6032 SCPolicySvc - ok
03:30:41.0293 6032 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
03:30:41.0298 6032 sdbus - ok
03:30:41.0323 6032 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
03:30:41.0328 6032 SDRSVC - ok
03:30:41.0358 6032 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
03:30:41.0358 6032 secdrv - ok
03:30:41.0368 6032 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
03:30:41.0373 6032 seclogon - ok
03:30:41.0393 6032 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
03:30:41.0398 6032 SENS - ok
03:30:41.0433 6032 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
03:30:41.0438 6032 SensrSvc - ok
03:30:41.0463 6032 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
03:30:41.0463 6032 Serenum - ok
03:30:41.0488 6032 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
03:30:41.0488 6032 Serial - ok
03:30:41.0508 6032 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
03:30:41.0513 6032 sermouse - ok
03:30:41.0548 6032 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
03:30:41.0558 6032 SessionEnv - ok
03:30:41.0568 6032 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
03:30:41.0568 6032 sffdisk - ok
03:30:41.0588 6032 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
03:30:41.0588 6032 sffp_mmc - ok
03:30:41.0598 6032 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
03:30:41.0598 6032 sffp_sd - ok
03:30:41.0603 6032 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
03:30:41.0608 6032 sfloppy - ok
03:30:41.0633 6032 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
03:30:41.0648 6032 SharedAccess - ok
03:30:41.0673 6032 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
03:30:41.0683 6032 ShellHWDetection - ok
03:30:41.0703 6032 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
03:30:41.0703 6032 SiSRaid2 - ok
03:30:41.0723 6032 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
03:30:41.0733 6032 SiSRaid4 - ok
03:30:41.0868 6032 [ EF3B592545676301CDEB7C2609EED7BF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
03:30:41.0873 6032 SkypeUpdate - ok
03:30:41.0903 6032 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
03:30:41.0908 6032 Smb - ok
03:30:41.0958 6032 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
03:30:41.0968 6032 SNMPTRAP - ok
03:30:42.0003 6032 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
03:30:42.0003 6032 spldr - ok
03:30:42.0073 6032 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
03:30:42.0088 6032 Spooler - ok
03:30:42.0178 6032 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
03:30:42.0223 6032 sppsvc - ok
03:30:42.0233 6032 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
03:30:42.0238 6032 sppuinotify - ok
03:30:42.0303 6032 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
03:30:42.0313 6032 srv - ok
03:30:42.0343 6032 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
03:30:42.0353 6032 srv2 - ok
03:30:42.0418 6032 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
03:30:42.0423 6032 srvnet - ok
03:30:42.0468 6032 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
03:30:42.0478 6032 SSDPSRV - ok
03:30:42.0498 6032 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
03:30:42.0508 6032 SstpSvc - ok
03:30:42.0538 6032 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
03:30:42.0543 6032 stexstor - ok
03:30:42.0578 6032 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
03:30:42.0598 6032 stisvc - ok
03:30:42.0613 6032 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
03:30:42.0613 6032 swenum - ok
03:30:42.0673 6032 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
03:30:42.0688 6032 swprv - ok
03:30:42.0743 6032 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
03:30:42.0788 6032 SysMain - ok
03:30:42.0818 6032 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
03:30:42.0823 6032 TabletInputService - ok
03:30:42.0853 6032 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
03:30:42.0863 6032 TapiSrv - ok
03:30:42.0878 6032 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
03:30:42.0883 6032 TBS - ok
03:30:42.0988 6032 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
03:30:43.0028 6032 Tcpip - ok
03:30:43.0303 6032 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
03:30:43.0323 6032 TCPIP6 - ok
03:30:43.0348 6032 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
03:30:43.0353 6032 tcpipreg - ok
03:30:43.0368 6032 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
03:30:43.0373 6032 TDPIPE - ok
03:30:43.0438 6032 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
03:30:43.0443 6032 TDTCP - ok
03:30:43.0483 6032 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
03:30:43.0488 6032 tdx - ok
03:30:43.0508 6032 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
03:30:43.0513 6032 TermDD - ok
03:30:43.0563 6032 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
03:30:43.0583 6032 TermService - ok
03:30:43.0593 6032 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
03:30:43.0598 6032 Themes - ok
03:30:43.0613 6032 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
03:30:43.0613 6032 THREADORDER - ok
03:30:43.0633 6032 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
03:30:43.0638 6032 TrkWks - ok
03:30:43.0683 6032 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
03:30:43.0688 6032 TrustedInstaller - ok
03:30:43.0718 6032 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
03:30:43.0723 6032 tssecsrv - ok
03:30:43.0768 6032 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
03:30:43.0773 6032 tunnel - ok
03:30:43.0788 6032 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
03:30:43.0793 6032 uagp35 - ok
03:30:43.0828 6032 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
03:30:43.0838 6032 udfs - ok
03:30:43.0888 6032 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
03:30:43.0898 6032 UI0Detect - ok
03:30:43.0913 6032 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
03:30:43.0918 6032 uliagpkx - ok
03:30:43.0963 6032 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
03:30:43.0968 6032 umbus - ok
03:30:43.0983 6032 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
03:30:43.0988 6032 UmPass - ok
03:30:43.0998 6032 Updater Service for StartNow Toolbar - ok
03:30:44.0033 6032 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
03:30:44.0043 6032 upnphost - ok
03:30:44.0113 6032 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
03:30:44.0118 6032 USBAAPL64 - ok
03:30:44.0138 6032 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
03:30:44.0143 6032 usbccgp - ok
03:30:44.0188 6032 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
03:30:44.0193 6032 usbcir - ok
03:30:44.0213 6032 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
03:30:44.0213 6032 usbehci - ok
03:30:44.0248 6032 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
03:30:44.0258 6032 usbhub - ok
03:30:44.0288 6032 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
03:30:44.0293 6032 usbohci - ok
03:30:44.0328 6032 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
03:30:44.0333 6032 usbprint - ok
03:30:44.0393 6032 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
03:30:44.0398 6032 usbscan - ok
03:30:44.0418 6032 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
03:30:44.0418 6032 USBSTOR - ok
03:30:44.0443 6032 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
03:30:44.0448 6032 usbuhci - ok
03:30:44.0493 6032 [ D501E12614B00A3252073101D6A1A74B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
03:30:44.0498 6032 usbvideo - ok
03:30:44.0528 6032 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
03:30:44.0543 6032 UxSms - ok
03:30:44.0558 6032 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
03:30:44.0563 6032 VaultSvc - ok
03:30:44.0593 6032 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
03:30:44.0593 6032 vdrvroot - ok
03:30:44.0643 6032 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
03:30:44.0663 6032 vds - ok
03:30:44.0703 6032 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
03:30:44.0708 6032 vga - ok
03:30:44.0733 6032 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
03:30:44.0733 6032 VgaSave - ok
03:30:44.0758 6032 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
03:30:44.0763 6032 vhdmp - ok
03:30:44.0788 6032 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
03:30:44.0788 6032 viaide - ok
03:30:44.0814 6032 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
03:30:44.0814 6032 volmgr - ok
03:30:44.0839 6032 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
03:30:44.0849 6032 volmgrx - ok
03:30:44.0884 6032 [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap C:\Windows\system32\drivers\volsnap.sys
03:30:44.0894 6032 volsnap - ok
03:30:44.0919 6032 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
03:30:44.0929 6032 vsmraid - ok
03:30:45.0009 6032 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
03:30:45.0049 6032 VSS - ok
03:30:45.0189 6032 [ 7DB85B78309C05C9F06F469ED976DC9E ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
03:30:45.0204 6032 vToolbarUpdater13.2.0 - ok
03:30:45.0224 6032 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
03:30:45.0229 6032 vwifibus - ok
03:30:45.0254 6032 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
03:30:45.0259 6032 vwififlt - ok
03:30:45.0309 6032 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
03:30:45.0324 6032 W32Time - ok
03:30:45.0364 6032 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
03:30:45.0369 6032 WacomPen - ok
03:30:45.0404 6032 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
03:30:45.0409 6032 WANARP - ok
03:30:45.0419 6032 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
03:30:45.0419 6032 Wanarpv6 - ok
03:30:45.0529 6032 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
03:30:45.0554 6032 WatAdminSvc - ok
03:30:45.0624 6032 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
03:30:45.0659 6032 wbengine - ok
03:30:45.0689 6032 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
03:30:45.0704 6032 WbioSrvc - ok
03:30:45.0719 6032 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
03:30:45.0739 6032 wcncsvc - ok
03:30:45.0759 6032 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
03:30:45.0769 6032 WcsPlugInService - ok
03:30:45.0814 6032 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
03:30:45.0819 6032 Wd - ok
03:30:45.0854 6032 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
03:30:45.0869 6032 Wdf01000 - ok
03:30:45.0894 6032 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
03:30:45.0904 6032 WdiServiceHost - ok
03:30:45.0914 6032 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
03:30:45.0929 6032 WdiSystemHost - ok
03:30:45.0954 6032 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
03:30:45.0969 6032 WebClient - ok
03:30:45.0994 6032 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
03:30:45.0999 6032 Wecsvc - ok
03:30:46.0024 6032 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
03:30:46.0029 6032 wercplsupport - ok
03:30:46.0054 6032 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
03:30:46.0064 6032 WerSvc - ok
03:30:46.0094 6032 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
03:30:46.0094 6032 WfpLwf - ok
03:30:46.0114 6032 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
03:30:46.0114 6032 WIMMount - ok
03:30:46.0129 6032 WinDefend - ok
03:30:46.0139 6032 WinHttpAutoProxySvc - ok
03:30:46.0189 6032 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
03:30:46.0189 6032 Winmgmt - ok
03:30:46.0264 6032 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
03:30:46.0314 6032 WinRM - ok
03:30:46.0414 6032 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
03:30:46.0419 6032 WinUsb - ok
03:30:46.0484 6032 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
03:30:46.0509 6032 Wlansvc - ok
03:30:46.0540 6032 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
03:30:46.0540 6032 WmiAcpi - ok
03:30:46.0580 6032 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
03:30:46.0585 6032 wmiApSrv - ok
03:30:46.0630 6032 WMPNetworkSvc - ok
03:30:46.0675 6032 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
03:30:46.0685 6032 WPCSvc - ok
03:30:46.0710 6032 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
03:30:46.0725 6032 WPDBusEnum - ok
03:30:46.0755 6032 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
03:30:46.0760 6032 ws2ifsl - ok
03:30:46.0780 6032 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
03:30:46.0795 6032 wscsvc - ok
03:30:46.0805 6032 WSearch - ok
03:30:46.0940 6032 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
03:30:46.0975 6032 wuauserv - ok
03:30:46.0985 6032 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
03:30:46.0985 6032 WudfPf - ok
03:30:47.0025 6032 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
03:30:47.0030 6032 WUDFRd - ok
03:30:47.0055 6032 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
03:30:47.0060 6032 wudfsvc - ok
03:30:47.0085 6032 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
03:30:47.0090 6032 WwanSvc - ok
03:30:47.0105 6032 ================ Scan global ===============================
03:30:47.0125 6032 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
03:30:47.0190 6032 [ 4343295C52C8B1ADD906F1A37B940AA1 ] C:\Windows\system32\winsrv.dll
03:30:47.0215 6032 [ 4343295C52C8B1ADD906F1A37B940AA1 ] C:\Windows\system32\winsrv.dll
03:30:47.0250 6032 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
03:30:47.0290 6032 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
03:30:47.0305 6032 [Global] - ok
03:30:47.0305 6032 ================ Scan MBR ==================================
03:30:47.0325 6032 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
03:30:48.0796 6032 \Device\Harddisk0\DR0 - ok
03:30:48.0801 6032 [ 06449E7C4AF0550B77E260798769AA40 ] \Device\Harddisk1\DR1
03:30:48.0956 6032 \Device\Harddisk1\DR1 - ok
03:30:48.0961 6032 ================ Scan VBR ==================================
03:30:48.0986 6032 [ 5E97898578A3A550A9FD8DCCC77B16C2 ] \Device\Harddisk0\DR0\Partition1
03:30:48.0991 6032 \Device\Harddisk0\DR0\Partition1 - ok
03:30:49.0006 6032 [ 0B89F0D8CE2C17F7214C6362612F5142 ] \Device\Harddisk1\DR1\Partition1
03:30:49.0006 6032 \Device\Harddisk1\DR1\Partition1 - ok
03:30:49.0006 6032 ============================================================
03:30:49.0006 6032 Scan finished
03:30:49.0011 6032 ============================================================
03:30:49.0046 5936 Detected object count: 0
03:30:49.0046 5936 Actual detected object count: 0

ESET:

C:\Program Files (x86)\Coupon Companion\Coupon Companion.dll Win32/Toolbar.CrossRider application cleaned by deleting (after the next restart) - quarantined
C:\Users\Kim's\Downloads\zoo tycoon setup.exe a variant of Win32/Soft32Downloader.B application cleaned by deleting - quarantined
C:\Users\Kim's\Videos\movies and tv\MediaGet2.exe a variant of Win32/MediaGet application cleaned by deleting - quarantined

Edited by Kim_K, 05 January 2013 - 07:05 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,705 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:43 PM

Posted 06 January 2013 - 02:42 PM

Hello, MediaGet is a software application that you use to download torrent files from the internet. The majority of these files come with malware.

You need to go to Start>> Control Panel >>Programs and Uninstall...

Ask Toolbar (Version: 1.15.4.0)
Ask Toolbar Updater (Version: 1.2.2.23821)
AVG Security Toolbar
Java™ SE Runtime Environment 6 Update 1 (Version: 1.6.0.10)
MediaGet (Version: )
StartNow Toolbar (Version: 2.3.0)

Rebbot


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#5 Kim_K

Kim_K
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:43 AM

Posted 07 January 2013 - 03:07 AM

Hi

I followed your instructions and things didn't go well. First I uninstalled the programs you listed. When I uninstalled Ask Toolbar it took about 15 minutes to complete. Then I tried to uninstall MediaGet. I got a screen asking me to complete a survey and sorry to see me go. I waited 45 minutes but nothing seemed to happen. If I tried anything I got a message to wait for the current program to finish. Finally I used Task Manager to close the program. I was going to try to uninstall again but now MediaGet doesn't show on the list of programs. Did I unistall it after all or did I really screw things up by closing the program? The rest of the programs uninstalled without issue.

Next I tried to run MBAM. It wasn't on my list of all programs under the start menu. It showed on the control panel. I searched and got mbam.exe --- setup. I clicked on it and it installed MBAM and updated it. I started a quick scan and the computer froze up after 20 seconds. I killed the power and restarted the computer. Now MBAM won't even start.

Finally, I can't get on bleepingcomputer.com. I'm typing this from another computer. When I start Internet Explorer it is very slow to load and I keep getting messages at the top of the screen that Internet Explorer isn't responding and bleepingcomputer.com isn't responding.

I also get a message when I start Internet Explorer from User Account control asking if I will allow Java SE Runtime Enviroment7 Update9 to make changes to my computer. This is very close to the program you had me uninstall. This one doesn't show up in the control panel under the uninstall program list. If I click no IE stops responding. I tried clicking yes once and the computer shut down.

Well, how about that. As I was typing this I had IE started on the problem computer. I had the user account screen up asking about Java so I could copy the message right. I clicked neither yes nor no. After about 10 minutes wait, IE started working and I got on bleepingcomputer.com. I closed IE and started it again. I get the user account screen. I can get on IE if I wait and don't respond to the user account screen.

Still can't run MBAM. It freezes after 18 seconds.

Thanks
Kim

Edit to add: I left the computer on overnight with MBAM running. It wasn't responding when I went to bed. When I got up it had completed the scan. It found 47 items. I clicked to remove and restarted the computer as directed. I tried to get on Internet Explorer. I still get the Java Runtime Enviroment 7 message. This time the computer froze up and I had to kill the power. I don't have time to mess with it now. When I get home from work I'll see if I can post the log.

Edited by Kim_K, 07 January 2013 - 09:01 AM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,705 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:43 PM

Posted 07 January 2013 - 01:59 PM

Sorry it's being difficult..

Some infections will also Hijack the executable associations by adding an extension to HKCU\Software\Classes. This will override any settings in the HKLM\Software\Classes key.
Can you
Download FixExec.exe to your desktop.
Double click on the downloaded file to run the fix.
When the program has finished, it will generate a log on the desktop called FixExec.txt.
Post the log in your next reply.

NOTE: If for any reason you're not able to execute FixExec.exe rename it to FixExec.com, FixExec.pif or FixExec.scr.



Try to fix MBAM

For Windows Vista and Windows 7:
  • First uninstall Malwarebytes' Anti-Malware using Programs and Features in Control Panel.
  • Restart the computer.
  • Download the mbam-clean.exe (MBAM Cleanup Utility) and save it to your Desktop.
  • Double-click on mbamclean.exe to start the utility.
  • When the cleanup routine has finished, it will ask to reboot your computer. Please allow the reboot.
  • After the computer restarts, temporarily disable your Anti-Virus, then download and install the latest version of Malwarebytes' Anti-Malware (v1.46) from here.

-- If using the Pro version, you will need to reactivate the program using the license key you were sent. If using the free version, then just ignore that part.
-- Launch the program and set the Protection and Registration. Then go to the UPDATE tab and check for updates if not done during installation.
-- Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications.

How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#7 Kim_K

Kim_K
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:43 AM

Posted 07 January 2013 - 05:18 PM

Hi

Things are going better but there are still problems. I ran FixExec. Here is the log.

FixExec by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about FixExec can be found at this link:
http://www.bleepingcomputer.com/download/windows/utilities/fixexec

Program started at: 01/07/2013 03:43:53 PM in x64 mode.
Windows Version: Windows 7

Checking for processes to terminate before fixing executable associations.
* No processes found to kill.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.


Program finished at: 01/07/2013 03:44:00 PM
Execution time: 0 hours(s), 0 minute(s), and 6 seconds(s)

I followed your instructions for MBAM. It still won't run, The computer freezes up. Also I couldn't disable Avast. Anytime I try to run Avast the computer freezes up.

Kim

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,705 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:43 PM

Posted 07 January 2013 - 09:03 PM

Please Reboot into Safe Mode with Networking
How to start Windows 7 in Safe Mode

ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


Next.... Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#9 Kim_K

Kim_K
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:43 AM

Posted 08 January 2013 - 03:35 AM

Hi

I followed your directions here is the log from AdwCleaner

# AdwCleaner v2.104 - Logfile created 01/08/2013 at 01:27:40
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Kim's - KIMS-PC
# Boot Mode : Safe mode with networking
# Running from : C:\Users\Kim's\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Updater Service for StartNow Toolbar

***** [Files / Folders] *****

File Deleted : C:\user.js
File Deleted : C:\Users\Kim's\AppData\Local\Temp\Uninstall.exe
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\Kim's\AppData\Local\APN
Folder Deleted : C:\Users\Kim's\AppData\Local\Babylon
Folder Deleted : C:\Users\Kim's\AppData\Local\Conduit
Folder Deleted : C:\Users\Kim's\AppData\Local\Google\Chrome\User Data\Default\Extensions\apjkpjchfbckhjhokinlgdbmibpbbjak
Folder Deleted : C:\Users\Kim's\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Kim's\AppData\Roaming\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Google\Chrome\Extensions\apjkpjchfbckhjhokinlgdbmibpbbjak
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\StartNow Toolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004493.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004493.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004493.FBApi
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004493.FBApi.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004493.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004493.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2612669
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Funmoods
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\Software\StartNow Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\apjkpjchfbckhjhokinlgdbmibpbbjak
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

File : C:\Users\Kim's\AppData\Roaming\Mozilla\Firefox\Profiles\705pl0y2.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Kim's\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.52] : icon_url = "hxxp://search.conduit.com/fav.ico",
Deleted [l.55] : keyword = "search.conduit.com",
Deleted [l.58] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2[...]
Deleted [l.59] : suggest_url = "hxxp://search.conduit.com/",

*************************

AdwCleaner[S1].txt - [8212 octets] - [08/01/2013 01:27:40]

########## EOF - C:\AdwCleaner[S1].txt - [8272 octets] ##########

I downloaded aswMBR to my desktop. I double click and it takes a while to start. It doesn't ask to download Avast virus definitions. I click scan and it runs for a bit. Then the computer crashes. It has happened three times.

Kim

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,705 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:43 PM

Posted 08 January 2013 - 02:12 PM

Ugghh .. There must be a protected malware and we cannot see it. I think we should get a deeper look. Please follow this Preparation Guide and post in a new topic.

Let me know if all went well.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#11 Kim_K

Kim_K
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:43 AM

Posted 09 January 2013 - 06:03 PM

Hi Boopme

Thank you so much for you time. I've started the new topic as you said. I hope I get this worked out soon.

Thanks again
Kim

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,705 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:43 PM

Posted 09 January 2013 - 06:18 PM

Hi Kim,sorry we couldn't get it here,but we will there. They just need a day to analyze the logs and work up a fix.

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 2 days and ALL logs are answered.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users