Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

fbi ransomware


  • Please log in to reply
24 replies to this topic

#1 Helpmefixthisplease

Helpmefixthisplease

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:40 PM

Posted 29 January 2013 - 12:24 PM

Running Windows Vista infected with FBI ransomware. When I try to open the infected user profile in safe mode it executes a restart command into normal mode. Does this for safe mode and safe mode with networking. Can open safe mode with command prompt. All other user profiles open without issue. Ran Norton power eraser under a different administrator account yesterday. It found yhych eytig.exe and removed it problem still exists on my main user account. Thanks in advance for any help.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:40 PM

Posted 29 January 2013 - 01:39 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Helpmefixthisplease

Helpmefixthisplease
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:40 PM

Posted 29 January 2013 - 07:24 PM

Should I follow these instructions from the working admin profile because the infected profile only shows the fake FBI screen.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:40 PM

Posted 29 January 2013 - 07:28 PM

Yes

#5 Helpmefixthisplease

Helpmefixthisplease
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:40 PM

Posted 29 January 2013 - 07:47 PM

19:37:54.0499 2216 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:37:56.0558 2216 ============================================================
19:37:56.0558 2216 Current date / time: 2013/01/29 19:37:56.0558
19:37:56.0558 2216 SystemInfo:
19:37:56.0558 2216
19:37:56.0558 2216 OS Version: 6.0.6002 ServicePack: 2.0
19:37:56.0558 2216 Product type: Workstation
19:37:56.0558 2216 ComputerName: HANDBASKET
19:37:56.0558 2216 UserName: No
19:37:56.0558 2216 Windows directory: C:\Windows
19:37:56.0558 2216 System windows directory: C:\Windows
19:37:56.0558 2216 Processor architecture: Intel x86
19:37:56.0558 2216 Number of processors: 2
19:37:56.0558 2216 Page size: 0x1000
19:37:56.0558 2216 Boot type: Normal boot
19:37:56.0558 2216 ============================================================
19:37:59.0288 2216 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:37:59.0351 2216 ============================================================
19:37:59.0351 2216 \Device\Harddisk0\DR0:
19:37:59.0351 2216 MBR partitions:
19:37:59.0351 2216 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x8B4A800
19:37:59.0351 2216 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9ED3000, BlocksNum 0x8B46000
19:37:59.0351 2216 ============================================================
19:37:59.0522 2216 C: <-> \Device\Harddisk0\DR0\Partition1
19:37:59.0647 2216 D: <-> \Device\Harddisk0\DR0\Partition2
19:37:59.0647 2216 ============================================================
19:37:59.0647 2216 Initialize success
19:37:59.0647 2216 ============================================================
19:38:17.0072 3680 ============================================================
19:38:17.0072 3680 Scan started
19:38:17.0072 3680 Mode: Manual; TDLFS;
19:38:17.0072 3680 ============================================================
19:38:20.0629 3680 ================ Scan system memory ========================
19:38:20.0629 3680 System memory - ok
19:38:20.0629 3680 ================ Scan services =============================
19:38:21.0160 3680 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
19:38:21.0160 3680 ACPI - ok
19:38:25.0777 3680 [ 3C6588070959C94BCD1C9D2F05B614D5 ] AdobeActiveFileMonitor7.0 C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
19:38:25.0777 3680 AdobeActiveFileMonitor7.0 - ok
19:38:25.0980 3680 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:38:25.0980 3680 AdobeARMservice - ok
19:38:26.0058 3680 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:38:26.0058 3680 AdobeFlashPlayerUpdateSvc - ok
19:38:26.0136 3680 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:38:26.0167 3680 adp94xx - ok
19:38:26.0214 3680 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:38:26.0230 3680 adpahci - ok
19:38:26.0276 3680 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:38:26.0308 3680 adpu160m - ok
19:38:26.0339 3680 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:38:26.0339 3680 adpu320 - ok
19:38:26.0432 3680 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:38:26.0432 3680 AeLookupSvc - ok
19:38:26.0510 3680 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
19:38:26.0510 3680 AFD - ok
19:38:26.0588 3680 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
19:38:26.0588 3680 AgereModemAudio - ok
19:38:26.0666 3680 [ D31D1A92479BD8C0D050A6FFBDD410D9 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
19:38:26.0807 3680 AgereSoftModem - ok
19:38:26.0885 3680 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:38:26.0900 3680 agp440 - ok
19:38:26.0963 3680 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:38:26.0978 3680 aic78xx - ok
19:38:27.0041 3680 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
19:38:27.0041 3680 ALG - ok
19:38:27.0072 3680 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
19:38:27.0072 3680 aliide - ok
19:38:27.0150 3680 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:38:27.0150 3680 amdagp - ok
19:38:27.0181 3680 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
19:38:27.0181 3680 amdide - ok
19:38:27.0275 3680 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:38:27.0275 3680 AmdK7 - ok
19:38:27.0306 3680 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:38:27.0306 3680 AmdK8 - ok
19:38:27.0431 3680 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
19:38:27.0431 3680 Appinfo - ok
19:38:27.0665 3680 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:38:27.0680 3680 Apple Mobile Device - ok
19:38:27.0712 3680 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
19:38:27.0712 3680 arc - ok
19:38:27.0758 3680 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:38:27.0758 3680 arcsas - ok
19:38:27.0978 3680 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:38:28.0134 3680 aspnet_state - ok
19:38:28.0227 3680 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:38:28.0227 3680 AsyncMac - ok
19:38:28.0305 3680 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
19:38:28.0321 3680 atapi - ok
19:38:28.0399 3680 [ 6046A55F79DE9C581B8D5E9C1366CC81 ] athr C:\Windows\system32\DRIVERS\athr.sys
19:38:28.0493 3680 athr - ok
19:38:28.0602 3680 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:38:28.0617 3680 AudioEndpointBuilder - ok
19:38:28.0711 3680 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:38:28.0711 3680 Audiosrv - ok
19:38:28.0758 3680 [ 0B92CCF7BFCBE2B33838434F2F50CB61 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
19:38:28.0758 3680 b57nd60x - ok
19:38:29.0023 3680 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe
19:38:29.0070 3680 BBSvc - ok
19:38:29.0226 3680 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
19:38:29.0241 3680 BBUpdate - ok
19:38:29.0366 3680 [ 746F59822A5187510471FC46889B8CC9 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
19:38:29.0460 3680 BCM43XV - ok
19:38:29.0522 3680 [ 746F59822A5187510471FC46889B8CC9 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
19:38:29.0522 3680 BCM43XX - ok
19:38:29.0647 3680 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
19:38:29.0647 3680 Beep - ok
19:38:29.0803 3680 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
19:38:29.0803 3680 BFE - ok
19:38:30.0287 3680 [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\BASHDefs\20130116.013\BHDrvx86.sys
19:38:30.0583 3680 BHDrvx86 - ok
19:38:30.0723 3680 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
19:38:30.0755 3680 BITS - ok
19:38:30.0755 3680 blbdrive - ok
19:38:30.0973 3680 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:38:30.0973 3680 Bonjour Service - ok
19:38:31.0067 3680 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:38:31.0067 3680 bowser - ok
19:38:31.0113 3680 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:38:31.0113 3680 BrFiltLo - ok
19:38:31.0145 3680 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:38:31.0160 3680 BrFiltUp - ok
19:38:31.0207 3680 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
19:38:31.0223 3680 Browser - ok
19:38:31.0301 3680 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:38:31.0301 3680 Brserid - ok
19:38:31.0332 3680 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:38:31.0332 3680 BrSerWdm - ok
19:38:31.0363 3680 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:38:31.0363 3680 BrUsbMdm - ok
19:38:31.0379 3680 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:38:31.0394 3680 BrUsbSer - ok
19:38:31.0472 3680 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
19:38:31.0488 3680 BthEnum - ok
19:38:31.0550 3680 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:38:31.0550 3680 BTHMODEM - ok
19:38:31.0597 3680 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:38:31.0597 3680 BthPan - ok
19:38:31.0769 3680 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
19:38:31.0862 3680 BTHPORT - ok
19:38:31.0925 3680 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
19:38:31.0940 3680 BthServ - ok
19:38:32.0003 3680 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
19:38:32.0003 3680 BTHUSB - ok
19:38:32.0065 3680 [ 99AEEA7CEFDFC6E4151A8F620D682088 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
19:38:32.0065 3680 btwaudio - ok
19:38:32.0159 3680 [ 195872E48A7FB01F8BC9B800F70F4054 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
19:38:32.0174 3680 btwavdt - ok
19:38:32.0283 3680 [ 0724E7D6C9B6A289EDDDA33FA8176E80 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
19:38:32.0283 3680 btwrchid - ok
19:38:32.0471 3680 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_N360 C:\Windows\system32\drivers\N360\1402010.016\ccSetx86.sys
19:38:32.0471 3680 ccSet_N360 - ok
19:38:32.0564 3680 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:38:32.0564 3680 cdfs - ok
19:38:32.0673 3680 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:38:32.0673 3680 cdrom - ok
19:38:32.0736 3680 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
19:38:32.0736 3680 CertPropSvc - ok
19:38:32.0783 3680 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
19:38:32.0783 3680 circlass - ok
19:38:32.0861 3680 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
19:38:32.0861 3680 CLFS - ok
19:38:33.0032 3680 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:38:33.0032 3680 clr_optimization_v2.0.50727_32 - ok
19:38:33.0095 3680 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:38:33.0422 3680 clr_optimization_v4.0.30319_32 - ok
19:38:33.0485 3680 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:38:33.0485 3680 CmBatt - ok
19:38:33.0578 3680 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:38:33.0578 3680 cmdide - ok
19:38:33.0797 3680 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:38:33.0797 3680 Compbatt - ok
19:38:33.0812 3680 COMSysApp - ok
19:38:33.0843 3680 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:38:33.0859 3680 crcdisk - ok
19:38:33.0890 3680 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:38:33.0890 3680 Crusoe - ok
19:38:33.0984 3680 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:38:33.0999 3680 CryptSvc - ok
19:38:34.0124 3680 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:38:34.0171 3680 DcomLaunch - ok
19:38:34.0280 3680 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:38:34.0280 3680 DfsC - ok
19:38:34.0421 3680 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
19:38:34.0483 3680 DFSR - ok
19:38:34.0592 3680 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:38:34.0592 3680 Dhcp - ok
19:38:34.0670 3680 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
19:38:34.0670 3680 disk - ok
19:38:34.0717 3680 [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
19:38:34.0717 3680 DKbFltr - ok
19:38:34.0779 3680 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:38:34.0779 3680 Dnscache - ok
19:38:34.0842 3680 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:38:34.0842 3680 dot3svc - ok
19:38:34.0920 3680 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
19:38:34.0935 3680 DPS - ok
19:38:35.0294 3680 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:38:35.0294 3680 drmkaud - ok
19:38:35.0435 3680 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:38:35.0450 3680 DXGKrnl - ok
19:38:35.0513 3680 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:38:35.0513 3680 E1G60 - ok
19:38:35.0606 3680 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
19:38:35.0606 3680 EapHost - ok
19:38:35.0809 3680 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
19:38:35.0825 3680 Ecache - ok
19:38:36.0168 3680 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
19:38:36.0230 3680 eeCtrl - ok
19:38:36.0495 3680 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:38:36.0511 3680 ehRecvr - ok
19:38:36.0573 3680 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
19:38:36.0573 3680 ehSched - ok
19:38:36.0605 3680 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
19:38:36.0605 3680 ehstart - ok
19:38:36.0651 3680 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:38:36.0667 3680 elxstor - ok
19:38:36.0745 3680 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:38:36.0761 3680 EMDMgmt - ok
19:38:36.0870 3680 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:38:36.0885 3680 EraserUtilRebootDrv - ok
19:38:36.0979 3680 [ A7B084BFBBD582A843D2F5C35220F962 ] eRecoveryService C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
19:38:36.0979 3680 eRecoveryService - ok
19:38:37.0853 3680 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
19:38:37.0868 3680 EventSystem - ok
19:38:38.0243 3680 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
19:38:38.0399 3680 exfat - ok
19:38:38.0430 3680 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:38:38.0430 3680 fastfat - ok
19:38:38.0461 3680 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:38:38.0477 3680 fdc - ok
19:38:38.0508 3680 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
19:38:38.0508 3680 fdPHost - ok
19:38:38.0539 3680 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
19:38:38.0539 3680 FDResPub - ok
19:38:38.0601 3680 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:38:38.0617 3680 FileInfo - ok
19:38:38.0679 3680 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:38:38.0679 3680 Filetrace - ok
19:38:38.0835 3680 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:38:38.0960 3680 FLEXnet Licensing Service - ok
19:38:39.0007 3680 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:38:39.0007 3680 flpydisk - ok
19:38:39.0116 3680 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:38:39.0116 3680 FltMgr - ok
19:38:39.0491 3680 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
19:38:39.0569 3680 FontCache - ok
19:38:39.0662 3680 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:38:39.0662 3680 FontCache3.0.0.0 - ok
19:38:40.0005 3680 [ 81B4A2C6C9BD17FFB6031A0A61C09764 ] FreeAgentGoNext Service C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
19:38:40.0021 3680 FreeAgentGoNext Service - ok
19:38:40.0083 3680 [ 491E9D9A26A745F6AE7D570849F4BD87 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
19:38:40.0083 3680 fssfltr - ok
19:38:40.0629 3680 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
19:38:40.0863 3680 fsssvc - ok
19:38:40.0895 3680 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:38:40.0895 3680 Fs_Rec - ok
19:38:40.0957 3680 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:38:40.0957 3680 gagp30kx - ok
19:38:42.0455 3680 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files\WildTangent Games\App\GamesAppService.exe
19:38:42.0595 3680 GamesAppService - ok
19:38:42.0673 3680 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:38:42.0673 3680 GEARAspiWDM - ok
19:38:42.0735 3680 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
19:38:42.0751 3680 gpsvc - ok
19:38:42.0969 3680 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:38:42.0985 3680 gupdate - ok
19:38:43.0001 3680 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:38:43.0001 3680 gupdatem - ok
19:38:43.0079 3680 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:38:43.0094 3680 gusvc - ok
19:38:43.0219 3680 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:38:43.0235 3680 HdAudAddService - ok
19:38:43.0281 3680 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:38:43.0297 3680 HDAudBus - ok
19:38:43.0344 3680 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:38:43.0344 3680 HidBth - ok
19:38:43.0391 3680 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:38:43.0391 3680 HidIr - ok
19:38:43.0469 3680 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
19:38:43.0484 3680 hidserv - ok
19:38:43.0671 3680 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:38:43.0671 3680 HidUsb - ok
19:38:43.0734 3680 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:38:43.0734 3680 hkmsvc - ok
19:38:43.0765 3680 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:38:43.0765 3680 HpCISSs - ok
19:38:43.0843 3680 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:38:43.0843 3680 HSFHWAZL - ok
19:38:43.0921 3680 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
19:38:43.0968 3680 HSF_DPV - ok
19:38:44.0046 3680 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:38:44.0046 3680 HTTP - ok
19:38:44.0155 3680 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:38:44.0155 3680 i2omp - ok
19:38:44.0202 3680 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:38:44.0202 3680 i8042prt - ok
19:38:44.0264 3680 [ 204A73A56751C68C6031E9D5D611EC98 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
19:38:44.0280 3680 IAANTMON - ok
19:38:44.0389 3680 [ C134E69CE901422D1F2D7EA8D69098FE ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys
19:38:44.0529 3680 ialm - ok
19:38:44.0592 3680 [ 2358C53F30CB9DCD1D3843C4E2F299B2 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:38:44.0592 3680 iaStor - ok
19:38:44.0670 3680 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:38:44.0670 3680 iaStorV - ok
19:38:44.0919 3680 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:38:44.0919 3680 IDriverT - ok
19:38:45.0075 3680 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:38:45.0107 3680 idsvc - ok
19:38:45.0325 3680 [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\IPSDefs\20130126.002\IDSvix86.sys
19:38:45.0341 3680 IDSVix86 - ok
19:38:45.0543 3680 [ C134E69CE901422D1F2D7EA8D69098FE ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
19:38:45.0575 3680 igfx - ok
19:38:45.0637 3680 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:38:45.0637 3680 iirsp - ok
19:38:45.0746 3680 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
19:38:45.0762 3680 IKEEXT - ok
19:38:45.0824 3680 [ 9D64201C9E5AC8D1F088762BA00FF3AB ] int15 C:\Windows\system32\drivers\int15.sys
19:38:45.0840 3680 int15 - ok
19:38:46.0058 3680 [ 9438FE15DA89C6AACE8A79DB2C6F60C1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:38:46.0214 3680 IntcAzAudAddService - ok
19:38:46.0339 3680 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
19:38:46.0339 3680 intelide - ok
19:38:46.0479 3680 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:38:46.0479 3680 intelppm - ok
19:38:46.0573 3680 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:38:46.0573 3680 IPBusEnum - ok
19:38:46.0791 3680 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:38:46.0807 3680 IpFilterDriver - ok
19:38:46.0916 3680 [ 1998BD97F950680BB55F55A7244679C2 ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll
19:38:46.0932 3680 IpHlpSvc - ok
19:38:46.0932 3680 IpInIp - ok
19:38:46.0994 3680 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:38:46.0994 3680 IPMIDRV - ok
19:38:47.0072 3680 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:38:47.0088 3680 IPNAT - ok
19:38:47.0556 3680 [ EF1C51222117B37AFBFF8F4642EA8C62 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:38:48.0024 3680 iPod Service - ok
19:38:48.0071 3680 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
19:38:48.0071 3680 irda - ok
19:38:48.0133 3680 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:38:48.0133 3680 IRENUM - ok
19:38:48.0164 3680 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
19:38:48.0164 3680 Irmon - ok
19:38:48.0227 3680 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:38:48.0242 3680 isapnp - ok
19:38:48.0336 3680 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:38:48.0336 3680 iScsiPrt - ok
19:38:48.0429 3680 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:38:48.0429 3680 iteatapi - ok
19:38:48.0539 3680 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:38:48.0554 3680 iteraid - ok
19:38:48.0617 3680 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:38:48.0617 3680 kbdclass - ok
19:38:48.0710 3680 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:38:48.0710 3680 kbdhid - ok
19:38:48.0804 3680 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
19:38:48.0819 3680 KeyIso - ok
19:38:48.0929 3680 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:38:49.0022 3680 KSecDD - ok
19:38:49.0147 3680 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:38:49.0147 3680 KtmRm - ok
19:38:49.0256 3680 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
19:38:49.0256 3680 LanmanServer - ok
19:38:49.0350 3680 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:38:49.0365 3680 LanmanWorkstation - ok
19:38:49.0443 3680 [ B280C4608AC389DA9515A35AC4CAB0FD ] libusb0 C:\Windows\system32\drivers\libusb0.sys
19:38:49.0443 3680 libusb0 - ok
19:38:49.0521 3680 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
19:38:49.0521 3680 LightScribeService - ok
19:38:49.0646 3680 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:38:49.0662 3680 lltdio - ok
19:38:49.0724 3680 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:38:49.0724 3680 lltdsvc - ok
19:38:49.0911 3680 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:38:49.0927 3680 lmhosts - ok
19:38:49.0974 3680 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:38:49.0974 3680 LSI_FC - ok
19:38:50.0052 3680 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:38:50.0052 3680 LSI_SAS - ok
19:38:50.0114 3680 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:38:50.0114 3680 LSI_SCSI - ok
19:38:50.0208 3680 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
19:38:50.0208 3680 luafv - ok
19:38:50.0379 3680 [ EF1F4B00A8705511CA28C090D8F85A6B ] lxdvCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdvserv.exe
19:38:50.0489 3680 lxdvCATSCustConnectService - ok
19:38:50.0489 3680 lxdv_device - ok
19:38:50.0582 3680 [ A69AD7128300DFD6A8B113356FB7EE3B ] lxebCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxebserv.exe
19:38:50.0629 3680 lxebCATSCustConnectService - ok
19:38:50.0691 3680 lxeb_device - ok
19:38:50.0691 3680 MCSTRM - ok
19:38:50.0816 3680 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:38:50.0832 3680 Mcx2Svc - ok
19:38:50.0879 3680 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
19:38:50.0879 3680 megasas - ok
19:38:50.0941 3680 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
19:38:50.0941 3680 MMCSS - ok
19:38:51.0253 3680 MobilityService - ok
19:38:51.0518 3680 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
19:38:51.0518 3680 Modem - ok
19:38:51.0612 3680 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:38:51.0627 3680 monitor - ok
19:38:51.0643 3680 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:38:51.0643 3680 mouclass - ok
19:38:51.0721 3680 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:38:51.0721 3680 mouhid - ok
19:38:51.0815 3680 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:38:51.0815 3680 MountMgr - ok
19:38:51.0846 3680 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
19:38:51.0861 3680 mpio - ok
19:38:51.0924 3680 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:38:51.0939 3680 mpsdrv - ok
19:38:52.0080 3680 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
19:38:52.0095 3680 MpsSvc - ok
19:38:52.0127 3680 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:38:52.0127 3680 Mraid35x - ok
19:38:52.0173 3680 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:38:52.0173 3680 MRxDAV - ok
19:38:52.0220 3680 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:38:52.0220 3680 mrxsmb - ok
19:38:52.0314 3680 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:38:52.0314 3680 mrxsmb10 - ok
19:38:52.0392 3680 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:38:52.0392 3680 mrxsmb20 - ok
19:38:52.0423 3680 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
19:38:52.0423 3680 msahci - ok
19:38:52.0454 3680 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:38:52.0470 3680 msdsm - ok
19:38:52.0501 3680 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
19:38:52.0517 3680 MSDTC - ok
19:38:52.0579 3680 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:38:52.0579 3680 Msfs - ok
19:38:52.0657 3680 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:38:52.0657 3680 msisadrv - ok
19:38:52.0735 3680 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:38:52.0735 3680 MSiSCSI - ok
19:38:52.0751 3680 msiserver - ok
19:38:52.0907 3680 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:38:52.0907 3680 MSKSSRV - ok
19:38:53.0047 3680 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:38:53.0063 3680 MSPCLOCK - ok
19:38:53.0141 3680 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:38:53.0141 3680 MSPQM - ok
19:38:53.0250 3680 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:38:53.0250 3680 MsRPC - ok
19:38:53.0343 3680 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:38:53.0343 3680 mssmbios - ok
19:38:53.0453 3680 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:38:53.0453 3680 MSTEE - ok
19:38:53.0515 3680 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
19:38:53.0515 3680 Mup - ok
19:38:53.0655 3680 [ 4BA84C832E0741A294C4444556DFE993 ] N360 C:\Program Files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe
19:38:53.0780 3680 N360 - ok
19:38:53.0936 3680 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
19:38:53.0952 3680 napagent - ok
19:38:54.0092 3680 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:38:54.0092 3680 NativeWifiP - ok
19:38:54.0217 3680 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\VirusDefs\20130129.005\NAVENG.SYS
19:38:54.0217 3680 NAVENG - ok
19:38:55.0621 3680 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\VirusDefs\20130129.005\NAVEX15.SYS
19:38:55.0995 3680 NAVEX15 - ok
19:38:56.0089 3680 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:38:56.0105 3680 NDIS - ok
19:38:56.0183 3680 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:38:56.0183 3680 NdisTapi - ok
19:38:56.0229 3680 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:38:56.0229 3680 Ndisuio - ok
19:38:56.0276 3680 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:38:56.0292 3680 NdisWan - ok
19:38:56.0354 3680 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:38:56.0354 3680 NDProxy - ok
19:38:56.0417 3680 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:38:56.0417 3680 NetBIOS - ok
19:38:56.0463 3680 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:38:56.0479 3680 netbt - ok
19:38:56.0495 3680 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
19:38:56.0495 3680 Netlogon - ok
19:38:56.0526 3680 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
19:38:56.0541 3680 Netman - ok
19:38:56.0619 3680 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:38:56.0682 3680 NetMsmqActivator - ok
19:38:56.0697 3680 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:38:56.0697 3680 NetPipeActivator - ok
19:38:56.0807 3680 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
19:38:56.0822 3680 netprofm - ok
19:38:56.0822 3680 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:38:56.0822 3680 NetTcpActivator - ok
19:38:56.0838 3680 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:38:56.0838 3680 NetTcpPortSharing - ok
19:38:56.0947 3680 [ A15F219208843A5A210C8CB391384453 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
19:38:57.0041 3680 NETw3v32 - ok
19:38:57.0072 3680 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:38:57.0072 3680 nfrd960 - ok
19:38:57.0119 3680 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:38:57.0134 3680 NlaSvc - ok
19:38:57.0181 3680 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:38:57.0181 3680 Npfs - ok
19:38:57.0228 3680 [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys
19:38:57.0228 3680 NSCIRDA - ok
19:38:57.0446 3680 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
19:38:57.0462 3680 nsi - ok
19:38:57.0555 3680 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:38:57.0555 3680 nsiproxy - ok
19:38:57.0665 3680 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:38:57.0711 3680 Ntfs - ok
19:38:57.0789 3680 [ 7F1C1F78D709C4A54CBB46EDE7E0B48D ] NTIDrvr C:\Windows\system32\DRIVERS\NTIDrvr.sys
19:38:57.0789 3680 NTIDrvr - ok
19:38:57.0821 3680 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:38:57.0821 3680 ntrigdigi - ok
19:38:57.0852 3680 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
19:38:57.0852 3680 Null - ok
19:38:57.0883 3680 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:38:57.0883 3680 nvraid - ok
19:38:57.0930 3680 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:38:57.0930 3680 nvstor - ok
19:38:57.0945 3680 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:38:57.0961 3680 nv_agp - ok
19:38:57.0961 3680 NwlnkFlt - ok
19:38:57.0977 3680 NwlnkFwd - ok
19:38:58.0070 3680 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:38:58.0070 3680 ohci1394 - ok
19:38:58.0195 3680 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:38:58.0211 3680 ose - ok
19:38:58.0616 3680 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:38:58.0897 3680 osppsvc - ok
19:38:59.0022 3680 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:38:59.0037 3680 p2pimsvc - ok
19:38:59.0053 3680 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
19:38:59.0069 3680 p2psvc - ok
19:38:59.0100 3680 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
19:38:59.0100 3680 Parport - ok
19:38:59.0193 3680 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:38:59.0209 3680 partmgr - ok
19:38:59.0240 3680 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:38:59.0240 3680 Parvdm - ok
19:38:59.0303 3680 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
19:38:59.0303 3680 PcaSvc - ok
19:38:59.0693 3680 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
19:38:59.0802 3680 pci - ok
19:38:59.0833 3680 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
19:38:59.0849 3680 pciide - ok
19:38:59.0864 3680 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:38:59.0864 3680 pcmcia - ok
19:38:59.0958 3680 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:39:00.0020 3680 PEAUTH - ok
19:39:00.0519 3680 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
19:39:00.0613 3680 pla - ok
19:39:00.0847 3680 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:39:00.0863 3680 PlugPlay - ok
19:39:01.0003 3680 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:39:01.0019 3680 PNRPAutoReg - ok
19:39:01.0159 3680 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:39:01.0175 3680 PNRPsvc - ok
19:39:01.0424 3680 [ 858D5D8DBE432B358CA2F9D534169CA1 ] Point32 C:\Windows\system32\DRIVERS\point32k.sys
19:39:01.0424 3680 Point32 - ok
19:39:01.0596 3680 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:39:01.0596 3680 PolicyAgent - ok
19:39:01.0970 3680 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:39:01.0970 3680 PptpMiniport - ok
19:39:02.0095 3680 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
19:39:02.0142 3680 Processor - ok
19:39:02.0189 3680 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
19:39:02.0189 3680 ProfSvc - ok
19:39:02.0204 3680 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:39:02.0204 3680 ProtectedStorage - ok
19:39:02.0267 3680 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:39:02.0267 3680 PSched - ok
19:39:02.0376 3680 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
19:39:02.0376 3680 PxHelp20 - ok
19:39:02.0672 3680 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:39:02.0797 3680 ql2300 - ok
19:39:02.0844 3680 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:39:02.0859 3680 ql40xx - ok
19:39:02.0984 3680 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
19:39:02.0984 3680 QWAVE - ok
19:39:03.0078 3680 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:39:03.0093 3680 QWAVEdrv - ok
19:39:03.0171 3680 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:39:03.0171 3680 RasAcd - ok
19:39:03.0265 3680 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
19:39:03.0265 3680 RasAuto - ok
19:39:03.0733 3680 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:39:03.0749 3680 Rasl2tp - ok
19:39:04.0045 3680 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
19:39:04.0045 3680 RasMan - ok
19:39:04.0419 3680 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:39:04.0435 3680 RasPppoe - ok
19:39:05.0106 3680 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:39:05.0106 3680 RasSstp - ok
19:39:05.0730 3680 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:39:05.0745 3680 rdbss - ok
19:39:05.0792 3680 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:39:05.0792 3680 RDPCDD - ok
19:39:05.0886 3680 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:39:05.0901 3680 rdpdr - ok
19:39:05.0964 3680 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:39:05.0964 3680 RDPENCDD - ok
19:39:06.0073 3680 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:39:06.0089 3680 RDPWD - ok
19:39:06.0245 3680 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:39:06.0245 3680 RemoteAccess - ok
19:39:06.0494 3680 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:39:06.0510 3680 RemoteRegistry - ok
19:39:06.0650 3680 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:39:06.0650 3680 RFCOMM - ok
19:39:06.0744 3680 [ 2DE0A33A7E58BEDC8D70B1940E0FFE28 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
19:39:06.0759 3680 RichVideo - ok
19:39:06.0853 3680 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
19:39:06.0853 3680 RpcLocator - ok
19:39:08.0101 3680 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
19:39:08.0117 3680 RpcSs - ok
19:39:09.0380 3680 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:39:09.0380 3680 rspndr - ok
19:39:09.0489 3680 [ 283392AF1860ECDB5E0F8EBD7F3D72DF ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
19:39:09.0489 3680 RTL8169 - ok
19:39:09.0536 3680 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
19:39:09.0536 3680 SamSs - ok
19:39:09.0567 3680 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:39:09.0599 3680 sbp2port - ok
19:39:09.0630 3680 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:39:09.0630 3680 SCardSvr - ok
19:39:09.0801 3680 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
19:39:09.0817 3680 Schedule - ok
19:39:10.0020 3680 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:39:10.0020 3680 SCPolicySvc - ok
19:39:10.0160 3680 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
19:39:10.0160 3680 sdbus - ok
19:39:10.0254 3680 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:39:10.0269 3680 SDRSVC - ok
19:39:10.0301 3680 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:39:10.0301 3680 secdrv - ok
19:39:10.0410 3680 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
19:39:10.0410 3680 seclogon - ok
19:39:10.0614 3680 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
19:39:10.0614 3680 SENS - ok
19:39:10.0676 3680 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:39:10.0676 3680 Serenum - ok
19:39:10.0801 3680 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
19:39:10.0801 3680 Serial - ok
19:39:10.0957 3680 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:39:10.0957 3680 sermouse - ok
19:39:11.0160 3680 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
19:39:11.0175 3680 SessionEnv - ok
19:39:11.0222 3680 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
19:39:11.0222 3680 sffdisk - ok
19:39:11.0269 3680 [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:39:11.0284 3680 sffp_mmc - ok
19:39:11.0394 3680 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
19:39:11.0394 3680 sffp_sd - ok
19:39:11.0456 3680 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:39:11.0456 3680 sfloppy - ok
19:39:11.0550 3680 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:39:11.0550 3680 SharedAccess - ok
19:39:11.0596 3680 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:39:11.0596 3680 ShellHWDetection - ok
19:39:11.0643 3680 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:39:11.0643 3680 sisagp - ok
19:39:11.0659 3680 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:39:11.0674 3680 SiSRaid2 - ok
19:39:11.0721 3680 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:39:11.0721 3680 SiSRaid4 - ok
19:39:11.0971 3680 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:39:11.0971 3680 SkypeUpdate - ok
19:39:12.0189 3680 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
19:39:12.0376 3680 slsvc - ok
19:39:12.0454 3680 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:39:12.0454 3680 SLUINotify - ok
19:39:12.0517 3680 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:39:12.0517 3680 Smb - ok
19:39:12.0610 3680 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:39:12.0610 3680 SNMPTRAP - ok
19:39:12.0798 3680 [ 53D1E2ECBF26B313FFDD2B8BA3D2F66E ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
19:39:12.0954 3680 SNP2UVC - ok
19:39:13.0032 3680 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
19:39:13.0032 3680 spldr - ok
19:39:13.0172 3680 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
19:39:13.0188 3680 Spooler - ok
19:39:13.0827 3680 [ 26C1B59C80FEF94B025DF5C3C1B791A7 ] SRTSP C:\Windows\system32\drivers\N360\1402010.016\SRTSP.SYS
19:39:13.0983 3680 SRTSP - ok
19:39:14.0014 3680 [ 21AC3AE81E8263061624C4ED3B11509A ] SRTSPX C:\Windows\system32\drivers\N360\1402010.016\SRTSPX.SYS
19:39:14.0014 3680 SRTSPX - ok
19:39:14.0077 3680 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:39:14.0092 3680 srv - ok
19:39:14.0170 3680 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:39:14.0170 3680 srv2 - ok
19:39:14.0389 3680 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:39:14.0389 3680 srvnet - ok
19:39:14.0576 3680 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:39:14.0576 3680 SSDPSRV - ok
19:39:14.0654 3680 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:39:14.0654 3680 SstpSvc - ok
19:39:14.0732 3680 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
19:39:14.0748 3680 stisvc - ok
19:39:14.0763 3680 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:39:14.0779 3680 swenum - ok
19:39:14.0888 3680 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
19:39:14.0904 3680 swprv - ok
19:39:15.0044 3680 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:39:15.0153 3680 Symc8xx - ok
19:39:15.0262 3680 [ FB69A67FEEE3026C7F99774A1C405326 ] SymDS C:\Windows\system32\drivers\N360\1402010.016\SYMDS.SYS
19:39:15.0418 3680 SymDS - ok
19:39:16.0058 3680 [ 28C5FAFA7FD1C522B8DCD59694D39412 ] SymEFA C:\Windows\system32\drivers\N360\1402010.016\SYMEFA.SYS
19:39:16.0339 3680 SymEFA - ok
19:39:16.0432 3680 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
19:39:16.0432 3680 SymEvent - ok
19:39:16.0557 3680 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\Windows\system32\drivers\N360\1402010.016\Ironx86.SYS
19:39:16.0557 3680 SymIRON - ok
19:39:16.0807 3680 [ 93DE018EC6FBAA9A58FF9F2EB9198092 ] SYMTDIv C:\Windows\system32\drivers\N360\1402010.016\SYMTDIV.SYS
19:39:17.0010 3680 SYMTDIv - ok
19:39:17.0072 3680 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:39:17.0072 3680 Sym_hi - ok
19:39:17.0103 3680 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:39:17.0103 3680 Sym_u3 - ok
19:39:17.0134 3680 [ F7A4250BB3E3AFCD4AF100E551509352 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:39:17.0134 3680 SynTP - ok
19:39:17.0212 3680 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
19:39:17.0244 3680 SysMain - ok
19:39:17.0337 3680 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:39:17.0353 3680 TabletInputService - ok
19:39:17.0930 3680 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:39:17.0946 3680 TapiSrv - ok
19:39:18.0086 3680 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
19:39:18.0102 3680 TBS - ok
19:39:18.0289 3680 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:39:18.0320 3680 Tcpip - ok
19:39:18.0429 3680 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:39:18.0445 3680 Tcpip6 - ok
19:39:18.0944 3680 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:39:18.0944 3680 tcpipreg - ok
19:39:19.0116 3680 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:39:19.0131 3680 TDPIPE - ok
19:39:19.0256 3680 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:39:19.0256 3680 TDTCP - ok
19:39:19.0693 3680 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:39:19.0708 3680 tdx - ok
19:39:20.0301 3680 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:39:20.0301 3680 TermDD - ok
19:39:20.0364 3680 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
19:39:20.0379 3680 TermService - ok
19:39:20.0426 3680 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
19:39:20.0442 3680 Themes - ok
19:39:20.0754 3680 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
19:39:20.0754 3680 THREADORDER - ok
19:39:20.0972 3680 [ 78213F01CE781F93180BEF5EB5B3AD81 ] tifm21 C:\Windows\system32\drivers\tifm21.sys
19:39:21.0144 3680 tifm21 - ok
19:39:21.0222 3680 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
19:39:21.0222 3680 TrkWks - ok
19:39:21.0409 3680 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:39:21.0409 3680 TrustedInstaller - ok
19:39:21.0596 3680 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:39:21.0596 3680 tssecsrv - ok
19:39:21.0705 3680 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:39:21.0705 3680 tunmp - ok
19:39:21.0799 3680 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:39:21.0799 3680 tunnel - ok
19:39:21.0892 3680 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:39:21.0908 3680 uagp35 - ok
19:39:21.0970 3680 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:39:21.0986 3680 udfs - ok
19:39:22.0064 3680 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:39:22.0080 3680 UI0Detect - ok
19:39:22.0173 3680 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:39:22.0204 3680 uliagpkx - ok
19:39:22.0251 3680 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:39:22.0267 3680 uliahci - ok
19:39:22.0298 3680 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:39:22.0423 3680 UlSata - ok
19:39:22.0470 3680 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:39:22.0485 3680 ulsata2 - ok
19:39:22.0516 3680 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:39:22.0516 3680 umbus - ok
19:39:22.0626 3680 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
19:39:22.0626 3680 upnphost - ok
19:39:22.0704 3680 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
19:39:22.0704 3680 USBAAPL - ok
19:39:22.0782 3680 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:39:22.0782 3680 usbaudio - ok
19:39:22.0844 3680 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:39:22.0860 3680 usbccgp - ok
19:39:22.0891 3680 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:39:22.0891 3680 usbcir - ok
19:39:23.0156 3680 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:39:23.0156 3680 usbehci - ok
19:39:23.0234 3680 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:39:23.0250 3680 usbhub - ok
19:39:23.0312 3680 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:39:23.0328 3680 usbohci - ok
19:39:23.0406 3680 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:39:23.0406 3680 usbprint - ok
19:39:23.0484 3680 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:39:23.0484 3680 usbscan - ok
19:39:23.0515 3680 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:39:23.0515 3680 USBSTOR - ok
19:39:23.0562 3680 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:39:23.0562 3680 usbuhci - ok
19:39:23.0640 3680 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:39:23.0640 3680 usbvideo - ok
19:39:23.0686 3680 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
19:39:23.0686 3680 UxSms - ok
19:39:23.0780 3680 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
19:39:23.0796 3680 vds - ok
19:39:23.0889 3680 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:39:23.0889 3680 vga - ok
19:39:23.0936 3680 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
19:39:23.0936 3680 VgaSave - ok
19:39:23.0983 3680 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:39:23.0998 3680 viaagp - ok
19:39:24.0061 3680 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:39:24.0061 3680 ViaC7 - ok
19:39:24.0092 3680 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
19:39:24.0092 3680 viaide - ok
19:39:24.0108 3680 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:39:24.0123 3680 volmgr - ok
19:39:24.0170 3680 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:39:24.0170 3680 volmgrx - ok
19:39:24.0232 3680 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:39:24.0232 3680 volsnap - ok
19:39:24.0373 3680 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:39:24.0482 3680 vsmraid - ok
19:39:24.0560 3680 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
19:39:24.0607 3680 VSS - ok
19:39:24.0654 3680 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
19:39:24.0669 3680 W32Time - ok
19:39:24.0716 3680 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:39:24.0716 3680 WacomPen - ok
19:39:24.0778 3680 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:39:24.0794 3680 Wanarp - ok
19:39:24.0794 3680 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:39:24.0794 3680 Wanarpv6 - ok
19:39:24.0872 3680 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:39:24.0888 3680 wcncsvc - ok
19:39:24.0919 3680 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:39:24.0919 3680 WcsPlugInService - ok
19:39:24.0966 3680 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
19:39:24.0966 3680 Wd - ok
19:39:25.0028 3680 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:39:25.0044 3680 Wdf01000 - ok
19:39:25.0122 3680 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:39:25.0137 3680 WdiServiceHost - ok
19:39:25.0137 3680 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:39:25.0137 3680 WdiSystemHost - ok
19:39:25.0184 3680 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
19:39:25.0200 3680 WebClient - ok
19:39:25.0246 3680 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:39:25.0246 3680 Wecsvc - ok
19:39:25.0340 3680 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:39:25.0340 3680 wercplsupport - ok
19:39:25.0402 3680 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
19:39:25.0418 3680 WerSvc - ok
19:39:25.0512 3680 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
19:39:25.0527 3680 winachsf - ok
19:39:25.0699 3680 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:39:25.0699 3680 WinDefend - ok
19:39:25.0714 3680 WinHttpAutoProxySvc - ok
19:39:26.0011 3680 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:39:26.0026 3680 Winmgmt - ok
19:39:26.0167 3680 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
19:39:26.0245 3680 WinRM - ok
19:39:26.0307 3680 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:39:26.0338 3680 Wlansvc - ok
19:39:26.0557 3680 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:39:26.0682 3680 wlidsvc - ok
19:39:26.0775 3680 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:39:26.0775 3680 WmiAcpi - ok
19:39:26.0869 3680 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:39:26.0884 3680 wmiApSrv - ok
19:39:26.0962 3680 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:39:26.0994 3680 WMPNetworkSvc - ok
19:39:27.0103 3680 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:39:27.0103 3680 WPCSvc - ok
19:39:27.0181 3680 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:39:27.0181 3680 WPDBusEnum - ok
19:39:27.0243 3680 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:39:27.0274 3680 WpdUsb - ok
19:39:27.0384 3680 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:39:27.0415 3680 WPFFontCache_v0400 - ok
19:39:27.0462 3680 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:39:27.0462 3680 ws2ifsl - ok
19:39:27.0555 3680 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
19:39:27.0555 3680 wscsvc - ok
19:39:27.0571 3680 WSearch - ok
19:39:27.0664 3680 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:39:27.0727 3680 wuauserv - ok
19:39:27.0774 3680 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:39:27.0805 3680 WUDFRd - ok
19:39:27.0836 3680 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:39:27.0852 3680 wudfsvc - ok
19:39:27.0914 3680 [ 8098180B3F6C430A4E60333BC036F936 ] {95808DC4-FA4A-4c74-92FE-5B863F82066B} C:\Program Files\CyberLink\PowerDVD\000.fcl
19:39:27.0914 3680 {95808DC4-FA4A-4c74-92FE-5B863F82066B} - ok
19:39:27.0930 3680 ================ Scan global ===============================
19:39:27.0976 3680 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:39:28.0039 3680 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:39:28.0070 3680 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:39:28.0179 3680 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
19:39:28.0179 3680 [Global] - ok
19:39:28.0179 3680 ================ Scan MBR ==================================
19:39:28.0195 3680 [ 6FC6F9186C07BCA94E140F63BFE6E9B4 ] \Device\Harddisk0\DR0
19:39:36.0650 3680 \Device\Harddisk0\DR0 - ok
19:39:36.0650 3680 ================ Scan VBR ==================================
19:39:36.0744 3680 [ 0AD4C135DDD5C7C558F1B37433DD641F ] \Device\Harddisk0\DR0\Partition1
19:39:36.0744 3680 \Device\Harddisk0\DR0\Partition1 - ok
19:39:36.0759 3680 [ FF926C69483E203386D162924F39DCDB ] \Device\Harddisk0\DR0\Partition2
19:39:36.0775 3680 \Device\Harddisk0\DR0\Partition2 - ok
19:39:36.0775 3680 ============================================================
19:39:36.0775 3680 Scan finished
19:39:36.0775 3680 ============================================================
19:39:36.0790 5224 Detected object count: 0
19:39:36.0790 5224 Actual detected object count: 0
19:41:37.0768 4996 ============================================================
19:41:37.0768 4996 Scan started
19:41:37.0768 4996 Mode: Manual; TDLFS;
19:41:37.0768 4996 ============================================================
19:41:38.0017 4996 ================ Scan system memory ========================
19:41:38.0017 4996 System memory - ok
19:41:38.0017 4996 ================ Scan services =============================
19:41:38.0283 4996 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
19:41:38.0283 4996 ACPI - ok
19:41:38.0423 4996 [ 3C6588070959C94BCD1C9D2F05B614D5 ] AdobeActiveFileMonitor7.0 C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
19:41:38.0423 4996 AdobeActiveFileMonitor7.0 - ok
19:41:38.0532 4996 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:41:38.0532 4996 AdobeARMservice - ok
19:41:38.0626 4996 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:41:38.0626 4996 AdobeFlashPlayerUpdateSvc - ok
19:41:38.0688 4996 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:41:38.0704 4996 adp94xx - ok
19:41:38.0766 4996 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:41:38.0766 4996 adpahci - ok
19:41:38.0813 4996 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:41:38.0813 4996 adpu160m - ok
19:41:38.0875 4996 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:41:38.0875 4996 adpu320 - ok
19:41:38.0953 4996 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:41:38.0953 4996 AeLookupSvc - ok
19:41:39.0000 4996 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
19:41:39.0000 4996 AFD - ok
19:41:39.0047 4996 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
19:41:39.0047 4996 AgereModemAudio - ok
19:41:39.0141 4996 [ D31D1A92479BD8C0D050A6FFBDD410D9 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
19:41:39.0156 4996 AgereSoftModem - ok
19:41:39.0187 4996 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:41:39.0187 4996 agp440 - ok
19:41:39.0219 4996 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:41:39.0219 4996 aic78xx - ok
19:41:39.0265 4996 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
19:41:39.0265 4996 ALG - ok
19:41:39.0281 4996 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
19:41:39.0297 4996 aliide - ok
19:41:39.0312 4996 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:41:39.0312 4996 amdagp - ok
19:41:39.0328 4996 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
19:41:39.0328 4996 amdide - ok
19:41:39.0359 4996 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:41:39.0359 4996 AmdK7 - ok
19:41:39.0390 4996 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:41:39.0390 4996 AmdK8 - ok
19:41:39.0421 4996 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
19:41:39.0421 4996 Appinfo - ok
19:41:39.0531 4996 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:41:39.0531 4996 Apple Mobile Device - ok
19:41:39.0546 4996 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
19:41:39.0546 4996 arc - ok
19:41:39.0577 4996 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:41:39.0577 4996 arcsas - ok
19:41:39.0702 4996 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:41:39.0702 4996 aspnet_state - ok
19:41:39.0733 4996 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:41:39.0733 4996 AsyncMac - ok
19:41:39.0780 4996 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
19:41:39.0780 4996 atapi - ok
19:41:39.0843 4996 [ 6046A55F79DE9C581B8D5E9C1366CC81 ] athr C:\Windows\system32\DRIVERS\athr.sys
19:41:39.0843 4996 athr - ok
19:41:39.0905 4996 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:41:39.0905 4996 AudioEndpointBuilder - ok
19:41:39.0936 4996 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:41:39.0952 4996 Audiosrv - ok
19:41:39.0967 4996 [ 0B92CCF7BFCBE2B33838434F2F50CB61 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
19:41:39.0983 4996 b57nd60x - ok
19:41:40.0139 4996 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe
19:41:40.0139 4996 BBSvc - ok
19:41:40.0170 4996 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
19:41:40.0170 4996 BBUpdate - ok
19:41:40.0217 4996 [ 746F59822A5187510471FC46889B8CC9 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
19:41:40.0233 4996 BCM43XV - ok
19:41:40.0264 4996 [ 746F59822A5187510471FC46889B8CC9 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
19:41:40.0279 4996 BCM43XX - ok
19:41:40.0326 4996 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
19:41:40.0326 4996 Beep - ok
19:41:40.0389 4996 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
19:41:40.0404 4996 BFE - ok
19:41:40.0794 4996 [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\BASHDefs\20130116.013\BHDrvx86.sys
19:41:40.0810 4996 BHDrvx86 - ok
19:41:40.0888 4996 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
19:41:40.0903 4996 BITS - ok
19:41:40.0903 4996 blbdrive - ok
19:41:41.0013 4996 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:41:41.0028 4996 Bonjour Service - ok
19:41:41.0091 4996 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:41:41.0091 4996 bowser - ok
19:41:41.0122 4996 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:41:41.0122 4996 BrFiltLo - ok
19:41:41.0137 4996 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:41:41.0137 4996 BrFiltUp - ok
19:41:41.0200 4996 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
19:41:41.0200 4996 Browser - ok
19:41:41.0231 4996 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:41:41.0231 4996 Brserid - ok
19:41:41.0262 4996 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:41:41.0262 4996 BrSerWdm - ok
19:41:41.0293 4996 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:41:41.0293 4996 BrUsbMdm - ok
19:41:41.0309 4996 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:41:41.0309 4996 BrUsbSer - ok
19:41:41.0356 4996 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
19:41:41.0356 4996 BthEnum - ok
19:41:41.0387 4996 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:41:41.0387 4996 BTHMODEM - ok
19:41:41.0434 4996 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:41:41.0434 4996 BthPan - ok
19:41:41.0559 4996 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
19:41:41.0559 4996 BTHPORT - ok
19:41:41.0605 4996 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
19:41:41.0621 4996 BthServ - ok
19:41:41.0652 4996 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
19:41:41.0652 4996 BTHUSB - ok
19:41:41.0699 4996 [ 99AEEA7CEFDFC6E4151A8F620D682088 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
19:41:41.0699 4996 btwaudio - ok
19:41:41.0777 4996 [ 195872E48A7FB01F8BC9B800F70F4054 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
19:41:41.0777 4996 btwavdt - ok
19:41:41.0824 4996 [ 0724E7D6C9B6A289EDDDA33FA8176E80 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
19:41:41.0824 4996 btwrchid - ok
19:41:41.0949 4996 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_N360 C:\Windows\system32\drivers\N360\1402010.016\ccSetx86.sys
19:41:41.0949 4996 ccSet_N360 - ok
19:41:41.0995 4996 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:41:41.0995 4996 cdfs - ok
19:41:42.0042 4996 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:41:42.0042 4996 cdrom - ok
19:41:42.0089 4996 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
19:41:42.0089 4996 CertPropSvc - ok
19:41:42.0120 4996 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
19:41:42.0120 4996 circlass - ok
19:41:42.0167 4996 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
19:41:42.0167 4996 CLFS - ok
19:41:42.0245 4996 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:41:42.0245 4996 clr_optimization_v2.0.50727_32 - ok
19:41:42.0276 4996 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:41:42.0276 4996 clr_optimization_v4.0.30319_32 - ok
19:41:42.0339 4996 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:41:42.0339 4996 CmBatt - ok
19:41:42.0370 4996 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:41:42.0370 4996 cmdide - ok
19:41:42.0401 4996 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:41:42.0401 4996 Compbatt - ok
19:41:42.0417 4996 COMSysApp - ok
19:41:42.0432 4996 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:41:42.0432 4996 crcdisk - ok
19:41:42.0463 4996 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:41:42.0463 4996 Crusoe - ok
19:41:42.0510 4996 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:41:42.0510 4996 CryptSvc - ok
19:41:42.0588 4996 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:41:42.0588 4996 DcomLaunch - ok
19:41:42.0619 4996 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:41:42.0619 4996 DfsC - ok
19:41:42.0744 4996 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
19:41:42.0760 4996 DFSR - ok
19:41:42.0807 4996 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:41:42.0807 4996 Dhcp - ok
19:41:42.0853 4996 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
19:41:42.0853 4996 disk - ok
19:41:42.0885 4996 [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
19:41:42.0885 4996 DKbFltr - ok
19:41:42.0931 4996 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:41:42.0931 4996 Dnscache - ok
19:41:42.0994 4996 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:41:42.0994 4996 dot3svc - ok
19:41:43.0041 4996 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
19:41:43.0041 4996 DPS - ok
19:41:43.0087 4996 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:41:43.0087 4996 drmkaud - ok
19:41:43.0150 4996 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:41:43.0165 4996 DXGKrnl - ok
19:41:43.0197 4996 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:41:43.0197 4996 E1G60 - ok
19:41:43.0243 4996 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
19:41:43.0243 4996 EapHost - ok
19:41:43.0306 4996 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
19:41:43.0306 4996 Ecache - ok
19:41:43.0415 4996 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
19:41:43.0415 4996 eeCtrl - ok
19:41:43.0493 4996 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:41:43.0493 4996 ehRecvr - ok
19:41:43.0540 4996 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
19:41:43.0540 4996 ehSched - ok
19:41:43.0555 4996 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
19:41:43.0555 4996 ehstart - ok
19:41:43.0587 4996 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:41:43.0602 4996 elxstor - ok
19:41:43.0649 4996 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:41:43.0665 4996 EMDMgmt - ok
19:41:43.0743 4996 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:41:43.0743 4996 EraserUtilRebootDrv - ok
19:41:43.0821 4996 [ A7B084BFBBD582A843D2F5C35220F962 ] eRecoveryService C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
19:41:43.0821 4996 eRecoveryService - ok
19:41:43.0899 4996 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
19:41:43.0899 4996 EventSystem - ok
19:41:43.0945 4996 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
19:41:43.0945 4996 exfat - ok
19:41:43.0977 4996 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:41:43.0977 4996 fastfat - ok
19:41:44.0023 4996 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:41:44.0023 4996 fdc - ok
19:41:44.0055 4996 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
19:41:44.0055 4996 fdPHost - ok
19:41:44.0086 4996 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
19:41:44.0086 4996 FDResPub - ok
19:41:44.0133 4996 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:41:44.0133 4996 FileInfo - ok
19:41:44.0179 4996 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:41:44.0179 4996 Filetrace - ok
19:41:44.0273 4996 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:41:44.0273 4996 FLEXnet Licensing Service - ok
19:41:44.0289 4996 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:41:44.0289 4996 flpydisk - ok
19:41:44.0335 4996 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:41:44.0335 4996 FltMgr - ok
19:41:44.0398 4996 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
19:41:44.0413 4996 FontCache - ok
19:41:44.0491 4996 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:41:44.0491 4996 FontCache3.0.0.0 - ok
19:41:44.0601 4996 [ 81B4A2C6C9BD17FFB6031A0A61C09764 ] FreeAgentGoNext Service C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
19:41:44.0601 4996 FreeAgentGoNext Service - ok
19:41:44.0647 4996 [ 491E9D9A26A745F6AE7D570849F4BD87 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
19:41:44.0647 4996 fssfltr - ok
19:41:44.0928 4996 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
19:41:44.0928 4996 fsssvc - ok
19:41:44.0975 4996 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:41:44.0975 4996 Fs_Rec - ok
19:41:45.0022 4996 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:41:45.0022 4996 gagp30kx - ok
19:41:45.0162 4996 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files\WildTangent Games\App\GamesAppService.exe
19:41:45.0162 4996 GamesAppService - ok
19:41:45.0225 4996 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:41:45.0225 4996 GEARAspiWDM - ok
19:41:45.0303 4996 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
19:41:45.0303 4996 gpsvc - ok
19:41:45.0396 4996 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:41:45.0396 4996 gupdate - ok
19:41:45.0412 4996 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:41:45.0412 4996 gupdatem - ok
19:41:45.0490 4996 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:41:45.0505 4996 gusvc - ok
19:41:45.0521 4996 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:41:45.0537 4996 HdAudAddService - ok
19:41:45.0583 4996 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:41:45.0599 4996 HDAudBus - ok
19:41:45.0630 4996 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:41:45.0630 4996 HidBth - ok
19:41:45.0646 4996 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:41:45.0646 4996 HidIr - ok
19:41:45.0694 4996 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
19:41:45.0694 4996 hidserv - ok
19:41:45.0756 4996 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:41:45.0756 4996 HidUsb - ok
19:41:45.0803 4996 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:41:45.0818 4996 hkmsvc - ok
19:41:45.0850 4996 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:41:45.0850 4996 HpCISSs - ok
19:41:45.0896 4996 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:41:45.0896 4996 HSFHWAZL - ok
19:41:45.0959 4996 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
19:41:45.0974 4996 HSF_DPV - ok
19:41:46.0006 4996 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:41:46.0021 4996 HTTP - ok
19:41:46.0052 4996 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:41:46.0052 4996 i2omp - ok
19:41:46.0099 4996 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:41:46.0099 4996 i8042prt - ok
19:41:46.0146 4996 [ 204A73A56751C68C6031E9D5D611EC98 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
19:41:46.0162 4996 IAANTMON - ok
19:41:46.0255 4996 [ C134E69CE901422D1F2D7EA8D69098FE ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys
19:41:46.0271 4996 ialm - ok
19:41:46.0286 4996 [ 2358C53F30CB9DCD1D3843C4E2F299B2 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:41:46.0302 4996 iaStor - ok
19:41:46.0333 4996 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:41:46.0333 4996 iaStorV - ok
19:41:46.0396 4996 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:41:46.0411 4996 IDriverT - ok
19:41:46.0489 4996 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:41:46.0505 4996 idsvc - ok
19:41:46.0630 4996 [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\IPSDefs\20130126.002\IDSvix86.sys
19:41:46.0645 4996 IDSVix86 - ok
19:41:46.0724 4996 [ C134E69CE901422D1F2D7EA8D69098FE ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
19:41:46.0740 4996 igfx - ok
19:41:46.0771 4996 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:41:46.0771 4996 iirsp - ok
19:41:46.0818 4996 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
19:41:46.0833 4996 IKEEXT - ok
19:41:46.0880 4996 [ 9D64201C9E5AC8D1F088762BA00FF3AB ] int15 C:\Windows\system32\drivers\int15.sys
19:41:46.0880 4996 int15 - ok
19:41:46.0958 4996 [ 9438FE15DA89C6AACE8A79DB2C6F60C1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:41:46.0989 4996 IntcAzAudAddService - ok
19:41:47.0036 4996 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
19:41:47.0036 4996 intelide - ok
19:41:47.0083 4996 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:41:47.0083 4996 intelppm - ok
19:41:47.0130 4996 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:41:47.0130 4996 IPBusEnum - ok
19:41:47.0177 4996 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:41:47.0177 4996 IpFilterDriver - ok
19:41:47.0239 4996 [ 1998BD97F950680BB55F55A7244679C2 ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll
19:41:47.0239 4996 IpHlpSvc - ok
19:41:47.0255 4996 IpInIp - ok
19:41:47.0286 4996 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:41:47.0286 4996 IPMIDRV - ok
19:41:47.0333 4996 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:41:47.0348 4996 IPNAT - ok
19:41:47.0613 4996 [ EF1C51222117B37AFBFF8F4642EA8C62 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:41:47.0629 4996 iPod Service - ok
19:41:47.0676 4996 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
19:41:47.0676 4996 irda - ok
19:41:47.0723 4996 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:41:47.0723 4996 IRENUM - ok
19:41:47.0754 4996 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
19:41:47.0769 4996 Irmon - ok
19:41:47.0801 4996 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:41:47.0801 4996 isapnp - ok
19:41:47.0863 4996 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:41:47.0863 4996 iScsiPrt - ok
19:41:47.0894 4996 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:41:47.0894 4996 iteatapi - ok
19:41:47.0925 4996 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:41:47.0925 4996 iteraid - ok
19:41:47.0957 4996 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:41:47.0957 4996 kbdclass - ok
19:41:48.0003 4996 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:41:48.0003 4996 kbdhid - ok
19:41:48.0035 4996 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
19:41:48.0035 4996 KeyIso - ok
19:41:48.0081 4996 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:41:48.0097 4996 KSecDD - ok
19:41:48.0144 4996 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:41:48.0159 4996 KtmRm - ok
19:41:48.0191 4996 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
19:41:48.0206 4996 LanmanServer - ok
19:41:48.0253 4996 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:41:48.0269 4996 LanmanWorkstation - ok
19:41:48.0300 4996 [ B280C4608AC389DA9515A35AC4CAB0FD ] libusb0 C:\Windows\system32\drivers\libusb0.sys
19:41:48.0300 4996 libusb0 - ok
19:41:48.0331 4996 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
19:41:48.0331 4996 LightScribeService - ok
19:41:48.0378 4996 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:41:48.0378 4996 lltdio - ok
19:41:48.0425 4996 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:41:48.0425 4996 lltdsvc - ok
19:41:48.0471 4996 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:41:48.0471 4996 lmhosts - ok
19:41:48.0518 4996 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:41:48.0518 4996 LSI_FC - ok
19:41:48.0534 4996 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:41:48.0534 4996 LSI_SAS - ok
19:41:48.0565 4996 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:41:48.0565 4996 LSI_SCSI - ok
19:41:48.0612 4996 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
19:41:48.0612 4996 luafv - ok
19:41:48.0705 4996 [ EF1F4B00A8705511CA28C090D8F85A6B ] lxdvCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdvserv.exe
19:41:48.0705 4996 lxdvCATSCustConnectService - ok
19:41:48.0705 4996 lxdv_device - ok
19:41:48.0752 4996 [ A69AD7128300DFD6A8B113356FB7EE3B ] lxebCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxebserv.exe
19:41:48.0768 4996 lxebCATSCustConnectService - ok
19:41:48.0768 4996 lxeb_device - ok
19:41:48.0783 4996 MCSTRM - ok
19:41:48.0830 4996 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:41:48.0830 4996 Mcx2Svc - ok
19:41:48.0861 4996 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
19:41:48.0861 4996 megasas - ok
19:41:48.0893 4996 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
19:41:48.0893 4996 MMCSS - ok
19:41:48.0924 4996 MobilityService - ok
19:41:48.0955 4996 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
19:41:48.0955 4996 Modem - ok
19:41:48.0986 4996 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:41:48.0986 4996 monitor - ok
19:41:49.0017 4996 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:41:49.0017 4996 mouclass - ok
19:41:49.0049 4996 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:41:49.0049 4996 mouhid - ok
19:41:49.0095 4996 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:41:49.0111 4996 MountMgr - ok
19:41:49.0142 4996 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
19:41:49.0142 4996 mpio - ok
19:41:49.0158 4996 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:41:49.0158 4996 mpsdrv - ok
19:41:49.0205 4996 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
19:41:49.0220 4996 MpsSvc - ok
19:41:49.0251 4996 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:41:49.0251 4996 Mraid35x - ok
19:41:49.0283 4996 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:41:49.0298 4996 MRxDAV - ok
19:41:49.0329 4996 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:41:49.0329 4996 mrxsmb - ok
19:41:49.0392 4996 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:41:49.0392 4996 mrxsmb10 - ok
19:41:49.0407 4996 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:41:49.0407 4996 mrxsmb20 - ok
19:41:49.0439 4996 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
19:41:49.0439 4996 msahci - ok
19:41:49.0470 4996 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:41:49.0470 4996 msdsm - ok
19:41:49.0517 4996 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
19:41:49.0517 4996 MSDTC - ok
19:41:49.0563 4996 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:41:49.0563 4996 Msfs - ok
19:41:49.0610 4996 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:41:49.0610 4996 msisadrv - ok
19:41:49.0657 4996 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:41:49.0673 4996 MSiSCSI - ok
19:41:49.0673 4996 msiserver - ok
19:41:49.0719 4996 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:41:49.0719 4996 MSKSSRV - ok
19:41:49.0766 4996 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:41:49.0766 4996 MSPCLOCK - ok
19:41:49.0797 4996 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:41:49.0797 4996 MSPQM - ok
19:41:49.0860 4996 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:41:49.0860 4996 MsRPC - ok
19:41:49.0875 4996 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:41:49.0875 4996 mssmbios - ok
19:41:49.0891 4996 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:41:49.0891 4996 MSTEE - ok
19:41:49.0922 4996 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
19:41:49.0922 4996 Mup - ok
19:41:50.0031 4996 [ 4BA84C832E0741A294C4444556DFE993 ] N360 C:\Program Files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe
19:41:50.0031 4996 N360 - ok
19:41:50.0078 4996 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
19:41:50.0078 4996 napagent - ok
19:41:50.0141 4996 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:41:50.0141 4996 NativeWifiP - ok
19:41:50.0219 4996 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\VirusDefs\20130129.005\NAVENG.SYS
19:41:50.0219 4996 NAVENG - ok
19:41:50.0515 4996 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\VirusDefs\20130129.005\NAVEX15.SYS
19:41:50.0531 4996 NAVEX15 - ok
19:41:50.0609 4996 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:41:50.0624 4996 NDIS - ok
19:41:50.0655 4996 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:41:50.0655 4996 NdisTapi - ok
19:41:50.0718 4996 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:41:50.0718 4996 Ndisuio - ok
19:41:50.0765 4996 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:41:50.0765 4996 NdisWan - ok
19:41:50.0811 4996 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:41:50.0811 4996 NDProxy - ok
19:41:50.0858 4996 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:41:50.0858 4996 NetBIOS - ok
19:41:50.0905 4996 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:41:50.0905 4996 netbt - ok
19:41:50.0921 4996 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
19:41:50.0936 4996 Netlogon - ok
19:41:50.0967 4996 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
19:41:50.0983 4996 Netman - ok
19:41:51.0061 4996 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:41:51.0061 4996 NetMsmqActivator - ok
19:41:51.0077 4996 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:41:51.0077 4996 NetPipeActivator - ok
19:41:51.0155 4996 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
19:41:51.0170 4996 netprofm - ok
19:41:51.0186 4996 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:41:51.0201 4996 NetTcpActivator - ok
19:41:51.0201 4996 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:41:51.0201 4996 NetTcpPortSharing - ok
19:41:51.0295 4996 [ A15F219208843A5A210C8CB391384453 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
19:41:51.0311 4996 NETw3v32 - ok
19:41:51.0326 4996 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:41:51.0342 4996 nfrd960 - ok
19:41:51.0389 4996 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:41:51.0389 4996 NlaSvc - ok
19:41:51.0451 4996 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:41:51.0451 4996 Npfs - ok
19:41:51.0482 4996 [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys
19:41:51.0482 4996 NSCIRDA - ok
19:41:51.0529 4996 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
19:41:51.0545 4996 nsi - ok
19:41:51.0591 4996 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:41:51.0591 4996 nsiproxy - ok
19:41:51.0669 4996 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:41:51.0669 4996 Ntfs - ok
19:41:51.0685 4996 [ 7F1C1F78D709C4A54CBB46EDE7E0B48D ] NTIDrvr C:\Windows\system32\DRIVERS\NTIDrvr.sys
19:41:51.0685 4996 NTIDrvr - ok
19:41:51.0716 4996 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:41:51.0716 4996 ntrigdigi - ok
19:41:51.0763 4996 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
19:41:51.0763 4996 Null - ok
19:41:51.0779 4996 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:41:51.0794 4996 nvraid - ok
19:41:51.0810 4996 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:41:51.0810 4996 nvstor - ok
19:41:51.0841 4996 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:41:51.0841 4996 nv_agp - ok
19:41:51.0841 4996 NwlnkFlt - ok
19:41:51.0857 4996 NwlnkFwd - ok
19:41:51.0903 4996 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:41:51.0903 4996 ohci1394 - ok
19:41:51.0966 4996 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:41:51.0966 4996 ose - ok
19:41:52.0153 4996 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:41:52.0200 4996 osppsvc - ok
19:41:52.0262 4996 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:41:52.0262 4996 p2pimsvc - ok
19:41:52.0293 4996 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
19:41:52.0309 4996 p2psvc - ok
19:41:52.0340 4996 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
19:41:52.0340 4996 Parport - ok
19:41:52.0356 4996 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:41:52.0371 4996 partmgr - ok
19:41:52.0387 4996 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:41:52.0387 4996 Parvdm - ok
19:41:52.0434 4996 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
19:41:52.0434 4996 PcaSvc - ok
19:41:52.0496 4996 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
19:41:52.0496 4996 pci - ok
19:41:52.0527 4996 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
19:41:52.0527 4996 pciide - ok
19:41:52.0543 4996 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:41:52.0543 4996 pcmcia - ok
19:41:52.0605 4996 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:41:52.0605 4996 PEAUTH - ok
19:41:52.0715 4996 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
19:41:52.0730 4996 pla - ok
19:41:52.0777 4996 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:41:52.0777 4996 PlugPlay - ok
19:41:52.0824 4996 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:41:52.0824 4996 PNRPAutoReg - ok
19:41:52.0871 4996 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:41:52.0871 4996 PNRPsvc - ok
19:41:52.0902 4996 [ 858D5D8DBE432B358CA2F9D534169CA1 ] Point32 C:\Windows\system32\DRIVERS\point32k.sys
19:41:52.0902 4996 Point32 - ok
19:41:52.0949 4996 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:41:52.0964 4996 PolicyAgent - ok
19:41:53.0011 4996 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:41:53.0011 4996 PptpMiniport - ok
19:41:53.0042 4996 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
19:41:53.0042 4996 Processor - ok
19:41:53.0089 4996 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
19:41:53.0089 4996 ProfSvc - ok
19:41:53.0105 4996 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:41:53.0105 4996 ProtectedStorage - ok
19:41:53.0151 4996 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:41:53.0151 4996 PSched - ok
19:41:53.0198 4996 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
19:41:53.0198 4996 PxHelp20 - ok
19:41:53.0245 4996 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:41:53.0261 4996 ql2300 - ok
19:41:53.0307 4996 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:41:53.0307 4996 ql40xx - ok
19:41:53.0339 4996 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
19:41:53.0354 4996 QWAVE - ok
19:41:53.0401 4996 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:41:53.0401 4996 QWAVEdrv - ok
19:41:53.0448 4996 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:41:53.0448 4996 RasAcd - ok
19:41:53.0495 4996 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
19:41:53.0495 4996 RasAuto - ok
19:41:53.0541 4996 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:41:53.0541 4996 Rasl2tp - ok
19:41:53.0588 4996 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
19:41:53.0604 4996 RasMan - ok
19:41:53.0635 4996 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:41:53.0651 4996 RasPppoe - ok
19:41:53.0697 4996 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:41:53.0697 4996 RasSstp - ok
19:41:53.0760 4996 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:41:53.0760 4996 rdbss - ok
19:41:53.0807 4996 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:41:53.0807 4996 RDPCDD - ok
19:41:53.0853 4996 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:41:53.0869 4996 rdpdr - ok
19:41:53.0885 4996 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:41:53.0885 4996 RDPENCDD - ok
19:41:53.0947 4996 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:41:53.0947 4996 RDPWD - ok
19:41:53.0978 4996 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:41:53.0994 4996 RemoteAccess - ok
19:41:54.0025 4996 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:41:54.0041 4996 RemoteRegistry - ok
19:41:54.0087 4996 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:41:54.0087 4996 RFCOMM - ok
19:41:54.0150 4996 [ 2DE0A33A7E58BEDC8D70B1940E0FFE28 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
19:41:54.0150 4996 RichVideo - ok
19:41:54.0181 4996 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
19:41:54.0197 4996 RpcLocator - ok
19:41:54.0243 4996 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
19:41:54.0259 4996 RpcSs - ok
19:41:54.0321 4996 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:41:54.0321 4996 rspndr - ok
19:41:54.0353 4996 [ 283392AF1860ECDB5E0F8EBD7F3D72DF ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
19:41:54.0353 4996 RTL8169 - ok
19:41:54.0384 4996 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
19:41:54.0384 4996 SamSs - ok
19:41:54.0415 4996 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:41:54.0415 4996 sbp2port - ok
19:41:54.0462 4996 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:41:54.0462 4996 SCardSvr - ok
19:41:54.0524 4996 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
19:41:54.0540 4996 Schedule - ok
19:41:54.0587 4996 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:41:54.0587 4996 SCPolicySvc - ok
19:41:54.0649 4996 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
19:41:54.0649 4996 sdbus - ok
19:41:54.0680 4996 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:41:54.0680 4996 SDRSVC - ok
19:41:54.0711 4996 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:41:54.0711 4996 secdrv - ok
19:41:54.0758 4996 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
19:41:54.0774 4996 seclogon - ok
19:41:54.0789 4996 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
19:41:54.0789 4996 SENS - ok
19:41:54.0821 4996 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:41:54.0821 4996 Serenum - ok
19:41:54.0852 4996 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
19:41:54.0852 4996 Serial - ok
19:41:54.0883 4996 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:41:54.0883 4996 sermouse - ok
19:41:54.0945 4996 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
19:41:54.0945 4996 SessionEnv - ok
19:41:54.0977 4996 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
19:41:54.0977 4996 sffdisk - ok
19:41:54.0992 4996 [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:41:54.0992 4996 sffp_mmc - ok
19:41:55.0039 4996 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
19:41:55.0039 4996 sffp_sd - ok
19:41:55.0070 4996 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:41:55.0070 4996 sfloppy - ok
19:41:55.0117 4996 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:41:55.0133 4996 SharedAccess - ok
19:41:55.0164 4996 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:41:55.0179 4996 ShellHWDetection - ok
19:41:55.0211 4996 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:41:55.0226 4996 sisagp - ok
19:41:55.0242 4996 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:41:55.0242 4996 SiSRaid2 - ok
19:41:55.0273 4996 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:41:55.0273 4996 SiSRaid4 - ok
19:41:55.0335 4996 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:41:55.0335 4996 SkypeUpdate - ok
19:41:55.0476 4996 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
19:41:55.0523 4996 slsvc - ok
19:41:55.0554 4996 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:41:55.0569 4996 SLUINotify - ok
19:41:55.0601 4996 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:41:55.0601 4996 Smb - ok
19:41:55.0647 4996 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:41:55.0663 4996 SNMPTRAP - ok
19:41:55.0725 4996 [ 53D1E2ECBF26B313FFDD2B8BA3D2F66E ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
19:41:55.0741 4996 SNP2UVC - ok
19:41:55.0803 4996 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
19:41:55.0803 4996 spldr - ok
19:41:55.0850 4996 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
19:41:55.0850 4996 Spooler - ok
19:41:56.0022 4996 [ 26C1B59C80FEF94B025DF5C3C1B791A7 ] SRTSP C:\Windows\system32\drivers\N360\1402010.016\SRTSP.SYS
19:41:56.0022 4996 SRTSP - ok
19:41:56.0053 4996 [ 21AC3AE81E8263061624C4ED3B11509A ] SRTSPX C:\Windows\system32\drivers\N360\1402010.016\SRTSPX.SYS
19:41:56.0053 4996 SRTSPX - ok
19:41:56.0115 4996 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:41:56.0115 4996 srv - ok
19:41:56.0178 4996 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:41:56.0178 4996 srv2 - ok
19:41:56.0225 4996 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:41:56.0225 4996 srvnet - ok
19:41:56.0271 4996 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:41:56.0287 4996 SSDPSRV - ok
19:41:56.0334 4996 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:41:56.0349 4996 SstpSvc - ok
19:41:56.0396 4996 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
19:41:56.0412 4996 stisvc - ok
19:41:56.0427 4996 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:41:56.0443 4996 swenum - ok
19:41:56.0490 4996 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
19:41:56.0505 4996 swprv - ok
19:41:56.0552 4996 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:41:56.0552 4996 Symc8xx - ok
19:41:56.0661 4996 [ FB69A67FEEE3026C7F99774A1C405326 ] SymDS C:\Windows\system32\drivers\N360\1402010.016\SYMDS.SYS
19:41:56.0661 4996 SymDS - ok
19:41:56.0911 4996 [ 28C5FAFA7FD1C522B8DCD59694D39412 ] SymEFA C:\Windows\system32\drivers\N360\1402010.016\SYMEFA.SYS
19:41:56.0911 4996 SymEFA - ok
19:41:56.0989 4996 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
19:41:56.0989 4996 SymEvent - ok
19:41:57.0020 4996 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\Windows\system32\drivers\N360\1402010.016\Ironx86.SYS
19:41:57.0020 4996 SymIRON - ok
19:41:57.0114 4996 [ 93DE018EC6FBAA9A58FF9F2EB9198092 ] SYMTDIv C:\Windows\system32\drivers\N360\1402010.016\SYMTDIV.SYS
19:41:57.0129 4996 SYMTDIv - ok
19:41:57.0176 4996 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:41:57.0176 4996 Sym_hi - ok
19:41:57.0192 4996 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:41:57.0192 4996 Sym_u3 - ok
19:41:57.0223 4996 [ F7A4250BB3E3AFCD4AF100E551509352 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:41:57.0239 4996 SynTP - ok
19:41:57.0285 4996 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
19:41:57.0301 4996 SysMain - ok
19:41:57.0332 4996 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:41:57.0348 4996 TabletInputService - ok
19:41:57.0395 4996 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:41:57.0410 4996 TapiSrv - ok
19:41:57.0441 4996 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
19:41:57.0441 4996 TBS - ok
19:41:57.0504 4996 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:41:57.0519 4996 Tcpip - ok
19:41:57.0566 4996 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:41:57.0566 4996 Tcpip6 - ok
19:41:57.0644 4996 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:41:57.0644 4996 tcpipreg - ok
19:41:57.0691 4996 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:41:57.0691 4996 TDPIPE - ok
19:41:57.0738 4996 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:41:57.0738 4996 TDTCP - ok
19:41:57.0785 4996 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:41:57.0785 4996 tdx - ok
19:41:57.0831 4996 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:41:57.0831 4996 TermDD - ok
19:41:57.0863 4996 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
19:41:57.0863 4996 TermService - ok
19:41:57.0894 4996 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
19:41:57.0894 4996 Themes - ok
19:41:57.0909 4996 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
19:41:57.0925 4996 THREADORDER - ok
19:41:57.0956 4996 [ 78213F01CE781F93180BEF5EB5B3AD81 ] tifm21 C:\Windows\system32\drivers\tifm21.sys
19:41:57.0956 4996 tifm21 - ok
19:41:58.0019 4996 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
19:41:58.0019 4996 TrkWks - ok
19:41:58.0081 4996 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:41:58.0081 4996 TrustedInstaller - ok
19:41:58.0097 4996 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:41:58.0097 4996 tssecsrv - ok
19:41:58.0143 4996 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:41:58.0143 4996 tunmp - ok
19:41:58.0175 4996 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:41:58.0175 4996 tunnel - ok
19:41:58.0221 4996 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:41:58.0221 4996 uagp35 - ok
19:41:58.0268 4996 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:41:58.0268 4996 udfs - ok
19:41:58.0331 4996 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:41:58.0331 4996 UI0Detect - ok
19:41:58.0362 4996 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:41:58.0362 4996 uliagpkx - ok
19:41:58.0393 4996 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:41:58.0393 4996 uliahci - ok
19:41:58.0424 4996 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:41:58.0424 4996 UlSata - ok
19:41:58.0440 4996 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:41:58.0440 4996 ulsata2 - ok
19:41:58.0487 4996 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:41:58.0487 4996 umbus - ok
19:41:58.0549 4996 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
19:41:58.0549 4996 upnphost - ok
19:41:58.0580 4996 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
19:41:58.0580 4996 USBAAPL - ok
19:41:58.0627 4996 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:41:58.0627 4996 usbaudio - ok
19:41:58.0658 4996 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:41:58.0658 4996 usbccgp - ok
19:41:58.0674 4996 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:41:58.0689 4996 usbcir - ok
19:41:58.0721 4996 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:41:58.0721 4996 usbehci - ok
19:41:58.0767 4996 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:41:58.0767 4996 usbhub - ok
19:41:58.0814 4996 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:41:58.0814 4996 usbohci - ok
19:41:58.0845 4996 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:41:58.0845 4996 usbprint - ok
19:41:58.0877 4996 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:41:58.0877 4996 usbscan - ok
19:41:58.0908 4996 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:41:58.0908 4996 USBSTOR - ok
19:41:58.0955 4996 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:41:58.0955 4996 usbuhci - ok
19:41:59.0001 4996 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:41:59.0001 4996 usbvideo - ok
19:41:59.0033 4996 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
19:41:59.0033 4996 UxSms - ok
19:41:59.0095 4996 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
19:41:59.0111 4996 vds - ok
19:41:59.0126 4996 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:41:59.0126 4996 vga - ok
19:41:59.0173 4996 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
19:41:59.0173 4996 VgaSave - ok
19:41:59.0204 4996 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:41:59.0204 4996 viaagp - ok
19:41:59.0235 4996 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:41:59.0235 4996 ViaC7 - ok
19:41:59.0251 4996 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
19:41:59.0251 4996 viaide - ok
19:41:59.0282 4996 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:41:59.0282 4996 volmgr - ok
19:41:59.0329 4996 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:41:59.0329 4996 volmgrx - ok
19:41:59.0391 4996 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:41:59.0391 4996 volsnap - ok
19:41:59.0423 4996 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:41:59.0423 4996 vsmraid - ok
19:41:59.0485 4996 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
19:41:59.0501 4996 VSS - ok
19:41:59.0532 4996 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
19:41:59.0532 4996 W32Time - ok
19:41:59.0563 4996 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:41:59.0563 4996 WacomPen - ok
19:41:59.0594 4996 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:41:59.0594 4996 Wanarp - ok
19:41:59.0610 4996 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:41:59.0610 4996 Wanarpv6 - ok
19:41:59.0657 4996 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:41:59.0672 4996 wcncsvc - ok
19:41:59.0703 4996 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:41:59.0703 4996 WcsPlugInService - ok
19:41:59.0735 4996 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
19:41:59.0735 4996 Wd - ok
19:41:59.0797 4996 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:41:59.0797 4996 Wdf01000 - ok
19:41:59.0844 4996 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:41:59.0844 4996 WdiServiceHost - ok
19:41:59.0859 4996 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:41:59.0859 4996 WdiSystemHost - ok
19:41:59.0922 4996 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
19:41:59.0922 4996 WebClient - ok
19:41:59.0969 4996 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:41:59.0969 4996 Wecsvc - ok
19:42:00.0015 4996 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:42:00.0031 4996 wercplsupport - ok
19:42:00.0078 4996 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
19:42:00.0093 4996 WerSvc - ok
19:42:00.0125 4996 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
19:42:00.0140 4996 winachsf - ok
19:42:00.0218 4996 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:42:00.0218 4996 WinDefend - ok
19:42:00.0234 4996 WinHttpAutoProxySvc - ok
19:42:00.0312 4996 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:42:00.0327 4996 Winmgmt - ok
19:42:00.0405 4996 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
19:42:00.0421 4996 WinRM - ok
19:42:00.0483 4996 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:42:00.0499 4996 Wlansvc - ok
19:42:00.0624 4996 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:42:00.0639 4996 wlidsvc - ok
19:42:00.0702 4996 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:42:00.0702 4996 WmiAcpi - ok
19:42:00.0749 4996 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:42:00.0749 4996 wmiApSrv - ok
19:42:00.0827 4996 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:42:00.0827 4996 WMPNetworkSvc - ok
19:42:00.0873 4996 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:42:00.0889 4996 WPCSvc - ok
19:42:00.0936 4996 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:42:00.0936 4996 WPDBusEnum - ok
19:42:00.0951 4996 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:42:00.0967 4996 WpdUsb - ok
19:42:01.0029 4996 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:42:01.0045 4996 WPFFontCache_v0400 - ok
19:42:01.0061 4996 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:42:01.0061 4996 ws2ifsl - ok
19:42:01.0107 4996 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
19:42:01.0107 4996 wscsvc - ok
19:42:01.0107 4996 WSearch - ok
19:42:01.0201 4996 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:42:01.0232 4996 wuauserv - ok
19:42:01.0263 4996 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:42:01.0263 4996 WUDFRd - ok
19:42:01.0310 4996 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:42:01.0310 4996 wudfsvc - ok
19:42:01.0373 4996 [ 8098180B3F6C430A4E60333BC036F936 ] {95808DC4-FA4A-4c74-92FE-5B863F82066B} C:\Program Files\CyberLink\PowerDVD\000.fcl
19:42:01.0373 4996 {95808DC4-FA4A-4c74-92FE-5B863F82066B} - ok
19:42:01.0373 4996 ================ Scan global ===============================
19:42:01.0419 4996 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:42:01.0451 4996 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:42:01.0482 4996 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:42:01.0529 4996 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
19:42:01.0529 4996 [Global] - ok
19:42:01.0529 4996 ================ Scan MBR ==================================
19:42:01.0544 4996 [ 6FC6F9186C07BCA94E140F63BFE6E9B4 ] \Device\Harddisk0\DR0
19:42:05.0118 4996 \Device\Harddisk0\DR0 - ok
19:42:05.0118 4996 ================ Scan VBR ==================================
19:42:05.0118 4996 [ 0AD4C135DDD5C7C558F1B37433DD641F ] \Device\Harddisk0\DR0\Partition1
19:42:05.0118 4996 \Device\Harddisk0\DR0\Partition1 - ok
19:42:05.0149 4996 [ FF926C69483E203386D162924F39DCDB ] \Device\Harddisk0\DR0\Partition2
19:42:05.0164 4996 \Device\Harddisk0\DR0\Partition2 - ok
19:42:05.0164 4996 ============================================================
19:42:05.0164 4996 Scan finished
19:42:05.0164 4996 ============================================================
19:42:05.0180 4100 Detected object count: 0
19:42:05.0180 4100 Actual detected object count: 0

#6 Helpmefixthisplease

Helpmefixthisplease
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:40 PM

Posted 29 January 2013 - 09:04 PM

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-29 20:35:40
-----------------------------
20:35:40.972 OS Version: Windows 6.0.6002 Service Pack 2
20:35:40.972 Number of processors: 2 586 0xF0D
20:35:40.972 ComputerName: HANDBASKET UserName: No
20:36:49.206 Initialize success
20:37:19.579 AVAST engine defs: 13012903
20:37:47.581 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
20:37:47.581 Disk 0 Vendor: WDC_WD16 04.0 Size: 152627MB BusType: 3
20:37:47.613 Disk 0 MBR read successfully
20:37:47.613 Disk 0 MBR scan
20:37:47.613 Disk 0 unknown MBR code
20:37:47.644 Disk 0 Partition 1 00 27 Hidden NTFS WinRE MSDOS5.0 10000 MB offset 2048
20:37:47.675 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 71317 MB offset 20482048
20:37:47.691 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 71308 MB offset 166539264
20:37:47.722 Disk 0 scanning sectors +312578048
20:37:47.815 Disk 0 scanning C:\Windows\system32\drivers
20:38:02.526 Service scanning
20:38:38.547 Modules scanning
20:38:48.780 Disk 0 trace - called modules:
20:38:48.811 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys
20:38:48.827 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85c73a70]
20:38:48.827 3 CLASSPNP.SYS[8899d8b3] -> nt!IofCallDriver -> [0x848718c8]
20:38:48.843 5 acpi.sys[8809a6bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85209030]
20:38:49.420 AVAST engine scan C:\Windows
20:38:54.474 AVAST engine scan C:\Windows\system32
20:45:25.223 AVAST engine scan C:\Windows\system32\drivers
20:45:53.381 AVAST engine scan C:\Users\No
20:47:28.697 AVAST engine scan C:\ProgramData
20:53:12.381 File: C:\ProgramData\ms01ED0DDF.dat **INFECTED** Win32:Rootkit-gen [Rtk]
20:55:50.970 Scan finished successfully
20:59:22.491 Disk 0 MBR has been saved successfully to "C:\Users\No\Desktop\MBR.dat"
20:59:22.569 The log file has been saved successfully to "C:\Users\No\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-29 20:35:40
-----------------------------
20:35:40.972 OS Version: Windows 6.0.6002 Service Pack 2
20:35:40.972 Number of processors: 2 586 0xF0D
20:35:40.972 ComputerName: HANDBASKET UserName: No
20:36:49.206 Initialize success
20:37:19.579 AVAST engine defs: 13012903
20:37:47.581 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
20:37:47.581 Disk 0 Vendor: WDC_WD16 04.0 Size: 152627MB BusType: 3
20:37:47.613 Disk 0 MBR read successfully
20:37:47.613 Disk 0 MBR scan
20:37:47.613 Disk 0 unknown MBR code
20:37:47.644 Disk 0 Partition 1 00 27 Hidden NTFS WinRE MSDOS5.0 10000 MB offset 2048
20:37:47.675 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 71317 MB offset 20482048
20:37:47.691 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 71308 MB offset 166539264
20:37:47.722 Disk 0 scanning sectors +312578048
20:37:47.815 Disk 0 scanning C:\Windows\system32\drivers
20:38:02.526 Service scanning
20:38:38.547 Modules scanning
20:38:48.780 Disk 0 trace - called modules:
20:38:48.811 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys
20:38:48.827 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85c73a70]
20:38:48.827 3 CLASSPNP.SYS[8899d8b3] -> nt!IofCallDriver -> [0x848718c8]
20:38:48.843 5 acpi.sys[8809a6bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85209030]
20:38:49.420 AVAST engine scan C:\Windows
20:38:54.474 AVAST engine scan C:\Windows\system32
20:45:25.223 AVAST engine scan C:\Windows\system32\drivers
20:45:53.381 AVAST engine scan C:\Users\No
20:47:28.697 AVAST engine scan C:\ProgramData
20:53:12.381 File: C:\ProgramData\ms01ED0DDF.dat **INFECTED** Win32:Rootkit-gen [Rtk]
20:55:50.970 Scan finished successfully
20:59:22.491 Disk 0 MBR has been saved successfully to "C:\Users\No\Desktop\MBR.dat"
20:59:22.569 The log file has been saved successfully to "C:\Users\No\Desktop\aswMBR.txt"

#7 Helpmefixthisplease

Helpmefixthisplease
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:40 PM

Posted 30 January 2013 - 04:18 AM

C:\ProgramData\ms01ED0DDF.dat a variant of Win32/Kryptik.ATBL trojan cleaned by deleting - quarantined
C:\Users\Heidi\AppData\Local\yhycu_eytig.exe a variant of Win32/Injector.ABYR trojan cleaned by deleting - quarantined
C:\Users\Heidi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\40b2ca31-62447150 a variant of Win32/Injector.ABYR trojan cleaned by deleting - quarantined
C:\Users\Heidi\AppData\Roaming\Aqek\movoo.exe a variant of Win32/Injector.ABYR trojan cleaned by deleting - quarantined
C:\Users\Heidi\AppData\Roaming\Ipti\reozh.exe a variant of Win32/Injector.ABYR trojan cleaned by deleting - quarantined
C:\Users\Heidi\AppData\Roaming\Xeacfu\ivpu.exe a variant of Win32/Injector.ABYR trojan cleaned by deleting - quarantined
C:\Users\Heidi\AppData\Roaming\skype.dat a variant of Win32/Injector.ABYX trojan cleaned by deleting - quarantined

#8 Helpmefixthisplease

Helpmefixthisplease
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:40 PM

Posted 30 January 2013 - 04:21 AM

OK, All steps completed. I'll wait to hear back thanks.

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:40 PM

Posted 30 January 2013 - 06:53 AM

You should be able to boot into the iinfected user account now.Please run the scans from there.

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#10 Helpmefixthisplease

Helpmefixthisplease
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:40 PM

Posted 31 January 2013 - 07:34 AM

I ran malewarebytes late last night and deleted everything found. I thought I copied the logs but now I can't find them. I'm going to proceed to the next step.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:40 PM

Posted 31 January 2013 - 07:36 AM

Ok :thumbup2:

#12 Helpmefixthisplease

Helpmefixthisplease
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:40 PM

Posted 31 January 2013 - 07:41 AM

MiniToolBox by Farbar Version:10-01-2013
Ran by Heidi (ATTENTION: The logged in user is not administrator) on 31-01-2013 at 07:38:43
Running from "C:\Users\Heidi\Desktop"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
The requested operation requires elevation.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 802.11g Network Adapter = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Handbasket
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 802.11g Network Adapter
Physical Address. . . . . . . . . : 00-1E-4C-00-A0-F5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e066:62ec:ae15:1391%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.11(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, January 31, 2013 6:56:44 AM
Lease Expires . . . . . . . . . . : Friday, February 01, 2013 6:56:43 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 251665996
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0E-B2-B6-EE-00-1D-72-05-4C-BA
DNS Servers . . . . . . . . . . . : 204.186.80.251
216.144.187.101
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-1D-72-05-4C-BA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{2AAC2DB4-E284-40D7-91B8-6289FE7E9340}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{DC7BE551-952A-49DA-9E5C-F8ECB1B4A114}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 204.186.80.251

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 2607:f8b0:4004:802::1001
74.125.228.69
74.125.228.70
74.125.228.71
74.125.228.72
74.125.228.73
74.125.228.78
74.125.228.64
74.125.228.65
74.125.228.66
74.125.228.67
74.125.228.68



Pinging google.com [74.125.228.69] with 32 bytes of data:

Reply from 74.125.228.69: bytes=32 time=23ms TTL=58

Reply from 74.125.228.69: bytes=32 time=25ms TTL=58



Ping statistics for 74.125.228.69:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 23ms, Maximum = 25ms, Average = 24ms

Server: dns.str.ptd.net
Address: 204.186.80.251

Name: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=96ms TTL=54

Reply from 206.190.36.45: bytes=32 time=121ms TTL=54



Ping statistics for 206.190.36.45:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 96ms, Maximum = 121ms, Average = 108ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=20ms TTL=128

Reply from 127.0.0.1: bytes=32 time=5ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 5ms, Maximum = 20ms, Average = 12ms

===========================================================================
Interface List
10 ...00 1e 4c 00 a0 f5 ...... Broadcom 802.11g Network Adapter
9 ...00 1d 72 05 4c ba ...... Broadcom NetLink ™ Gigabit Ethernet
1 ........................... Software Loopback Interface 1
17 ...00 00 00 00 00 00 00 e0 isatap.{2AAC2DB4-E284-40D7-91B8-6289FE7E9340}
11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
18 ...00 00 00 00 00 00 00 e0 isatap.{DC7BE551-952A-49DA-9E5C-F8ECB1B4A114}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.11 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.11 281
192.168.1.11 255.255.255.255 On-link 192.168.1.11 281
192.168.1.255 255.255.255.255 On-link 192.168.1.11 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.11 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.11 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 281 fe80::/64 On-link
10 281 fe80::e066:62ec:ae15:1391/128
On-link
1 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/30/2013 08:09:02 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\UNINSTALL POWERDVD.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (01/30/2013 08:09:02 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\UNINSTALL POWERDVD.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (01/30/2013 08:09:02 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\READ ME.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (01/30/2013 08:09:02 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\READ ME.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (01/30/2013 08:09:02 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\ONLINE REGISTRATION.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (01/30/2013 08:09:02 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\ONLINE REGISTRATION.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (01/30/2013 08:09:02 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\POWERDVD HELP FILE.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (01/30/2013 08:09:02 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\POWERDVD HELP FILE.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (01/30/2013 08:09:01 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\CYBERLINK POWERDVD.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (01/30/2013 08:09:01 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\CYBERLINK POWERDVD.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)


System errors:
=============
Error: (01/31/2013 07:00:16 AM) (Source: Service Control Manager) (User: )
Description: iPod Service%%1053

Error: (01/31/2013 07:00:16 AM) (Source: Service Control Manager) (User: )
Description: 30000iPod Service

Error: (01/31/2013 07:00:16 AM) (Source: DCOM) (User: )
Description: 1053iPod Service{063D34A4-BF84-4B8D-B699-E8CA06504DDE}

Error: (01/31/2013 06:57:14 AM) (Source: Service Control Manager) (User: )
Description: MCSTRM%%2

Error: (01/31/2013 06:57:14 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (01/31/2013 00:06:09 AM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (01/30/2013 08:04:39 PM) (Source: Service Control Manager) (User: )
Description: MCSTRM%%2

Error: (01/30/2013 08:04:39 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (01/29/2013 08:34:38 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (01/29/2013 08:34:37 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}


Microsoft Office Sessions:
=========================
Error: (01/30/2013 08:09:02 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\UNINSTALL POWERDVD.LNK

Error: (01/30/2013 08:09:02 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\UNINSTALL POWERDVD.LNK

Error: (01/30/2013 08:09:02 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\READ ME.LNK

Error: (01/30/2013 08:09:02 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\READ ME.LNK

Error: (01/30/2013 08:09:02 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\ONLINE REGISTRATION.LNK

Error: (01/30/2013 08:09:02 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\ONLINE REGISTRATION.LNK

Error: (01/30/2013 08:09:02 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\POWERDVD HELP FILE.LNK

Error: (01/30/2013 08:09:02 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\POWERDVD HELP FILE.LNK

Error: (01/30/2013 08:09:01 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\CYBERLINK POWERDVD.LNK

Error: (01/30/2013 08:09:01 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\NO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\CYBERLINK POWERDVD.LNK


CodeIntegrity Errors:
===================================
Date: 2013-01-30 23:23:10.364
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 23:23:09.770
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 23:23:09.097
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 23:23:08.521
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 23:23:07.946
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 23:23:07.308
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 22:54:22.453
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 22:54:21.835
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 22:54:21.139
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2013-01-30 22:54:20.573
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

A Gnome's Home: The Great Crystal Crusade
ABBYY FineReader 6.0 Sprint (Version: 6.00.2201.41622)
Acer Assist
Acer Crystal Eye webcam (Version: 1.0.11)
Acer Crystal Eye webcam (Version: 5.7.28.500-1.0)
Acer GridVista (Version: 2.68.622)
Acer Mobility Center Plug-In (Version: 1.0.3003)
Acer Registration
Acer ScreenSaver (Version: 3.11.20070515)
Acrobat.com (Version: 1.6.65)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe AIR (Version: 1.5.2.8870)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Photoshop Elements 7.0 (Version: 7.0)
Adobe Photoshop Elements 7.0 (Version: 7.0.0.3)
Adobe Reader X (10.1.5) (Version: 10.1.5)
Adobe Shockwave Player 11.6 (Version: 11.6.6.636)
Agere Systems HDA Modem
Amazon MP3 Downloader 1.0.10
Ancient Secrets
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
ArcSoft MediaConverter 2
Aveyond: The Lost Orb
Big Fish Games Sudoku (remove only)
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bing Bar (Version: 7.1.391.0)
Bistro Boulevard
Bonjour (Version: 3.0.0.10)
Boutique Boulevard
Broadcom Gigabit Integrated Controller (Version: 10.15.10)
Burger Bustle: Ellie's Organics
Chicken Invaders 3: Revenge of the Yolk Easter Edition
Coupon Printer for Windows (Version: 4.0)
Creative System Information
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dig Dug
DivX Setup (Version: 2.6.1.8)
EBSCO Publishing Download Manager (Version: 1.0.0)
ESET Online Scanner v3
Farm Mania: Hot Vacation
Fate of the Pharaoh
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
File Type Assistant
Free File Viewer 2011
GameHouse
Gemsweeper
Google Chrome (Version: 24.0.1312.56)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
Grave Mania: Undead Fever
Happy Chef
Haunted Manor: Lord of Mirrors
Hidden World
Inspector Parker
InstallIQ Updater (Version: 1.4.3.0)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Internet Explorer (Enable DEP)
Island Tribe 2
Island Tribe 3
iTunes (Version: 11.0.0.163)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 23 (Version: 6.0.230)
JavaFX 2.1.1 (Version: 2.1.1)
Jo's Dream: Organic Coffee
Juliette's Fashion Empire
Junk Mail filter update (Version: 14.0.8117.416)
Katy and Bob: Way Back Home
Kingdom Chronicles
Kingdom Chronicles Collector's Edition
Kobo (Version: 2.1.7)
Launch Manager
Lexmark Pro200-S500 Series
Lexmark Toolbar (Version: 4.3.37.0)
Lexmark X5400 Series
LightScribe 1.4.142.1 (Version: 1.4.142.1)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft IntelliPoint 7.0 (Version: 7.0.260.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.05.0818)
Millennium 2: Take Me Higher
Millennium: A New Hope
Move Networks Media Player for Internet Explorer
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My Kingdom for the Princess II
MyFreeCodec
Mystery Case Files &reg;: Dire Grove
Nightmare Adventures: The Witch's Prison
Nikakudori
Northern Tale
Northern Tale (Version: 3.0.2.32)
Norton 360 (Version: 20.2.1.22)
NTI Backup NOW! 4.7 (Version: 4)
NTI CD & DVD-Maker (Version: 7)
NTI Shadow (Version: 3.7.6.31)
NVIDIA PhysX v8.10.29 (Version: 8.10.29)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OneClickdigital Media Manager (Version: 61.0.0.0)
OpenOffice.org Installer 1.0 (Version: 1.0.9221)
Pac-Man
Pathstorm
Plant Tycoon (remove only)
PowerDVD (Version: 7.32.2811h.0)
Realtek High Definition Audio Driver (Version: 6.0.1.5423)
Rescue Frenzy
Rescue Team
Rescue Team 2
Roads of Rome II
Roads of Rome III
Royal Envoy 2 Collector's Edition
Sansa Updater (Version: 1.304)
Seagate Manager Installer (Version: 2.01.0700)
Sheep's Quest
Shop-n-Spree: Shopping Paradise
Skype Click to Call (Version: 5.10.9560)
Skype 5.10 (Version: 5.10.116)
Slingo Quest (remove only)
Slingo Supreme
Spa Mania
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spirit Soup: The Queensbury Curse
SpongeBob SquarePants Krabby Quest
Spooky Mall
Spotify (Version: 0.8.5.1333.g822e0de8)
Stone Age Cafe
Super Yum Yum Puzzle Adventures
Supermarket Mania &reg; 2
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 9.0.3.0)
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 2.00.0002)
The Promised Land
TIPCI (Version: 2.00.0001)
TIPCI (Version: 2.00.0002)
Toolbar - Big Fish Games (Version: 2.1.0.13)
Trinklit Supreme
TV Farm
Unity Web Player (Version: 2.6.0f7_29850)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update Installer for WildTangent Games App
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Virtual City
Virtual Villagers: New Believers
WIDCOMM Bluetooth Software 6.0.1.5500 (Version: 6.0.1.5500)
WildTangent Games (Version: 1.0.4.0)
WildTangent Games App (Version: 4.0.10.5)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Family Safety (Version: 14.0.8118.427)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
World Mosaics 4
World Mosaics 5
World of Zellians: Kingdom Builder
World Riddles: Secrets of the Ages
World Riddles: Seven Wonders
Yahoo! Browser Services
Yahoo! BrowserPlus 2.9.8
Yahoo! uC

========================= Memory info: ===================================

Percentage of memory in use: 68%
Total physical RAM: 2037.68 MB
Available physical RAM: 635.14 MB
Total Pagefile: 4314.63 MB
Available Pagefile: 2619.95 MB
Total Virtual: 2047.88 MB
Available Virtual: 1939.88 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:69.65 GB) (Free:1.27 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:69.64 GB) (Free:69.42 GB) NTFS

========================= Users: ========================================

User accounts for \\HANDBASKET

Administrator Guest Heidi
Kevin Logan No

========================= Restore Points ==================================


**** End of log ****

#13 Helpmefixthisplease

Helpmefixthisplease
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:40 PM

Posted 31 January 2013 - 07:45 AM

Farbar Service Scanner Version: 30-01-2013
Ran by Heidi (ATTENTION: The logged in user is not administrator) on 31-01-2013 at 07:44:25
Running from "C:\Users\Heidi\Desktop"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
Checking LEGACY_SDRSVC: ATTENTION!=====> Unable to open LEGACY_SDRSVC\0000 registry key. The key does not exist.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#14 Helpmefixthisplease

Helpmefixthisplease
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:40 PM

Posted 31 January 2013 - 10:33 AM

Junkware Removal Tool (JRT) by Thisisu
Version: 4.5.7 (01.30.2013:4)
OS: Windows Vista ™ Home Premium x86
Ran by Heidi on Thu 01/31/2013 at 10:24:44.37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{c7c9fc25-88b0-4682-9c9f-2608e9117647}
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-4225912411-2044575488-2049014104-1000\software\microsoft\internet explorer\searchscopes\\DefaultScope



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\cr_installer
Successfully deleted: [Registry Key] hkey_current_user\software\mediaholdings
Successfully deleted: [Registry Key] hkey_current_user\software\playmp3
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{c7c9fc25-88b0-4682-9c9f-2608e9117647}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{c7c9fc25-88b0-4682-9c9f-2608e9117647}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\w3i"
Successfully deleted: [Folder] "C:\Users\Heidi\AppData\Roaming\bfgbartb"
Failed to delete: [Folder] "C:\Users\Heidi\appdata\local\tempdir"
Successfully deleted: [Folder] "C:\Users\Heidi\appdata\locallow\bfgbartb"
Successfully deleted: [Folder] "C:\Program Files\bfgbartb"
Successfully deleted: [Folder] "C:\Program Files\coupons"
Successfully deleted: [Folder] "C:\Program Files\w3i"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 01/31/2013 at 10:30:09.56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#15 Helpmefixthisplease

Helpmefixthisplease
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:40 PM

Posted 31 January 2013 - 10:38 AM

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/31/2013 10:35:15 AM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost

Program finished at: 01/31/2013 10:37:13 AM
Execution time: 0 hours(s), 1 minute(s), and 58 seconds(s)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users