Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ContinueToSave and PcPerformer - are these malwares/viruses on my computer?


  • Please log in to reply
32 replies to this topic

#1 thebastianexperience

thebastianexperience

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Manila, Philippines
  • Local time:02:46 PM

Posted 10 February 2013 - 05:20 PM

hello BC team of experts,

 

i am experiencing performance issues with one of our computers here at home. it seems slow in loading my games online and local, loading apps, and at times in pulling up webpages. i just checked it now, and i dont know for sure if the main user of this computer removed the antivirus programs, but it seems like there isnt any installed here (i believe this had mcafee installed before, but i maybe mistaken, it might be ESET or AVG, i am unsure because the main user is not available right now)... 

 

i was just hired as tech support for one callcenter here, and i jut recently learned about malwarebytes and ccleaner. so i tried using them both. it seems like the performance is a bit better now, but its really hard to tell with just a few minutes of using it since i did the clean up..

 

i checked the programs list and saw ContinueToSave - from BetterSoft and PcPerformer - from PerformerSoft LLC, i think both are malicious software but i am unsure.

 

Can one of your experts shed some light on these software? if it is necessary that i remove them?... actually i tried removing PcPerformer, but it said that it will not be removed because it had a missing file that needs to be reloaded, but the msg didnt come with instructions how to reload the missing file. hence both software are still in my programs list...

 

and i would like to know on what forum should i ask assitance about programs installed in my computer. because apart from these, i still have quite a few that i need to see if they are valid, or is there a program like that can detect suspicious or unnecessary programs and delete it automatically?..

 

thank you for all your help, so far, i have been reading tutorials here, its TMI for me, whew! but still, very very much informative, i hope that when i start to work, the company would not block sites like this from our work computers! :)

 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,423 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:46 AM

Posted 10 February 2013 - 05:31 PM

Welcome ...let;s scan and get some info.

 

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed

 

 

 

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.

 

 


ADW Cleaner

Please download [URL="http://www.bleepingcomputer.com/download/adwcleaner/dl/125/"]AdwCleaner[/URL][/B] by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

>>>>

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

[B]NOTE:Sometimes if ESET finds no infections it will not create a log.


How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#3 thebastianexperience

thebastianexperience
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Manila, Philippines
  • Local time:02:46 PM

Posted 10 February 2013 - 05:35 PM

hey there, thanks for getting back to me on this. here's the result of  minitoolbox :

 

 

MiniToolBox by Farbar  Version:10-01-2013
Ran by lenovo (administrator) on 11-02-2013 at 06:34:18
Running from "C:\Users\lenovo\Downloads"
Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set subinterface interface=?!) subinterface=ethernet_6 mtu=1477
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : lenovo-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.name
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 0A-A3-C4-0B-C6-4F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : domain.name
   Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
   Physical Address. . . . . . . . . : 68-A3-C4-0B-C6-4F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c089:1b43:40ad:63c6%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.254.104(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, February 11, 2013 5:35:06 AM
   Lease Expires . . . . . . . . . . : Thursday, February 14, 2013 6:29:57 AM
   Default Gateway . . . . . . . . . : 192.168.254.254
   DHCP Server . . . . . . . . . . . : 192.168.254.254
   DHCPv6 IAID . . . . . . . . . . . : 342401988
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-1F-7A-81-1C-75-08-66-09-73
   DNS Servers . . . . . . . . . . . : 192.168.254.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : 1C-75-08-66-09-73
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 90-00-4E-F4-83-A4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.domain.name:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:2c43:399f:3f57:197(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::2c43:399f:3f57:197%18(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 14:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : domain.name
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter 6TO4 Adapter:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.254.254
 
Name:    google.com
Addresses:  2404:6800:4003:801::1008
      74.125.235.46
      74.125.235.32
      74.125.235.33
      74.125.235.34
      74.125.235.35
      74.125.235.36
      74.125.235.37
      74.125.235.38
      74.125.235.39
      74.125.235.40
      74.125.235.41
 
 
Pinging google.com [173.194.38.128] with 32 bytes of data:
Reply from 173.194.38.128: bytes=32 time=112ms TTL=51
Reply from 173.194.38.128: bytes=32 time=112ms TTL=51
 
Ping statistics for 173.194.38.128:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 112ms, Maximum = 112ms, Average = 112ms
Server:  UnKnown
Address:  192.168.254.254
 
Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=430ms TTL=47
Reply from 98.139.183.24: bytes=32 time=673ms TTL=47
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 430ms, Maximum = 673ms, Average = 551ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=17ms TTL=128
Reply from 127.0.0.1: bytes=32 time=5ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 5ms, Maximum = 17ms, Average = 11ms
===========================================================================
Interface List
 15...0a a3 c4 0b c6 4f ......Microsoft Virtual WiFi Miniport Adapter
 13...68 a3 c4 0b c6 4f ......Atheros AR9285 Wireless Network Adapter
 12...1c 75 08 66 09 73 ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
 11...90 00 4e f4 83 a4 ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 16...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.254.254  192.168.254.104     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
    192.168.254.0    255.255.255.0         On-link   192.168.254.104    281
  192.168.254.104  255.255.255.255         On-link   192.168.254.104    281
  192.168.254.255  255.255.255.255         On-link   192.168.254.104    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link   192.168.254.104    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link   192.168.254.104    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 18     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 18     58 2001::/32                On-link
 18    306 2001:0:9d38:953c:2c43:399f:3f57:197/128
                                    On-link
 13    281 fe80::/64                On-link
 18    306 fe80::/64                On-link
 18    306 fe80::2c43:399f:3f57:197/128
                                    On-link
 13    281 fe80::c089:1b43:40ad:63c6/128
                                    On-link
  1    306 ff00::/8                 On-link
 18    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/11/2013 05:36:22 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.
 
 
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (02/11/2013 05:36:22 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (02/11/2013 05:36:22 AM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (02/11/2013 05:36:22 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (02/11/2013 05:36:12 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (02/11/2013 05:36:12 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (02/11/2013 05:36:12 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
 
 
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (02/11/2013 05:36:12 AM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.
 
 
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (02/11/2013 05:36:12 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot open the Jet property store.
 
 
Details:
    0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))
 
Error: (02/11/2013 05:36:12 AM) (Source: ESENT) (User: )
Description: Windows (3436) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS001BD.log.
 
 
System errors:
=============
Error: (02/11/2013 05:36:52 AM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056
 
Error: (02/11/2013 05:36:22 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (02/11/2013 05:36:22 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
 
Error: (02/11/2013 05:36:12 AM) (Source: ipnathlp) (User: )
Description: 192.168.254.104192.168.137.0255.255.255.0
 
Error: (02/11/2013 05:36:11 AM) (Source: ipnathlp) (User: )
Description: 
 
Error: (02/11/2013 05:00:12 AM) (Source: ipnathlp) (User: )
Description: 192.168.254.104192.168.137.0255.255.255.0
 
Error: (02/11/2013 05:00:12 AM) (Source: ipnathlp) (User: )
Description: 
 
Error: (02/11/2013 00:58:12 AM) (Source: ipnathlp) (User: )
Description: 0
 
Error: (02/11/2013 00:57:56 AM) (Source: ipnathlp) (User: )
Description: 192.168.254.104192.168.137.0255.255.255.0
 
Error: (02/11/2013 00:57:54 AM) (Source: ipnathlp) (User: )
Description: 0
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2012-08-31 12:55:13.525
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-08-31 12:49:51.223
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
Adobe Flash Player 11 ActiveX (Version: 11.5.502.149)
Adobe Flash Player 11 Plugin (Version: 11.5.502.149)
Adobe Photoshop CS (Version: CS)
Adobe Reader 9.1 (Version: 9.1.0)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Anti-phishing Domain Advisor (Version: 1.0.0.0)
Atheros Client Installation Program (Version: 7.0)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.36)
AviSynth 2.5
BFlix Gadget (Version: 1.0)
CCleaner (Version: 3.27)
Conexant HD Audio (Version: 8.42.0.0)
continuetosave (Version: )
ContinueToSave (Version: 1.0)
ContinueToSave 1.74
CyberLink YouCam (Version: 3.0.1811.7429)
Energy Management (Version: 5.3.2.6)
ETDWare PS/2-X86 8.0.4.1_WHQL (Version: 8.0.4.1)
Garena - League of Legends PH (Version: 2011)
Garena Plus (Version: 2011)
GodsWar (Version: 1.01.53)
GodsWar Online (Version: 2.49.016)
Google Chrome (Version: 24.0.1312.57)
Google Update Helper (Version: 1.3.21.135)
Grand Chase version Grand Chase Season 4 : Chaos Zero Update (Version: Grand Chase Season 4 : Chaos Zero Update)
Haali Media Splitter
IGG Web3D Player version 1.0.0.38 (Version: 1.0.0.38)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2202)
K-Lite Mega Codec Pack 5.9.0 (Version: 5.9.0)
Kalydo Player 4.11.00 (Version: 4.11.00)
LAV Filters 0.51.3 (Version: 0.51.3)
Lenovo Bluetooth with Enhanced Data Rate Software (Version: 6.3.0.7400)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
McAfee SiteAdvisor (Version: 3.6.187)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
neroxml (Version: 1.0.0)
Nokia Connectivity Cable Driver (Version: 7.1.32.64)
PC Performer (Version: 11.10)
Realtek USB 2.0 Reader Driver (Version: 6.1.7600.10008)
Search Assistant SimpleSpeedy 1.74
Sothink Video Converter (Version: 3.6)
SProtector 1.46
Sun Broadband Wireless (Version: 16.001.06.04.256)
swMSM (Version: 12.0.0.1)
Total Immersion D'Fusion @Home Web Plug-In
Total Immersion D'Fusion Web Plugin
Unity Web Player (Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
uTorrentBar Toolbar (Version: 6.6.0.19)
Vid-Saver (Version: 1.14.149.149)
VLC media player 1.0.2 (Version: 1.0.2)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
WinRAR archiver
Yahoo! Messenger
ZoneAlarm LTD Toolbar
 
========================= Memory info: ===================================
 
Percentage of memory in use: 58%
Total physical RAM: 2008.6 MB
Available physical RAM: 834.5 MB
Total Pagefile: 4017.2 MB
Available Pagefile: 2418.96 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.41 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:146.39 GB) (Free:53.59 GB) NTFS
2 Drive d: (backup) (Fixed) (Total:319.28 GB) (Free:288.25 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\LENOVO-PC
 
Administrator            Guest                    lenovo                   
 
 
**** End of log ****


#4 thebastianexperience

thebastianexperience
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Manila, Philippines
  • Local time:02:46 PM

Posted 10 February 2013 - 05:39 PM

here's the result of the TDSkiller:

 

 

06:36:44.0867 5636  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
06:36:45.0641 5636  ============================================================
06:36:45.0641 5636  Current date / time: 2013/02/11 06:36:45.0641
06:36:45.0641 5636  SystemInfo:
06:36:45.0641 5636  
06:36:45.0641 5636  OS Version: 6.1.7601 ServicePack: 1.0
06:36:45.0641 5636  Product type: Workstation
06:36:45.0642 5636  ComputerName: LENOVO-PC
06:36:45.0642 5636  UserName: lenovo
06:36:45.0642 5636  Windows directory: C:\Windows
06:36:45.0642 5636  System windows directory: C:\Windows
06:36:45.0642 5636  Processor architecture: Intel x86
06:36:45.0642 5636  Number of processors: 2
06:36:45.0642 5636  Page size: 0x1000
06:36:45.0642 5636  Boot type: Normal boot
06:36:45.0642 5636  ============================================================
06:36:47.0971 5636  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
06:36:48.0030 5636  ============================================================
06:36:48.0031 5636  \Device\Harddisk0\DR0:
06:36:48.0031 5636  MBR partitions:
06:36:48.0031 5636  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
06:36:48.0031 5636  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x124C6000
06:36:48.0031 5636  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x124F8800, BlocksNum 0x27E8D000
06:36:48.0031 5636  ============================================================
06:36:48.0083 5636  C: <-> \Device\Harddisk0\DR0\Partition2
06:36:48.0146 5636  D: <-> \Device\Harddisk0\DR0\Partition3
06:36:48.0200 5636  ============================================================
06:36:48.0200 5636  Initialize success
06:36:48.0200 5636  ============================================================
06:37:18.0993 5040  ============================================================
06:37:18.0993 5040  Scan started
06:37:18.0993 5040  Mode: Manual; TDLFS; 
06:37:18.0993 5040  ============================================================
06:37:19.0466 5040  ================ Scan system memory ========================
06:37:19.0466 5040  System memory - ok
06:37:19.0467 5040  ================ Scan services =============================
06:37:19.0657 5040  1394hub - ok
06:37:19.0707 5040  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
06:37:19.0711 5040  1394ohci - ok
06:37:19.0744 5040  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
06:37:19.0750 5040  ACPI - ok
06:37:19.0777 5040  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
06:37:19.0778 5040  AcpiPmi - ok
06:37:19.0817 5040  [ 0FF1F2F287E65A66A3B72484B9895785 ] ACPIVPC         C:\Windows\system32\DRIVERS\AcpiVpc.sys
06:37:19.0819 5040  ACPIVPC - ok
06:37:19.0881 5040  [ 5DDC0A8D2CD60BDA593DDAF45821CE08 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
06:37:19.0884 5040  Adobe LM Service - ok
06:37:19.0993 5040  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
06:37:19.0996 5040  AdobeFlashPlayerUpdateSvc - ok
06:37:20.0056 5040  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
06:37:20.0064 5040  adp94xx - ok
06:37:20.0079 5040  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
06:37:20.0087 5040  adpahci - ok
06:37:20.0103 5040  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
06:37:20.0106 5040  adpu320 - ok
06:37:20.0139 5040  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
06:37:20.0140 5040  AeLookupSvc - ok
06:37:20.0183 5040  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
06:37:20.0188 5040  AFD - ok
06:37:20.0222 5040  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
06:37:20.0224 5040  agp440 - ok
06:37:20.0261 5040  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
06:37:20.0263 5040  aic78xx - ok
06:37:20.0303 5040  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
06:37:20.0306 5040  ALG - ok
06:37:20.0326 5040  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
06:37:20.0328 5040  aliide - ok
06:37:20.0365 5040  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
06:37:20.0367 5040  amdagp - ok
06:37:20.0383 5040  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
06:37:20.0384 5040  amdide - ok
06:37:20.0420 5040  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
06:37:20.0422 5040  AmdK8 - ok
06:37:20.0431 5040  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
06:37:20.0434 5040  AmdPPM - ok
06:37:20.0458 5040  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
06:37:20.0460 5040  amdsata - ok
06:37:20.0483 5040  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
06:37:20.0486 5040  amdsbs - ok
06:37:20.0502 5040  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
06:37:20.0503 5040  amdxata - ok
06:37:20.0532 5040  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
06:37:20.0541 5040  AppID - ok
06:37:20.0611 5040  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
06:37:20.0612 5040  AppIDSvc - ok
06:37:20.0652 5040  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
06:37:20.0654 5040  Appinfo - ok
06:37:20.0697 5040  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
06:37:20.0700 5040  arc - ok
06:37:20.0709 5040  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
06:37:20.0712 5040  arcsas - ok
06:37:20.0724 5040  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
06:37:20.0727 5040  AsyncMac - ok
06:37:20.0764 5040  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
06:37:20.0765 5040  atapi - ok
06:37:20.0856 5040  [ FD08D220342C0F5556EE1D1A618817DD ] athr            C:\Windows\system32\DRIVERS\athr.sys
06:37:20.0887 5040  athr - ok
06:37:20.0937 5040  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
06:37:20.0944 5040  AudioEndpointBuilder - ok
06:37:20.0956 5040  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
06:37:20.0959 5040  Audiosrv - ok
06:37:20.0998 5040  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
06:37:21.0000 5040  AxInstSV - ok
06:37:21.0048 5040  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
06:37:21.0057 5040  b06bdrv - ok
06:37:21.0088 5040  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
06:37:21.0094 5040  b57nd60x - ok
06:37:21.0130 5040  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
06:37:21.0157 5040  BDESVC - ok
06:37:21.0190 5040  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
06:37:21.0192 5040  Beep - ok
06:37:21.0246 5040  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
06:37:21.0256 5040  BFE - ok
06:37:21.0283 5040  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
06:37:21.0295 5040  BITS - ok
06:37:21.0309 5040  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
06:37:21.0322 5040  blbdrive - ok
06:37:21.0354 5040  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
06:37:21.0356 5040  bowser - ok
06:37:21.0411 5040  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
06:37:21.0413 5040  BrFiltLo - ok
06:37:21.0451 5040  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
06:37:21.0452 5040  BrFiltUp - ok
06:37:21.0485 5040  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
06:37:21.0488 5040  Browser - ok
06:37:21.0519 5040  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
06:37:21.0525 5040  Brserid - ok
06:37:21.0556 5040  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
06:37:21.0558 5040  BrSerWdm - ok
06:37:21.0565 5040  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
06:37:21.0567 5040  BrUsbMdm - ok
06:37:21.0574 5040  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
06:37:21.0576 5040  BrUsbSer - ok
06:37:21.0619 5040  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
06:37:21.0620 5040  BthEnum - ok
06:37:21.0633 5040  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
06:37:21.0634 5040  BTHMODEM - ok
06:37:21.0662 5040  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
06:37:21.0664 5040  BthPan - ok
06:37:21.0742 5040  [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
06:37:21.0751 5040  BTHPORT - ok
06:37:21.0806 5040  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
06:37:21.0808 5040  bthserv - ok
06:37:21.0849 5040  [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
06:37:21.0850 5040  BTHUSB - ok
06:37:21.0899 5040  [ 7C725D3F2955A04D0B491276482D8D6F ] BTWAMPFL        C:\Windows\system32\DRIVERS\btwampfl.sys
06:37:21.0906 5040  BTWAMPFL - ok
06:37:21.0926 5040  [ C30935C27EB451586143B79B7DAD590F ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
06:37:21.0929 5040  btwaudio - ok
06:37:21.0962 5040  [ 9ABEA4DC976E3F47DA2D4B169719CBAA ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
06:37:21.0965 5040  btwavdt - ok
06:37:22.0038 5040  [ 82EBFEB0249FDF850A17F7E3140FB32F ] btwdins         C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
06:37:22.0051 5040  btwdins - ok
06:37:22.0079 5040  [ AF2B0D934730F4B8EA8A999BA01EAF62 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
06:37:22.0081 5040  btwl2cap - ok
06:37:22.0090 5040  [ 1E5468447E4D18FBEA5F01267D6495A5 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
06:37:22.0092 5040  btwrchid - ok
06:37:22.0114 5040  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
06:37:22.0117 5040  cdfs - ok
06:37:22.0164 5040  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
06:37:22.0167 5040  cdrom - ok
06:37:22.0208 5040  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
06:37:22.0210 5040  CertPropSvc - ok
06:37:22.0226 5040  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
06:37:22.0228 5040  circlass - ok
06:37:22.0256 5040  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
06:37:22.0261 5040  CLFS - ok
06:37:22.0335 5040  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:37:22.0338 5040  clr_optimization_v2.0.50727_32 - ok
06:37:22.0428 5040  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:37:22.0431 5040  clr_optimization_v4.0.30319_32 - ok
06:37:22.0453 5040  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
06:37:22.0454 5040  CmBatt - ok
06:37:22.0479 5040  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
06:37:22.0480 5040  cmdide - ok
06:37:22.0524 5040  [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG             C:\Windows\system32\Drivers\cng.sys
06:37:22.0532 5040  CNG - ok
06:37:22.0635 5040  [ F72D0351E9C649D70841A48F7D4277C8 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
06:37:22.0659 5040  CnxtHdAudService - ok
06:37:22.0692 5040  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
06:37:22.0694 5040  Compbatt - ok
06:37:22.0723 5040  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
06:37:22.0725 5040  CompositeBus - ok
06:37:22.0740 5040  COMSysApp - ok
06:37:22.0759 5040  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
06:37:22.0761 5040  crcdisk - ok
06:37:22.0807 5040  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
06:37:22.0810 5040  CryptSvc - ok
06:37:22.0851 5040  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
06:37:22.0862 5040  DcomLaunch - ok
06:37:22.0967 5040  [ CC8B5C964B777F4EC3E89F13B4B5FF0F ] DCService.exe   C:\ProgramData\DatacardService\DCService.exe
06:37:22.0972 5040  DCService.exe - ok
06:37:23.0009 5040  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
06:37:23.0014 5040  defragsvc - ok
06:37:23.0048 5040  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
06:37:23.0050 5040  DfsC - ok
06:37:23.0114 5040  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
06:37:23.0120 5040  Dhcp - ok
06:37:23.0156 5040  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
06:37:23.0158 5040  discache - ok
06:37:23.0202 5040  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
06:37:23.0205 5040  Disk - ok
06:37:23.0231 5040  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
06:37:23.0236 5040  Dnscache - ok
06:37:23.0286 5040  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
06:37:23.0291 5040  dot3svc - ok
06:37:23.0329 5040  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
06:37:23.0333 5040  DPS - ok
06:37:23.0379 5040  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
06:37:23.0389 5040  drmkaud - ok
06:37:23.0491 5040  dump_wmimmc - ok
06:37:23.0545 5040  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
06:37:23.0559 5040  DXGKrnl - ok
06:37:23.0596 5040  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
06:37:23.0600 5040  EapHost - ok
06:37:23.0714 5040  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
06:37:23.0807 5040  ebdrv - ok
06:37:23.0854 5040  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
06:37:23.0856 5040  EFS - ok
06:37:23.0915 5040  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
06:37:23.0926 5040  ehRecvr - ok
06:37:23.0958 5040  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
06:37:23.0961 5040  ehSched - ok
06:37:24.0022 5040  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
06:37:24.0031 5040  elxstor - ok
06:37:24.0073 5040  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
06:37:24.0074 5040  ErrDev - ok
06:37:24.0140 5040  [ 39FA6CB6F37D374EF925EB7B1E77BFF5 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
06:37:24.0144 5040  ETD - ok
06:37:24.0203 5040  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
06:37:24.0209 5040  EventSystem - ok
06:37:24.0275 5040  [ ABA5756393410EC871D803D8D1B12FCD ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
06:37:24.0280 5040  ewusbnet - ok
06:37:24.0316 5040  [ E98A64C7F106740A38FB2B78197816F8 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
06:37:24.0320 5040  ew_hwusbdev - ok
06:37:24.0373 5040  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
06:37:24.0377 5040  exfat - ok
06:37:24.0415 5040  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
06:37:24.0419 5040  fastfat - ok
06:37:24.0473 5040  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
06:37:24.0485 5040  Fax - ok
06:37:24.0500 5040  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
06:37:24.0502 5040  fdc - ok
06:37:24.0525 5040  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
06:37:24.0528 5040  fdPHost - ok
06:37:24.0584 5040  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
06:37:24.0586 5040  FDResPub - ok
06:37:24.0623 5040  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
06:37:24.0626 5040  FileInfo - ok
06:37:24.0646 5040  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
06:37:24.0648 5040  Filetrace - ok
06:37:24.0664 5040  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
06:37:24.0666 5040  flpydisk - ok
06:37:24.0693 5040  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
06:37:24.0695 5040  FltMgr - ok
06:37:24.0737 5040  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\Windows\system32\FntCache.dll
06:37:24.0754 5040  FontCache - ok
06:37:24.0815 5040  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
06:37:24.0816 5040  FontCache3.0.0.0 - ok
06:37:24.0840 5040  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
06:37:24.0842 5040  FsDepends - ok
06:37:24.0873 5040  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
06:37:24.0875 5040  Fs_Rec - ok
06:37:24.0914 5040  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
06:37:24.0920 5040  fvevol - ok
06:37:24.0955 5040  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
06:37:24.0957 5040  gagp30kx - ok
06:37:25.0023 5040  GGSAFERDriver - ok
06:37:25.0048 5040  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
06:37:25.0061 5040  gpsvc - ok
06:37:25.0176 5040  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
06:37:25.0179 5040  gupdate - ok
06:37:25.0227 5040  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
06:37:25.0229 5040  gupdatem - ok
06:37:25.0259 5040  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
06:37:25.0261 5040  hcw85cir - ok
06:37:25.0319 5040  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
06:37:25.0326 5040  HdAudAddService - ok
06:37:25.0379 5040  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
06:37:25.0382 5040  HDAudBus - ok
06:37:25.0415 5040  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
06:37:25.0417 5040  HidBatt - ok
06:37:25.0429 5040  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
06:37:25.0431 5040  HidBth - ok
06:37:25.0459 5040  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
06:37:25.0461 5040  HidIr - ok
06:37:25.0500 5040  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
06:37:25.0502 5040  hidserv - ok
06:37:25.0567 5040  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
06:37:25.0569 5040  HidUsb - ok
06:37:25.0611 5040  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
06:37:25.0616 5040  hkmsvc - ok
06:37:25.0649 5040  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
06:37:25.0655 5040  HomeGroupListener - ok
06:37:25.0690 5040  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
06:37:25.0696 5040  HomeGroupProvider - ok
06:37:25.0721 5040  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
06:37:25.0723 5040  HpSAMD - ok
06:37:25.0787 5040  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
06:37:25.0798 5040  HTTP - ok
06:37:25.0824 5040  [ BB3C8E4B88842F3A1B9C5D603210C277 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
06:37:25.0827 5040  huawei_enumerator - ok
06:37:25.0860 5040  [ 0B3957226EC94B1ECB7B9348BB535A23 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
06:37:25.0863 5040  hwdatacard - ok
06:37:25.0900 5040  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
06:37:25.0902 5040  hwpolicy - ok
06:37:25.0953 5040  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
06:37:25.0956 5040  i8042prt - ok
06:37:25.0997 5040  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
06:37:26.0004 5040  iaStorV - ok
06:37:26.0072 5040  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
06:37:26.0089 5040  idsvc - ok
06:37:26.0339 5040  [ DCE0B53570703CCE580D066F89EF58CD ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
06:37:26.0539 5040  igfx - ok
06:37:26.0607 5040  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
06:37:26.0609 5040  iirsp - ok
06:37:26.0676 5040  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
06:37:26.0690 5040  IKEEXT - ok
06:37:26.0731 5040  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
06:37:26.0733 5040  intelide - ok
06:37:26.0769 5040  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
06:37:26.0771 5040  intelppm - ok
06:37:26.0803 5040  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
06:37:26.0807 5040  IPBusEnum - ok
06:37:26.0827 5040  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:37:26.0830 5040  IpFilterDriver - ok
06:37:26.0889 5040  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
06:37:26.0900 5040  iphlpsvc - ok
06:37:26.0926 5040  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
06:37:26.0929 5040  IPMIDRV - ok
06:37:26.0962 5040  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
06:37:26.0965 5040  IPNAT - ok
06:37:26.0988 5040  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
06:37:26.0990 5040  IRENUM - ok
06:37:27.0017 5040  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
06:37:27.0019 5040  isapnp - ok
06:37:27.0053 5040  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
06:37:27.0059 5040  iScsiPrt - ok
06:37:27.0087 5040  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
06:37:27.0089 5040  kbdclass - ok
06:37:27.0114 5040  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
06:37:27.0116 5040  kbdhid - ok
06:37:27.0132 5040  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
06:37:27.0137 5040  KeyIso - ok
06:37:27.0188 5040  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
06:37:27.0189 5040  KSecDD - ok
06:37:27.0231 5040  [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
06:37:27.0235 5040  KSecPkg - ok
06:37:27.0284 5040  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
06:37:27.0291 5040  KtmRm - ok
06:37:27.0335 5040  [ C8FA09049E640B0A27E4B4446D958FE5 ] L1C             C:\Windows\system32\DRIVERS\L1C62x86.sys
06:37:27.0343 5040  L1C - ok
06:37:27.0399 5040  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
06:37:27.0406 5040  LanmanServer - ok
06:37:27.0441 5040  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
06:37:27.0447 5040  LanmanWorkstation - ok
06:37:27.0494 5040  [ 8FF8B5F04AC4D57F9A965BB4DF07813E ] LHDmgr          C:\Windows\system32\DRIVERS\LhdX86.sys
06:37:27.0496 5040  LHDmgr - ok
06:37:27.0532 5040  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
06:37:27.0541 5040  lltdio - ok
06:37:27.0604 5040  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
06:37:27.0611 5040  lltdsvc - ok
06:37:27.0624 5040  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
06:37:27.0628 5040  lmhosts - ok
06:37:27.0657 5040  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
06:37:27.0659 5040  LSI_FC - ok
06:37:27.0675 5040  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
06:37:27.0677 5040  LSI_SAS - ok
06:37:27.0690 5040  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
06:37:27.0691 5040  LSI_SAS2 - ok
06:37:27.0722 5040  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
06:37:27.0724 5040  LSI_SCSI - ok
06:37:27.0760 5040  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
06:37:27.0764 5040  luafv - ok
06:37:27.0838 5040  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
06:37:27.0840 5040  MBAMProtector - ok
06:37:27.0929 5040  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
06:37:27.0937 5040  MBAMScheduler - ok
06:37:27.0973 5040  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
06:37:27.0988 5040  MBAMService - ok
06:37:28.0066 5040  [ AA44024C1796F40D43F2E6C08B47A564 ] McAfee SiteAdvisor Service c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
06:37:28.0068 5040  McAfee SiteAdvisor Service - ok
06:37:28.0097 5040  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
06:37:28.0102 5040  Mcx2Svc - ok
06:37:28.0168 5040  [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
06:37:28.0175 5040  MDM - ok
06:37:28.0209 5040  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
06:37:28.0212 5040  megasas - ok
06:37:28.0240 5040  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
06:37:28.0246 5040  MegaSR - ok
06:37:28.0329 5040  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
06:37:28.0338 5040  Microsoft Office Groove Audit Service - ok
06:37:28.0373 5040  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
06:37:28.0375 5040  MMCSS - ok
06:37:28.0410 5040  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
06:37:28.0411 5040  Modem - ok
06:37:28.0432 5040  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
06:37:28.0433 5040  monitor - ok
06:37:28.0456 5040  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
06:37:28.0457 5040  mouclass - ok
06:37:28.0483 5040  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
06:37:28.0484 5040  mouhid - ok
06:37:28.0536 5040  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
06:37:28.0545 5040  mountmgr - ok
06:37:28.0674 5040  [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
06:37:28.0678 5040  MpFilter - ok
06:37:28.0716 5040  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
06:37:28.0720 5040  mpio - ok
06:37:28.0872 5040  [ A69630D039C38018689190234F866D77 ] MpKsl41f6db57   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF4CC673-4D67-467D-81F4-602FA2EDCEA9}\MpKsl41f6db57.sys
06:37:28.0874 5040  MpKsl41f6db57 - ok
06:37:28.0897 5040  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
06:37:28.0900 5040  mpsdrv - ok
06:37:28.0948 5040  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
06:37:28.0961 5040  MpsSvc - ok
06:37:29.0002 5040  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
06:37:29.0005 5040  MRxDAV - ok
06:37:29.0054 5040  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
06:37:29.0058 5040  mrxsmb - ok
06:37:29.0090 5040  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:37:29.0095 5040  mrxsmb10 - ok
06:37:29.0109 5040  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:37:29.0112 5040  mrxsmb20 - ok
06:37:29.0129 5040  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
06:37:29.0132 5040  msahci - ok
06:37:29.0149 5040  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
06:37:29.0151 5040  msdsm - ok
06:37:29.0194 5040  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
06:37:29.0198 5040  MSDTC - ok
06:37:29.0229 5040  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
06:37:29.0230 5040  Msfs - ok
06:37:29.0258 5040  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
06:37:29.0259 5040  mshidkmdf - ok
06:37:29.0298 5040  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
06:37:29.0299 5040  msisadrv - ok
06:37:29.0330 5040  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
06:37:29.0334 5040  MSiSCSI - ok
06:37:29.0340 5040  msiserver - ok
06:37:29.0375 5040  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
06:37:29.0377 5040  MSKSSRV - ok
06:37:29.0458 5040  [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
06:37:29.0459 5040  MsMpSvc - ok
06:37:29.0501 5040  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
06:37:29.0503 5040  MSPCLOCK - ok
06:37:29.0533 5040  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
06:37:29.0541 5040  MSPQM - ok
06:37:29.0569 5040  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
06:37:29.0573 5040  MsRPC - ok
06:37:29.0643 5040  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
06:37:29.0645 5040  mssmbios - ok
06:37:29.0661 5040  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
06:37:29.0663 5040  MSTEE - ok
06:37:29.0681 5040  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
06:37:29.0683 5040  MTConfig - ok
06:37:29.0696 5040  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
06:37:29.0698 5040  Mup - ok
06:37:29.0735 5040  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
06:37:29.0742 5040  napagent - ok
06:37:29.0788 5040  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
06:37:29.0793 5040  NativeWifiP - ok
06:37:29.0841 5040  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
06:37:29.0854 5040  NDIS - ok
06:37:29.0886 5040  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
06:37:29.0888 5040  NdisCap - ok
06:37:29.0918 5040  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
06:37:29.0920 5040  NdisTapi - ok
06:37:29.0952 5040  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
06:37:29.0955 5040  Ndisuio - ok
06:37:29.0996 5040  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
06:37:30.0000 5040  NdisWan - ok
06:37:30.0039 5040  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
06:37:30.0042 5040  NDProxy - ok
06:37:30.0079 5040  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
06:37:30.0081 5040  NetBIOS - ok
06:37:30.0130 5040  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
06:37:30.0135 5040  NetBT - ok
06:37:30.0154 5040  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
06:37:30.0157 5040  Netlogon - ok
06:37:30.0205 5040  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
06:37:30.0214 5040  Netman - ok
06:37:30.0240 5040  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
06:37:30.0251 5040  netprofm - ok
06:37:30.0293 5040  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
06:37:30.0297 5040  NetTcpPortSharing - ok
06:37:30.0329 5040  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
06:37:30.0331 5040  nfrd960 - ok
06:37:30.0435 5040  [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
06:37:30.0438 5040  NisDrv - ok
06:37:30.0492 5040  [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
06:37:30.0497 5040  NisSrv - ok
06:37:30.0529 5040  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
06:37:30.0541 5040  NlaSvc - ok
06:37:30.0629 5040  [ 712BC0C22BA00B2BA324C6B8DF668EE7 ] nmwcd           C:\Windows\system32\drivers\ccdcmb.sys
06:37:30.0631 5040  nmwcd - ok
06:37:30.0671 5040  [ 025C54F9F8C8BC1894EA38529C742C54 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
06:37:30.0673 5040  nmwcdc - ok
06:37:30.0708 5040  [ 4F0DE685A96DC843CCC8A861B3FAC12D ] nmwcdnsu        C:\Windows\system32\drivers\nmwcdnsu.sys
06:37:30.0712 5040  nmwcdnsu - ok
06:37:30.0746 5040  [ 0E008FC4819D238C51D7C93E7B41E560 ] Npfltsvc        C:\Windows\system32\drivers\msrpc.sys
06:37:30.0749 5040  Npfltsvc - ok
06:37:30.0767 5040  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
06:37:30.0770 5040  Npfs - ok
06:37:30.0791 5040  npggsvc - ok
06:37:30.0821 5040  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
06:37:30.0826 5040  nsi - ok
06:37:30.0840 5040  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
06:37:30.0842 5040  nsiproxy - ok
06:37:30.0911 5040  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
06:37:30.0934 5040  Ntfs - ok
06:37:30.0962 5040  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
06:37:30.0963 5040  Null - ok
06:37:30.0981 5040  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
06:37:30.0984 5040  nvraid - ok
06:37:31.0016 5040  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
06:37:31.0019 5040  nvstor - ok
06:37:31.0040 5040  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
06:37:31.0043 5040  nv_agp - ok
06:37:31.0089 5040  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
06:37:31.0097 5040  odserv - ok
06:37:31.0116 5040  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
06:37:31.0118 5040  ohci1394 - ok
06:37:31.0155 5040  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:37:31.0166 5040  ose - ok
06:37:31.0216 5040  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
06:37:31.0226 5040  p2pimsvc - ok
06:37:31.0249 5040  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
06:37:31.0260 5040  p2psvc - ok
06:37:31.0289 5040  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
06:37:31.0291 5040  Parport - ok
06:37:31.0321 5040  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
06:37:31.0323 5040  partmgr - ok
06:37:31.0341 5040  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
06:37:31.0343 5040  Parvdm - ok
06:37:31.0363 5040  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
06:37:31.0368 5040  PcaSvc - ok
06:37:31.0379 5040  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
06:37:31.0382 5040  pci - ok
06:37:31.0418 5040  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
06:37:31.0420 5040  pciide - ok
06:37:31.0456 5040  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
06:37:31.0484 5040  pcmcia - ok
06:37:31.0505 5040  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
06:37:31.0507 5040  pcw - ok
06:37:31.0550 5040  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
06:37:31.0561 5040  PEAUTH - ok
06:37:31.0649 5040  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
06:37:31.0675 5040  pla - ok
06:37:31.0698 5040  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
06:37:31.0705 5040  PlugPlay - ok
06:37:31.0730 5040  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
06:37:31.0733 5040  PNRPAutoReg - ok
06:37:31.0750 5040  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
06:37:31.0753 5040  PNRPsvc - ok
06:37:31.0781 5040  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
06:37:31.0788 5040  PolicyAgent - ok
06:37:31.0824 5040  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
06:37:31.0829 5040  Power - ok
06:37:31.0850 5040  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
06:37:31.0852 5040  PptpMiniport - ok
06:37:31.0869 5040  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
06:37:31.0871 5040  Processor - ok
06:37:31.0904 5040  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
06:37:31.0908 5040  ProfSvc - ok
06:37:31.0920 5040  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
06:37:31.0922 5040  ProtectedStorage - ok
06:37:31.0949 5040  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
06:37:31.0952 5040  Psched - ok
06:37:31.0993 5040  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
06:37:32.0013 5040  ql2300 - ok
06:37:32.0049 5040  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
06:37:32.0051 5040  ql40xx - ok
06:37:32.0083 5040  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
06:37:32.0089 5040  QWAVE - ok
06:37:32.0104 5040  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
06:37:32.0106 5040  QWAVEdrv - ok
06:37:32.0120 5040  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
06:37:32.0121 5040  RasAcd - ok
06:37:32.0166 5040  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
06:37:32.0168 5040  RasAgileVpn - ok
06:37:32.0180 5040  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
06:37:32.0184 5040  RasAuto - ok
06:37:32.0212 5040  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
06:37:32.0214 5040  Rasl2tp - ok
06:37:32.0264 5040  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
06:37:32.0272 5040  RasMan - ok
06:37:32.0295 5040  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
06:37:32.0297 5040  RasPppoe - ok
06:37:32.0310 5040  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
06:37:32.0312 5040  RasSstp - ok
06:37:32.0329 5040  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
06:37:32.0333 5040  rdbss - ok
06:37:32.0357 5040  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
06:37:32.0359 5040  rdpbus - ok
06:37:32.0394 5040  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
06:37:32.0395 5040  RDPCDD - ok
06:37:32.0424 5040  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
06:37:32.0425 5040  RDPENCDD - ok
06:37:32.0438 5040  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
06:37:32.0439 5040  RDPREFMP - ok
06:37:32.0485 5040  [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
06:37:32.0486 5040  RdpVideoMiniport - ok
06:37:32.0520 5040  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
06:37:32.0524 5040  RDPWD - ok
06:37:32.0614 5040  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
06:37:32.0619 5040  rdyboost - ok
06:37:32.0645 5040  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
06:37:32.0648 5040  RemoteAccess - ok
06:37:32.0679 5040  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
06:37:32.0683 5040  RemoteRegistry - ok
06:37:32.0723 5040  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
06:37:32.0727 5040  RFCOMM - ok
06:37:32.0750 5040  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
06:37:32.0756 5040  RpcEptMapper - ok
06:37:32.0775 5040  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
06:37:32.0779 5040  RpcLocator - ok
06:37:32.0806 5040  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
06:37:32.0811 5040  RpcSs - ok
06:37:32.0844 5040  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
06:37:32.0846 5040  rspndr - ok
06:37:32.0887 5040  [ 45449ACF2B9DD9278A40FCFB2DAA7969 ] RSUSBVSTOR      C:\Windows\system32\Drivers\RtsUVStor.sys
06:37:32.0891 5040  RSUSBVSTOR - ok
06:37:32.0919 5040  [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
06:37:32.0922 5040  RTL8167 - ok
06:37:32.0941 5040  [ CA5A4FBFE341F13733955B8AAC98F0B5 ] RTL8187B        C:\Windows\system32\DRIVERS\RTL8187B.sys
06:37:32.0946 5040  RTL8187B - ok
06:37:32.0965 5040  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
06:37:32.0967 5040  SamSs - ok
06:37:33.0012 5040  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
06:37:33.0014 5040  sbp2port - ok
06:37:33.0045 5040  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
06:37:33.0053 5040  SCardSvr - ok
06:37:33.0078 5040  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
06:37:33.0080 5040  scfilter - ok
06:37:33.0126 5040  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
06:37:33.0163 5040  Schedule - ok
06:37:33.0219 5040  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
06:37:33.0221 5040  SCPolicySvc - ok
06:37:33.0265 5040  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
06:37:33.0280 5040  SDRSVC - ok
06:37:33.0343 5040  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
06:37:33.0345 5040  secdrv - ok
06:37:33.0384 5040  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
06:37:33.0389 5040  seclogon - ok
06:37:33.0428 5040  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
06:37:33.0433 5040  SENS - ok
06:37:33.0502 5040  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
06:37:33.0508 5040  SensrSvc - ok
06:37:33.0524 5040  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
06:37:33.0526 5040  Serenum - ok
06:37:33.0570 5040  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
06:37:33.0574 5040  Serial - ok
06:37:33.0611 5040  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
06:37:33.0613 5040  sermouse - ok
06:37:33.0667 5040  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
06:37:33.0671 5040  SessionEnv - ok
06:37:33.0719 5040  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
06:37:33.0721 5040  sffdisk - ok
06:37:33.0752 5040  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
06:37:33.0754 5040  sffp_mmc - ok
06:37:33.0761 5040  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
06:37:33.0763 5040  sffp_sd - ok
06:37:33.0813 5040  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
06:37:33.0815 5040  sfloppy - ok
06:37:33.0856 5040  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
06:37:33.0863 5040  SharedAccess - ok
06:37:33.0931 5040  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
06:37:33.0942 5040  ShellHWDetection - ok
06:37:33.0979 5040  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
06:37:33.0982 5040  sisagp - ok
06:37:34.0016 5040  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
06:37:34.0018 5040  SiSRaid2 - ok
06:37:34.0045 5040  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
06:37:34.0048 5040  SiSRaid4 - ok
06:37:34.0067 5040  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
06:37:34.0069 5040  Smb - ok
06:37:34.0109 5040  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
06:37:34.0112 5040  SNMPTRAP - ok
06:37:34.0122 5040  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
06:37:34.0124 5040  spldr - ok
06:37:34.0180 5040  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
06:37:34.0187 5040  Spooler - ok
06:37:34.0287 5040  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
06:37:34.0371 5040  sppsvc - ok
06:37:34.0404 5040  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
06:37:34.0407 5040  sppuinotify - ok
06:37:34.0453 5040  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
06:37:34.0460 5040  srv - ok
06:37:34.0503 5040  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
06:37:34.0509 5040  srv2 - ok
06:37:34.0522 5040  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
06:37:34.0525 5040  srvnet - ok
06:37:34.0593 5040  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
06:37:34.0600 5040  SSDPSRV - ok
06:37:34.0622 5040  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
06:37:34.0627 5040  SstpSvc - ok
06:37:34.0653 5040  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
06:37:34.0655 5040  stexstor - ok
06:37:34.0705 5040  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
06:37:34.0718 5040  StiSvc - ok
06:37:34.0748 5040  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
06:37:34.0749 5040  swenum - ok
06:37:34.0772 5040  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
06:37:34.0779 5040  swprv - ok
06:37:34.0835 5040  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
06:37:34.0860 5040  SysMain - ok
06:37:34.0895 5040  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
06:37:34.0899 5040  TabletInputService - ok
06:37:34.0932 5040  [ 93260747EA752CA419E817F80E9A7262 ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
06:37:34.0933 5040  taphss6 - ok
06:37:34.0964 5040  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
06:37:34.0970 5040  TapiSrv - ok
06:37:34.0992 5040  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
06:37:34.0996 5040  TBS - ok
06:37:35.0040 5040  [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
06:37:35.0059 5040  Tcpip - ok
06:37:35.0107 5040  [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
06:37:35.0115 5040  TCPIP6 - ok
06:37:35.0157 5040  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
06:37:35.0159 5040  tcpipreg - ok
06:37:35.0195 5040  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
06:37:35.0196 5040  TDPIPE - ok
06:37:35.0223 5040  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
06:37:35.0224 5040  TDTCP - ok
06:37:35.0266 5040  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
06:37:35.0268 5040  tdx - ok
06:37:35.0305 5040  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
06:37:35.0308 5040  TermDD - ok
06:37:35.0350 5040  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
06:37:35.0364 5040  TermService - ok
06:37:35.0399 5040  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
06:37:35.0403 5040  Themes - ok
06:37:35.0418 5040  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
06:37:35.0421 5040  THREADORDER - ok
06:37:35.0449 5040  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
06:37:35.0452 5040  TrkWks - ok
06:37:35.0512 5040  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
06:37:35.0517 5040  TrustedInstaller - ok
06:37:35.0566 5040  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
06:37:35.0568 5040  tssecsrv - ok
06:37:35.0613 5040  [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
06:37:35.0615 5040  TsUsbFlt - ok
06:37:35.0674 5040  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
06:37:35.0677 5040  tunnel - ok
06:37:35.0712 5040  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
06:37:35.0714 5040  uagp35 - ok
06:37:35.0744 5040  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
06:37:35.0750 5040  udfs - ok
06:37:35.0795 5040  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
06:37:35.0799 5040  UI0Detect - ok
06:37:35.0820 5040  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
06:37:35.0823 5040  uliagpkx - ok
06:37:35.0845 5040  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
06:37:35.0847 5040  umbus - ok
06:37:35.0876 5040  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
06:37:35.0877 5040  UmPass - ok
06:37:35.0909 5040  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
06:37:35.0915 5040  upnphost - ok
06:37:35.0962 5040  [ 78B74AF8727A28C128E164E9B53A5413 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
06:37:35.0964 5040  upperdev - ok
06:37:36.0014 5040  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
06:37:36.0016 5040  usbccgp - ok
06:37:36.0070 5040  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
06:37:36.0073 5040  usbcir - ok
06:37:36.0092 5040  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
06:37:36.0095 5040  usbehci - ok
06:37:36.0127 5040  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
06:37:36.0134 5040  usbhub - ok
06:37:36.0160 5040  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
06:37:36.0162 5040  usbohci - ok
06:37:36.0186 5040  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
06:37:36.0188 5040  usbprint - ok
06:37:36.0253 5040  [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser          C:\Windows\system32\drivers\usbser.sys
06:37:36.0255 5040  usbser - ok
06:37:36.0288 5040  [ B76D8039F5B595C4CA551B3D5DD15A98 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
06:37:36.0291 5040  UsbserFilt - ok
06:37:36.0306 5040  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:37:36.0309 5040  USBSTOR - ok
06:37:36.0326 5040  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
06:37:36.0327 5040  usbuhci - ok
06:37:36.0347 5040  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
06:37:36.0350 5040  usbvideo - ok
06:37:36.0376 5040  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
06:37:36.0379 5040  UxSms - ok
06:37:36.0399 5040  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
06:37:36.0401 5040  VaultSvc - ok
06:37:36.0426 5040  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
06:37:36.0428 5040  vdrvroot - ok
06:37:36.0472 5040  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
06:37:36.0485 5040  vds - ok
06:37:36.0507 5040  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
06:37:36.0508 5040  vga - ok
06:37:36.0517 5040  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
06:37:36.0519 5040  VgaSave - ok
06:37:36.0601 5040  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
06:37:36.0606 5040  vhdmp - ok
06:37:36.0628 5040  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
06:37:36.0631 5040  viaagp - ok
06:37:36.0644 5040  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
06:37:36.0646 5040  ViaC7 - ok
06:37:36.0671 5040  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
06:37:36.0672 5040  viaide - ok
06:37:36.0684 5040  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
06:37:36.0686 5040  volmgr - ok
06:37:36.0719 5040  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
06:37:36.0724 5040  volmgrx - ok
06:37:36.0739 5040  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
06:37:36.0743 5040  volsnap - ok
06:37:36.0776 5040  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
06:37:36.0779 5040  vsmraid - ok
06:37:36.0824 5040  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
06:37:36.0842 5040  VSS - ok
06:37:36.0861 5040  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
06:37:36.0862 5040  vwifibus - ok
06:37:36.0876 5040  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
06:37:36.0878 5040  vwififlt - ok
06:37:36.0911 5040  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
06:37:36.0912 5040  vwifimp - ok
06:37:36.0945 5040  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
06:37:36.0952 5040  W32Time - ok
06:37:36.0980 5040  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
06:37:36.0981 5040  WacomPen - ok
06:37:37.0016 5040  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
06:37:37.0017 5040  WANARP - ok
06:37:37.0022 5040  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
06:37:37.0023 5040  Wanarpv6 - ok
06:37:37.0107 5040  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
06:37:37.0132 5040  WatAdminSvc - ok
06:37:37.0211 5040  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
06:37:37.0234 5040  wbengine - ok
06:37:37.0265 5040  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
06:37:37.0270 5040  WbioSrvc - ok
06:37:37.0311 5040  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
06:37:37.0321 5040  wcncsvc - ok
06:37:37.0350 5040  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
06:37:37.0354 5040  WcsPlugInService - ok
06:37:37.0410 5040  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
06:37:37.0412 5040  Wd - ok
06:37:37.0467 5040  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
06:37:37.0479 5040  Wdf01000 - ok
06:37:37.0512 5040  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
06:37:37.0516 5040  WdiServiceHost - ok
06:37:37.0522 5040  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
06:37:37.0528 5040  WdiSystemHost - ok
06:37:37.0571 5040  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
06:37:37.0577 5040  WebClient - ok
06:37:37.0608 5040  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
06:37:37.0616 5040  Wecsvc - ok
06:37:37.0650 5040  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
06:37:37.0657 5040  wercplsupport - ok
06:37:37.0703 5040  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
06:37:37.0709 5040  WerSvc - ok
06:37:37.0741 5040  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
06:37:37.0743 5040  WfpLwf - ok
06:37:37.0787 5040  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
06:37:37.0790 5040  WIMMount - ok
06:37:37.0888 5040  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
06:37:37.0901 5040  WinDefend - ok
06:37:37.0910 5040  WinHttpAutoProxySvc - ok
06:37:37.0977 5040  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
06:37:37.0981 5040  Winmgmt - ok
06:37:38.0043 5040  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
06:37:38.0071 5040  WinRM - ok
06:37:38.0136 5040  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
06:37:38.0137 5040  WinUsb - ok
06:37:38.0187 5040  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
06:37:38.0206 5040  Wlansvc - ok
06:37:38.0240 5040  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
06:37:38.0241 5040  WmiAcpi - ok
06:37:38.0272 5040  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
06:37:38.0275 5040  wmiApSrv - ok
06:37:38.0338 5040  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
06:37:38.0359 5040  WMPNetworkSvc - ok
06:37:38.0382 5040  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
06:37:38.0386 5040  WPCSvc - ok
06:37:38.0414 5040  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
06:37:38.0419 5040  WPDBusEnum - ok
06:37:38.0444 5040  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
06:37:38.0446 5040  ws2ifsl - ok
06:37:38.0477 5040  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
06:37:38.0481 5040  wscsvc - ok
06:37:38.0486 5040  WSearch - ok
06:37:38.0564 5040  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
06:37:38.0595 5040  wuauserv - ok
06:37:38.0632 5040  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
06:37:38.0633 5040  WudfPf - ok
06:37:38.0660 5040  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
06:37:38.0663 5040  WUDFRd - ok
06:37:38.0687 5040  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
06:37:38.0691 5040  wudfsvc - ok
06:37:38.0722 5040  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
06:37:38.0727 5040  WwanSvc - ok
06:37:38.0760 5040  ================ Scan global ===============================
06:37:38.0796 5040  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
06:37:38.0849 5040  [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
06:37:38.0865 5040  [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
06:37:38.0890 5040  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
06:37:38.0920 5040  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
06:37:38.0926 5040  [Global] - ok
06:37:38.0927 5040  ================ Scan MBR ==================================
06:37:38.0940 5040  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
06:37:39.0913 5040  \Device\Harddisk0\DR0 - ok
06:37:39.0913 5040  ================ Scan VBR ==================================
06:37:39.0951 5040  [ 5748024110141DC96C8097E0FA2FA41A ] \Device\Harddisk0\DR0\Partition1
06:37:39.0953 5040  \Device\Harddisk0\DR0\Partition1 - ok
06:37:39.0970 5040  [ 9FB261488463D0AE587166536DA16379 ] \Device\Harddisk0\DR0\Partition2
06:37:39.0972 5040  \Device\Harddisk0\DR0\Partition2 - ok
06:37:39.0990 5040  [ 56BEBFAD52A853CD5AE0C9F74E22444F ] \Device\Harddisk0\DR0\Partition3
06:37:39.0992 5040  \Device\Harddisk0\DR0\Partition3 - ok
06:37:39.0993 5040  ============================================================
06:37:39.0993 5040  Scan finished
06:37:39.0993 5040  ============================================================
06:37:40.0011 3844  Detected object count: 0
06:37:40.0011 3844  Actual detected object count: 0


#5 thebastianexperience

thebastianexperience
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Manila, Philippines
  • Local time:02:46 PM

Posted 10 February 2013 - 05:41 PM

here's the result of : ADWCleaner: 

 

 

# AdwCleaner v2.112 - Logfile created 02/11/2013 at 06:40:20
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : lenovo - LENOVO-PC
# Boot Mode : Normal
# Running from : C:\Users\lenovo\Downloads\AdwCleaner.exe
# Option [Search]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml
File Found : C:\user.js
File Found : C:\Users\lenovo\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\pfki7gqa.default\searchplugins\WebSearch.xml
File Found : C:\Windows\Tasks\PC Performer_DEFAULT.job
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\Smartdl
Folder Found : C:\Program Files\uTorrentBar
Folder Found : C:\ProgramData\Anti-phishing Domain Advisor
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\BetterSoft
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\ProgramData\Premium
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\lenovo\AppData\Local\Babylon
Folder Found : C:\Users\lenovo\AppData\Local\blekkotb
Folder Found : C:\Users\lenovo\AppData\Local\Conduit
Folder Found : C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Users\lenovo\AppData\Local\Ilivid Player
Folder Found : C:\Users\lenovo\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Users\lenovo\AppData\LocalLow\Conduit
Folder Found : C:\Users\lenovo\AppData\LocalLow\PriceGong
Folder Found : C:\Users\lenovo\AppData\LocalLow\searchquband
Folder Found : C:\Users\lenovo\AppData\LocalLow\uTorrentBar
Folder Found : C:\Users\lenovo\AppData\Roaming\Babylon
Folder Found : C:\Users\lenovo\AppData\Roaming\eType
Folder Found : C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\pfki7gqa.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Folder Found : C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\pfki7gqa.default\extensions\staged
Folder Found : C:\Users\lenovo\AppData\Roaming\PerformerSoft
Folder Found : C:\Users\lenovo\AppData\Roaming\yourfiledownloader
 
***** [Registry] *****
 
Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\contin~1\sprote~1.dll
Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\simple~1\sprote~1.dll
Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\sprote~1\sprote~1.dll
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\Software\blekkotb
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\uTorrentBar
Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\incredibar.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51C0AAAE-B4B2-19DC-48E8-65B91A873673}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51C0AAAE-B4B2-19DC-48E8-65B91A873673}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Found : HKCU\Software\PerformerSoft
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\SProtector
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BabylonToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1232C1C5-1648-4E92-AB5D-FF5C595341E6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{51C0AAAE-B4B2-19DC-48E8-65B91A873673}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.FBApi
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.FBApi.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CEC70E4-AD85-41DB-BE63-FF2BBAF1137E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D77EACF2-17CE-41C8-85F6-C21A11BF4D91}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51C0AAAE-B4B2-19DC-48E8-65B91A873673}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1232C1C5-1648-4E92-AB5D-FF5C595341E6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Performer_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SProtector
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Key Found : HKLM\Software\PerformerSoft
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector
Key Found : HKLM\Software\Tarma Installer
Key Found : HKLM\Software\uTorrentBar
Key Found : HKU\S-1-5-21-4191503082-593902595-2296002761-1002\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Anti-phishing Domain Advisor]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16457
 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.simplespeedy.info/
 
-\\ Mozilla Firefox v [Unable to get version]
 
File : C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\j33qo76k.default\prefs.js
 
[OK] File is clean.
 
File : C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\pfki7gqa.default\prefs.js
 
Found : user_pref("browser.search.defaultenginename", "WebSearch");
Found : user_pref("browser.search.defaultenginename,S", "WebSearch");
Found : user_pref("browser.search.defaulturl", "hxxp://websearch.simplespeedy.info/?l=1&q=");
Found : user_pref("browser.search.order.1", "WebSearch");
Found : user_pref("browser.search.order.1,S", "WebSearch");
Found : user_pref("browser.search.selectedEngine", "WebSearch");
Found : user_pref("browser.search.selectedEngine,S", "WebSearch");
Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Found : user_pref("keyword.URL", "hxxp://websearch.simplespeedy.info/?l=1&q=");
Found : user_pref("CT3220468.autoDisableScopes", -1);
Found : user_pref("browser.startup.homepage", "hxxp://websearch.simplespeedy.info/");
 
-\\ Google Chrome v24.0.1312.57
 
File : C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [10667 octets] - [11/02/2013 06:40:20]
 
########## EOF - C:\AdwCleaner[R1].txt - [10728 octets] ##########


#6 thebastianexperience

thebastianexperience
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Manila, Philippines
  • Local time:02:46 PM

Posted 10 February 2013 - 06:52 PM

hello boopme! i have finished all but the ESET online scanner, this is taking quite sometime to finish... by the way, should i be uninstalling the other programs you had me installed or is it better to keep those programs here? and what can u say about the programs i have here, are they all legit?... thanks again! :)



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,423 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:46 AM

Posted 10 February 2013 - 07:00 PM

Go into Control Panel ..Programs.. Uninstall and remove these...

Adobe Reader 9.1 (Version: 9.1.0)
continuetosave (Version: )
ContinueToSave (Version: 1.0)
ContinueToSave 1.74

PcPerformer

 

Reboot

 

Now See if there are any add ons left and Uninstall.

 

 

Run...
Junkware Removal Tool
  Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 


How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,423 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:46 AM

Posted 10 February 2013 - 07:02 PM

WE will clean up when done.. Looks like you are infecting yourself thru torrent downloads.

Let ESET finish beore doing the next instructions.


How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#9 thebastianexperience

thebastianexperience
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Manila, Philippines
  • Local time:02:46 PM

Posted 10 February 2013 - 07:15 PM

i am still unable to remove the PcPerformer entry. i am at 35% on the ESET scan,should i wait for it to complete before rebooting?



#10 thebastianexperience

thebastianexperience
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Manila, Philippines
  • Local time:02:46 PM

Posted 10 February 2013 - 07:22 PM

hmm, yeah, the main user of this computer does download from torrent a lot. i will definitely let him know and advise him to remove it.... thanks for letting me know that! :) by the way Boopme, when i tried clicking the link for junkremover tool, chrome indicated "the file appears malicious" ....

 

what ca u tell me about : 

1. avisynth 2.5

2. BFlix gadet

3. Haali media splitter

4. unity web player

5. vid-saver

 

are  all these legit apps?



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,423 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:46 AM

Posted 10 February 2013 - 09:03 PM

Ok, let ESET finish.. You are making it slow when you do other things..

 

JRT is a tool we made here,so hrome doesn't know it's safe.


How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#12 thebastianexperience

thebastianexperience
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Manila, Philippines
  • Local time:02:46 PM

Posted 10 February 2013 - 09:08 PM

noted, will do. :)



#13 thebastianexperience

thebastianexperience
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Manila, Philippines
  • Local time:02:46 PM

Posted 10 February 2013 - 09:14 PM

at last,it finished scanning. here's the result of the ESET online scan : 

 

 

C:\Program Files\ContinueToSave\sprotector.dll    a variant of Win32/SProtector.A application    
C:\Users\All Users\continuetosave\5106345161812.dll    a variant of Win32/Adware.MultiPlug.I application    
C:\Users\All Users\OptimizerPro\runtime.dll    Win32/GenUpdater application    
C:\Program Files\SimpleSpeedy\sprotector.dll    a variant of Win32/SProtector.A application    cleaned by deleting (after the next restart) - quarantined
C:\Program Files\SProtector\sprotector.dll    Win32/SProtector application    cleaned by deleting (after the next restart) - quarantined
C:\Program Files\SProtector\uninstall.exe    Win32/SProtector application    cleaned by deleting - quarantined
C:\ProgramData\continuetosave\5106345161812.dll    a variant of Win32/Adware.MultiPlug.I application    cleaned by deleting (after the next restart) - quarantined
C:\ProgramData\OptimizerPro\runtime.dll    Win32/GenUpdater application    cleaned by deleting - quarantined
C:\Users\lenovo\AppData\Local\Temp\ping.exe    a variant of Win32/Toolbar.CrossRider.C application    cleaned by deleting - quarantined
C:\Users\lenovo\AppData\Local\Updater3491\Updater3491.exe    a variant of Win32/Toolbar.CrossRider.C application    cleaned by deleting - quarantined
C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\pfki7gqa.default\extensions\[email protected]\content\bg.js    Win32/Adware.MultiPlug.H application    cleaned by deleting - quarantined
C:\Users\lenovo\Downloads\avc-free.exe    Win32/OpenCandy application    cleaned by deleting - quarantined
C:\Users\lenovo\Downloads\downloadmanager_Setup.exe    a variant of Win32/Adware.iBryte.D application    cleaned by deleting - quarantined
C:\Users\lenovo\Downloads\etypesetup (1).exe    a variant of Win32/Somoto.A application    cleaned by deleting - quarantined
C:\Users\lenovo\Downloads\etypesetup (2).exe    a variant of Win32/Somoto.A application    cleaned by deleting - quarantined
C:\Users\lenovo\Downloads\SoftonicDownloader_for_utorrent.exe    a variant of Win32/SoftonicDownloader.E application    cleaned by deleting - quarantined
C:\Users\lenovo\Downloads\Tomba_2_______TTB___iso (1).exe    Win32/Adware.1ClickDownload application    cleaned by deleting - quarantined
C:\Users\lenovo\Downloads\Update.exe    a variant of Win32/Toolbar.CrossRider.C application    cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VVNWU7HA\ApnIC[1].0    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
D:\application\ManyCam.exe    multiple threats    cleaned by deleting - quarantined
D:\application\nero\Toolbar.exe    Win32/Toolbar.AskSBar application    cleaned by deleting - quarantined
Operating memory    a variant of Win32/SProtector.A application    


#14 thebastianexperience

thebastianexperience
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Manila, Philippines
  • Local time:02:46 PM

Posted 10 February 2013 - 09:24 PM

here the result of the JRT :

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.2 (02.02.2013:2)
OS: Windows 7 Home Premium x86
Ran by lenovo on Mon 02/11/2013 at 10:19:10.34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\windows\currentversion\run\\anti-phishing domain advisor
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{7473b6bd-4691-4744-a82b-7854eb3d70b6} 
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} 
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} 
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\urlsearchhooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} 
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\main\\Start Page
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] hkey_current_user\software\1clickdownload
Successfully deleted: [Registry Key] hkey_local_machine\software\babylon
Successfully deleted: [Registry Key] hkey_current_user\software\babylontoolbar
Successfully deleted: [Registry Key] hkey_local_machine\software\babylontoolbar
Successfully deleted: [Registry Key] hkey_current_user\software\conduit
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\cr_installer
Successfully deleted: [Registry Key] hkey_current_user\software\datamngr
Successfully deleted: [Registry Key] hkey_current_user\software\im
Successfully deleted: [Registry Key] hkey_local_machine\software\iminent
Successfully deleted: [Registry Key] hkey_current_user\software\iminstaller
Successfully deleted: [Registry Key] hkey_current_user\software\incredibar.com
Successfully deleted: [Registry Key] hkey_current_user\software\performersoft
Successfully deleted: [Registry Key] hkey_local_machine\software\performersoft
Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_current_user\software\sweetim
Successfully deleted: [Registry Key] hkey_local_machine\software\sweetim
Successfully deleted: [Registry Key] hkey_local_machine\software\systweak
Successfully deleted: [Registry Key] hkey_local_machine\software\tarma installer
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduitsearchscopes
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\crossrider
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\pricegong
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\searchqutoolbar
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\smartbar
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\utorrentbar
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\sprotector
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\toolbar
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\prod.cap
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\incredibar_install_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\incredibar_install_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\searchqumediabar_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\searchqumediabar_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\setupdatamngr_searchqu_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\setupdatamngr_searchqu_rasmancs
Successfully deleted: [Registry Key-Heur] HKEY_CLASSES_ROOT\CrossriderApp0003491.FBApi
Successfully deleted: [Registry Key-Heur] HKEY_CLASSES_ROOT\CrossriderApp0003491.FBApi.1
Successfully deleted: [Registry Key-Heur] HKEY_CLASSES_ROOT\CrossriderApp0003491.Sandbox
Successfully deleted: [Registry Key-Heur] HKEY_CLASSES_ROOT\CrossriderApp0003491.Sandbox.1
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0003491.FBApi
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0003491.FBApi.1
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0003491.Sandbox
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0003491.Sandbox.1
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT2786678
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT3220468
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd22}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2406}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{bb74de59-bc4c-4172-9ac4-73315f71cffe}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{bb74de59-bc4c-4172-9ac4-73315f71cffe}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Windows\system32\roboot.exe"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\addict-thing"
Successfully deleted: [Folder] "C:\ProgramData\anti-phishing domain advisor"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\continuetosave"
Successfully deleted: [Folder] "C:\ProgramData\installmate"
Successfully deleted: [Folder] "C:\ProgramData\optimizerpro"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\lenovo\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\lenovo\AppData\Roaming\etype"
Successfully deleted: [Folder] "C:\Users\lenovo\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\lenovo\AppData\Roaming\registry mechanic"
Successfully deleted: [Folder] "C:\Users\lenovo\AppData\Roaming\yourfiledownloader"
Successfully deleted: [Folder] "C:\Users\lenovo\appdata\local\babylon"
Successfully deleted: [Folder] "C:\Users\lenovo\appdata\local\blekkotb"
Successfully deleted: [Folder] "C:\Users\lenovo\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\lenovo\appdata\local\ilivid player"
Successfully deleted: [Folder] "C:\Users\lenovo\appdata\local\vid-saver"
Successfully deleted: [Folder] "C:\Users\lenovo\appdata\locallow\addict-thing"
Successfully deleted: [Folder] "C:\Users\lenovo\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\lenovo\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\lenovo\appdata\locallow\continuetosave"
Successfully deleted: [Folder] "C:\Users\lenovo\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\lenovo\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\lenovo\appdata\locallow\searchquband"
Successfully deleted: [Folder] "C:\Users\lenovo\appdata\locallow\utorrentbar"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\continuetosave"
Successfully deleted: [Folder] "C:\Program Files\openapp"
Successfully deleted: [Folder] "C:\Program Files\pc performer"
Successfully deleted: [Folder] "C:\Program Files\smartdl"
Successfully deleted: [Folder] "C:\Program Files\sprotector"
Successfully deleted: [Folder] "C:\Program Files\utorrentbar"
Successfully deleted: [Folder] "C:\Program Files\vid-saver"
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\lenovo\appdata\local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Folder] C:\Users\lenovo\appdata\local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc
Successfully deleted: [Registry Key] hkey_current_user\software\google\chrome\extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\jplinpmadfkdgipabgcdchbdikologlh
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 02/11/2013 at 10:23:10.63
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#15 thebastianexperience

thebastianexperience
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Manila, Philippines
  • Local time:02:46 PM

Posted 10 February 2013 - 09:28 PM

only add ons left in chrome are :

1. vid-saver

2. site advisor.

 

in IE - i have

1. mcafee site advisor toolbar

2. mcafee site advisor BHO. 

3. groove GFS brower helper 

4. Groove folder synch

5. research

6. send to one note

7. research

8. send to bluetooth

9. discuss

 

(all of which are disabled)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users