Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Vista laptop -- Symantec reports trojans constantly


  • Please log in to reply
16 replies to this topic

#1 psychoguy2009

psychoguy2009

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 10 March 2013 - 04:02 PM

I am running Windows Vista Home Premium Service Pack 2 on a HP laptop dv6000 Pavillion with a 1.6 Ghz dual core Intel processor.  I am currently running Symantec Endpoint Protection that reports removng trojans constantly.  The laptop then slows to a crawl and freezes.



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:32 PM

Posted 10 March 2013 - 08:03 PM

Hello and welcome.  Please run these also and see how it is after.

 

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.



Please download , save it to your desktop and run it.Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
 

 

>>>

 

Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.


>>>>

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 psychoguy2009

psychoguy2009
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 11 March 2013 - 01:25 PM

Thank you for your help!  The ESET took many hours to complete.  It was 45% done after 8 hours when I left for work this morning.

 

Here is the TDSSkiller log:

 

20:36:33.0659 5492  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:36:34.0455 5492  ============================================================
20:36:34.0455 5492  Current date / time: 2013/03/10 20:36:34.0455
20:36:34.0455 5492  SystemInfo:
20:36:34.0455 5492 
20:36:34.0455 5492  OS Version: 6.0.6002 ServicePack: 2.0
20:36:34.0455 5492  Product type: Workstation
20:36:34.0455 5492  ComputerName: MIKE-PC
20:36:34.0455 5492  UserName: Mike
20:36:34.0455 5492  Windows directory: C:\Windows
20:36:34.0455 5492  System windows directory: C:\Windows
20:36:34.0455 5492  Processor architecture: Intel x86
20:36:34.0455 5492  Number of processors: 2
20:36:34.0455 5492  Page size: 0x1000
20:36:34.0455 5492  Boot type: Normal boot
20:36:34.0455 5492  ============================================================
20:36:39.0930 5492  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:36:39.0930 5492  ============================================================
20:36:39.0930 5492  \Device\Harddisk0\DR0:
20:36:39.0930 5492  MBR partitions:
20:36:39.0930 5492  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x247044E7
20:36:39.0930 5492  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x24704526, BlocksNum 0xD2919B
20:36:39.0930 5492  ============================================================
20:36:40.0055 5492  C: <-> \Device\Harddisk0\DR0\Partition1
20:36:40.0320 5492  D: <-> \Device\Harddisk0\DR0\Partition2
20:36:40.0383 5492  ============================================================
20:36:40.0383 5492  Initialize success
20:36:40.0383 5492  ============================================================
20:37:09.0867 4128  ============================================================
20:37:09.0867 4128  Scan started
20:37:09.0867 4128  Mode: Manual; TDLFS;
20:37:09.0867 4128  ============================================================
20:37:10.0553 4128  ================ Scan system memory ========================
20:37:10.0553 4128  System memory - ok
20:37:10.0553 4128  ================ Scan services =============================
20:37:10.0647 4128  [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
20:37:10.0647 4128  !SASCORE - ok
20:37:11.0598 4128  0272201240004454mcinstcleanup - ok
20:37:11.0973 4128  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
20:37:11.0988 4128  ACPI - ok
20:37:12.0066 4128  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:37:12.0066 4128  AdobeARMservice - ok
20:37:12.0144 4128  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:37:12.0160 4128  AdobeFlashPlayerUpdateSvc - ok
20:37:12.0191 4128  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:37:12.0363 4128  adp94xx - ok
20:37:12.0378 4128  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:37:12.0441 4128  adpahci - ok
20:37:12.0472 4128  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
20:37:12.0503 4128  adpu160m - ok
20:37:12.0534 4128  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:37:12.0597 4128  adpu320 - ok
20:37:12.0643 4128  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:37:12.0643 4128  AeLookupSvc - ok
20:37:12.0690 4128  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
20:37:12.0690 4128  AFD - ok
20:37:12.0737 4128  [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:37:12.0784 4128  agp440 - ok
20:37:12.0815 4128  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:37:12.0831 4128  aic78xx - ok
20:37:12.0862 4128  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
20:37:12.0909 4128  ALG - ok
20:37:12.0924 4128  [ 90395B64600EBB4552E26E178C94B2E4 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:37:12.0971 4128  aliide - ok
20:37:13.0002 4128  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:37:13.0111 4128  amdagp - ok
20:37:13.0143 4128  [ 0577DF1D323FE75A739C787893D300EA ] amdide          C:\Windows\system32\drivers\amdide.sys
20:37:13.0189 4128  amdide - ok
20:37:13.0205 4128  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
20:37:13.0221 4128  AmdK7 - ok
20:37:13.0236 4128  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:37:13.0252 4128  AmdK8 - ok
20:37:13.0283 4128  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
20:37:13.0283 4128  Appinfo - ok
20:37:13.0361 4128  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:37:13.0377 4128  Apple Mobile Device - ok
20:37:13.0408 4128  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
20:37:13.0423 4128  arc - ok
20:37:13.0455 4128  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:37:13.0486 4128  arcsas - ok
20:37:13.0533 4128  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:37:13.0533 4128  AsyncMac - ok
20:37:13.0564 4128  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:37:13.0564 4128  atapi - ok
20:37:13.0611 4128  [ 7DB8F75C18D5BF31DDFBA350D70D154D ] ATMDLC          C:\Windows\system32\DRIVERS\atmdlc.sys
20:37:13.0626 4128  ATMDLC - ok
20:37:13.0704 4128  [ 93E6F56D9FD244B76B973CEDFB427765 ] ATT MAHostService C:\Program Files\ATT\8.2.1.6\ma\bin\MAHostService.exe
20:37:13.0704 4128  ATT MAHostService - ok
20:37:13.0767 4128  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:37:13.0767 4128  AudioEndpointBuilder - ok
20:37:13.0782 4128  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:37:13.0782 4128  Audiosrv - ok
20:37:13.0829 4128  [ CF6A67C90951E3E763D2135DEDE44B85 ] BCM43XV         C:\Windows\system32\DRIVERS\bcmwl6.sys
20:37:13.0860 4128  BCM43XV - ok
20:37:13.0876 4128  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:37:13.0876 4128  Beep - ok
20:37:13.0954 4128  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
20:37:13.0969 4128  BFE - ok
20:37:14.0047 4128  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\system32\qmgr.dll
20:37:14.0063 4128  BITS - ok
20:37:14.0079 4128  blbdrive - ok
20:37:14.0110 4128  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:37:14.0110 4128  bowser - ok
20:37:14.0125 4128  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
20:37:14.0141 4128  BrFiltLo - ok
20:37:14.0157 4128  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
20:37:14.0172 4128  BrFiltUp - ok
20:37:14.0203 4128  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
20:37:14.0203 4128  Browser - ok
20:37:14.0235 4128  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
20:37:14.0281 4128  Brserid - ok
20:37:14.0297 4128  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
20:37:14.0313 4128  BrSerWdm - ok
20:37:14.0328 4128  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
20:37:14.0344 4128  BrUsbMdm - ok
20:37:14.0359 4128  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
20:37:14.0375 4128  BrUsbSer - ok
20:37:14.0391 4128  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:37:14.0406 4128  BTHMODEM - ok
20:37:14.0422 4128  catchme - ok
20:37:14.0484 4128  [ 93A45B3F2403670A6D14A0B466D97698 ] ccEvtMgr        C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
20:37:14.0484 4128  ccEvtMgr - ok
20:37:14.0500 4128  [ 93A45B3F2403670A6D14A0B466D97698 ] ccSetMgr        C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
20:37:14.0500 4128  ccSetMgr - ok
20:37:14.0547 4128  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:37:14.0547 4128  cdfs - ok
20:37:14.0578 4128  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:37:14.0578 4128  cdrom - ok
20:37:14.0640 4128  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:37:14.0640 4128  CertPropSvc - ok
20:37:14.0656 4128  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\drivers\circlass.sys
20:37:14.0687 4128  circlass - ok
20:37:14.0718 4128  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
20:37:14.0718 4128  CLFS - ok
20:37:14.0827 4128  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:37:14.0874 4128  clr_optimization_v2.0.50727_32 - ok
20:37:14.0983 4128  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:37:15.0046 4128  clr_optimization_v4.0.30319_32 - ok
20:37:15.0077 4128  [ 93A45B3F2403670A6D14A0B466D97698 ] CLTNetCnService c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
20:37:15.0077 4128  CLTNetCnService - ok
20:37:15.0108 4128  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:37:15.0124 4128  CmBatt - ok
20:37:15.0139 4128  [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:37:15.0171 4128  cmdide - ok
20:37:15.0233 4128  [ A4D44AB8423791DB757B38150EC599A4 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
20:37:15.0233 4128  CnxtHdAudService - ok
20:37:15.0280 4128  [ 6186B6B953BDC884F0F379B84B3E3A98 ] COH_Mon         C:\Windows\system32\Drivers\COH_Mon.sys
20:37:15.0280 4128  COH_Mon - ok
20:37:15.0295 4128  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:37:15.0295 4128  Compbatt - ok
20:37:15.0311 4128  COMSysApp - ok
20:37:15.0311 4128  cpuz132 - ok
20:37:15.0327 4128  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:37:15.0327 4128  crcdisk - ok
20:37:15.0358 4128  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
20:37:15.0373 4128  Crusoe - ok
20:37:15.0420 4128  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:37:15.0420 4128  CryptSvc - ok
20:37:15.0498 4128  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:37:15.0514 4128  DcomLaunch - ok
20:37:15.0545 4128  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:37:15.0545 4128  DfsC - ok
20:37:15.0623 4128  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
20:37:15.0701 4128  DFSR - ok
20:37:15.0763 4128  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
20:37:15.0763 4128  Dhcp - ok
20:37:15.0810 4128  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
20:37:15.0810 4128  disk - ok
20:37:15.0826 4128  dlbx_device - ok
20:37:15.0873 4128  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:37:15.0888 4128  Dnscache - ok
20:37:15.0919 4128  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:37:15.0951 4128  dot3svc - ok
20:37:15.0982 4128  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
20:37:15.0997 4128  DPS - ok
20:37:16.0029 4128  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:37:16.0044 4128  drmkaud - ok
20:37:16.0107 4128  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:37:16.0122 4128  DXGKrnl - ok
20:37:16.0169 4128  [ AC9CF17EE2AE003C98EB4F5336C38058 ] E100B           C:\Windows\system32\DRIVERS\e100b325.sys
20:37:16.0169 4128  E100B - ok
20:37:16.0216 4128  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
20:37:16.0263 4128  E1G60 - ok
20:37:16.0341 4128  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
20:37:16.0341 4128  EapHost - ok
20:37:16.0387 4128  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
20:37:16.0387 4128  Ecache - ok
20:37:16.0450 4128  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
20:37:16.0653 4128  eeCtrl - ok
20:37:16.0731 4128  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:37:16.0840 4128  ehRecvr - ok
20:37:16.0887 4128  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
20:37:16.0965 4128  ehSched - ok
20:37:16.0965 4128  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
20:37:16.0965 4128  ehstart - ok
20:37:17.0011 4128  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:37:17.0074 4128  elxstor - ok
20:37:17.0121 4128  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
20:37:17.0152 4128  EMDMgmt - ok
20:37:17.0199 4128  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:37:17.0245 4128  EraserUtilRebootDrv - ok
20:37:17.0323 4128  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
20:37:17.0339 4128  EventSystem - ok
20:37:17.0370 4128  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
20:37:17.0386 4128  exfat - ok
20:37:17.0417 4128  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:37:17.0433 4128  fastfat - ok
20:37:17.0448 4128  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:37:17.0464 4128  fdc - ok
20:37:17.0495 4128  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:37:17.0557 4128  fdPHost - ok
20:37:17.0604 4128  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:37:17.0604 4128  FDResPub - ok
20:37:17.0651 4128  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:37:17.0667 4128  FileInfo - ok
20:37:17.0698 4128  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:37:17.0713 4128  Filetrace - ok
20:37:17.0729 4128  finwpxsp - ok
20:37:17.0791 4128  [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:37:17.0869 4128  FLEXnet Licensing Service - ok
20:37:17.0901 4128  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:37:17.0916 4128  flpydisk - ok
20:37:17.0963 4128  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:37:18.0025 4128  FltMgr - ok
20:37:18.0103 4128  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
20:37:18.0135 4128  FontCache - ok
20:37:18.0197 4128  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:37:18.0228 4128  FontCache3.0.0.0 - ok
20:37:18.0259 4128  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:37:18.0275 4128  Fs_Rec - ok
20:37:18.0291 4128  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:37:18.0353 4128  gagp30kx - ok
20:37:18.0384 4128  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:37:18.0384 4128  GEARAspiWDM - ok
20:37:18.0478 4128  [ 007AEA2E06E7CEF7372E40C277163959 ] ggflt           C:\Windows\system32\DRIVERS\ggflt.sys
20:37:18.0509 4128  ggflt - ok
20:37:18.0556 4128  [ C73DE35960CA75C5AB4AE636B127C64E ] ggsemc          C:\Windows\system32\DRIVERS\ggsemc.sys
20:37:18.0618 4128  ggsemc - ok
20:37:18.0665 4128  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:37:18.0681 4128  gpsvc - ok
20:37:18.0805 4128  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:37:18.0805 4128  gupdate - ok
20:37:18.0821 4128  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:37:18.0821 4128  gupdatem - ok
20:37:18.0852 4128  [ 93AEE3434935FC2F805FEFD8DC5ED1B4 ] HBtnKey         C:\Windows\system32\DRIVERS\cpqbttn.sys
20:37:18.0852 4128  HBtnKey - ok
20:37:18.0883 4128  [ DE4020F928A2F8A6327F5687F36D361B ] HdAudAddService C:\Windows\system32\drivers\CHDART.sys
20:37:18.0899 4128  HdAudAddService - ok
20:37:18.0946 4128  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:37:18.0961 4128  HDAudBus - ok
20:37:18.0993 4128  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:37:19.0008 4128  HidBth - ok
20:37:19.0024 4128  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:37:19.0039 4128  HidIr - ok
20:37:19.0071 4128  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\System32\hidserv.dll
20:37:19.0071 4128  hidserv - ok
20:37:19.0086 4128  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:37:19.0086 4128  HidUsb - ok
20:37:19.0133 4128  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:37:19.0133 4128  hkmsvc - ok
20:37:19.0242 4128  [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
20:37:19.0258 4128  HP Health Check Service - ok
20:37:19.0336 4128  [ 53DCA61931847E35C950504BFB7559C6 ] HP LaserJet Service C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
20:37:19.0367 4128  HP LaserJet Service - ok
20:37:19.0398 4128  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
20:37:19.0461 4128  HpCISSs - ok
20:37:19.0492 4128  [ 299683D4C8AAA3F6F5D5D226A1782A6E ] HPFXBULK        C:\Windows\system32\drivers\hpfxbulk.sys
20:37:19.0539 4128  HPFXBULK - ok
20:37:19.0585 4128  [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
20:37:19.0585 4128  HpqKbFiltr - ok
20:37:19.0617 4128  [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
20:37:19.0695 4128  hpqwmiex - ok
20:37:19.0726 4128  [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
20:37:19.0757 4128  HSFHWAZL - ok
20:37:19.0819 4128  [ 1882827F41DEE51C70E24C567C35BFB5 ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:37:19.0835 4128  HSF_DPV - ok
20:37:19.0866 4128  [ A44DDF3BA83E4664BF4DE9220097578C ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
20:37:19.0897 4128  HSXHWAZL - ok
20:37:19.0929 4128  [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32        C:\Windows\system32\Drivers\ANDROIDUSB.sys
20:37:19.0944 4128  HTCAND32 - ok
20:37:19.0991 4128  [ 52395A94C127C0266D1C0F3CCE8A4345 ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
20:37:20.0038 4128  htcnprot - ok
20:37:20.0085 4128  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:37:20.0100 4128  HTTP - ok
20:37:20.0131 4128  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
20:37:20.0225 4128  i2omp - ok
20:37:20.0303 4128  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:37:20.0303 4128  i8042prt - ok
20:37:20.0397 4128  [ 9378D57E2B96C0A185D844770AD49948 ] ialm            C:\Windows\system32\DRIVERS\igdkmd32.sys
20:37:20.0459 4128  ialm - ok
20:37:20.0490 4128  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
20:37:20.0506 4128  iaStorV - ok
20:37:20.0568 4128  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:37:20.0584 4128  IDriverT - ok
20:37:20.0693 4128  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:37:20.0787 4128  idsvc - ok
20:37:20.0865 4128  [ 9378D57E2B96C0A185D844770AD49948 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
20:37:20.0927 4128  igfx - ok
20:37:20.0943 4128  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:37:20.0974 4128  iirsp - ok
20:37:21.0036 4128  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:37:21.0052 4128  IKEEXT - ok
20:37:21.0099 4128  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:37:21.0099 4128  intelide - ok
20:37:21.0145 4128  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:37:21.0145 4128  intelppm - ok
20:37:21.0192 4128  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:37:21.0208 4128  IPBusEnum - ok
20:37:21.0239 4128  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:37:21.0255 4128  IpFilterDriver - ok
20:37:21.0301 4128  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:37:21.0301 4128  iphlpsvc - ok
20:37:21.0317 4128  IpInIp - ok
20:37:21.0333 4128  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
20:37:21.0348 4128  IPMIDRV - ok
20:37:21.0379 4128  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
20:37:21.0395 4128  IPNAT - ok
20:37:21.0457 4128  [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:37:21.0535 4128  iPod Service - ok
20:37:21.0629 4128  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:37:21.0629 4128  IRENUM - ok
20:37:21.0645 4128  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:37:21.0691 4128  isapnp - ok
20:37:21.0738 4128  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:37:21.0738 4128  iScsiPrt - ok
20:37:21.0754 4128  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
20:37:21.0785 4128  iteatapi - ok
20:37:21.0832 4128  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
20:37:21.0863 4128  iteraid - ok
20:37:21.0910 4128  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:37:21.0910 4128  kbdclass - ok
20:37:22.0066 4128  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:37:22.0097 4128  kbdhid - ok
20:37:22.0128 4128  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
20:37:22.0144 4128  KeyIso - ok
20:37:22.0191 4128  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:37:22.0191 4128  KSecDD - ok
20:37:22.0237 4128  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:37:22.0253 4128  KtmRm - ok
20:37:22.0284 4128  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\System32\srvsvc.dll
20:37:22.0284 4128  LanmanServer - ok
20:37:22.0331 4128  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:37:22.0331 4128  LanmanWorkstation - ok
20:37:22.0456 4128  [ BD1E59FFEB8D84DC592A92497D823322 ] Lavasoft Ad-Aware Service C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
20:37:22.0643 4128  Lavasoft Ad-Aware Service - ok
20:37:22.0674 4128  [ B7C19EC8B0DD7EFA58AD41FFEB8B8CDA ] Lbd             C:\Windows\system32\DRIVERS\Lbd.sys
20:37:22.0674 4128  Lbd - ok
20:37:22.0752 4128  [ 6E5DAC168D1FF9843E84A59D51D31107 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:37:22.0768 4128  LightScribeService - ok
20:37:22.0877 4128  [ 64C6BF10972885B3260DDA2CA328430D ] LiveUpdate      C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
20:37:23.0095 4128  LiveUpdate - ok
20:37:23.0127 4128  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:37:23.0127 4128  lltdio - ok
20:37:23.0173 4128  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:37:23.0189 4128  lltdsvc - ok
20:37:23.0236 4128  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:37:23.0236 4128  lmhosts - ok
20:37:23.0283 4128  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:37:23.0314 4128  LSI_FC - ok
20:37:23.0345 4128  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:37:23.0407 4128  LSI_SAS - ok
20:37:23.0454 4128  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:37:23.0485 4128  LSI_SCSI - ok
20:37:23.0532 4128  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
20:37:23.0548 4128  luafv - ok
20:37:23.0595 4128  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
20:37:23.0641 4128  MBAMProtector - ok
20:37:23.0719 4128  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:37:23.0719 4128  MBAMScheduler - ok
20:37:23.0766 4128  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:37:23.0766 4128  MBAMService - ok
20:37:23.0860 4128  [ 2ED44415685945D691F5089CC33DD237 ] McAfee SiteAdvisor Service C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
20:37:23.0860 4128  McAfee SiteAdvisor Service - ok
20:37:23.0907 4128  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:37:23.0922 4128  Mcx2Svc - ok
20:37:23.0969 4128  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:37:23.0969 4128  mdmxsdk - ok
20:37:24.0000 4128  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
20:37:24.0047 4128  megasas - ok
20:37:24.0141 4128  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:37:24.0172 4128  Microsoft Office Groove Audit Service - ok
20:37:24.0219 4128  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
20:37:24.0234 4128  MMCSS - ok
20:37:24.0281 4128  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
20:37:24.0281 4128  Modem - ok
20:37:24.0312 4128  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:37:24.0312 4128  monitor - ok
20:37:24.0359 4128  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:37:24.0359 4128  mouclass - ok
20:37:24.0406 4128  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:37:24.0406 4128  mouhid - ok
20:37:24.0437 4128  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
20:37:24.0437 4128  MountMgr - ok
20:37:24.0499 4128  [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:37:24.0577 4128  MozillaMaintenance - ok
20:37:24.0609 4128  [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
20:37:24.0624 4128  MpFilter - ok
20:37:24.0671 4128  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:37:24.0718 4128  mpio - ok
20:37:24.0858 4128  [ A69630D039C38018689190234F866D77 ] MpKsl326ddc50   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6EC9E551-D087-418E-B962-3911F608B33F}\MpKsl326ddc50.sys
20:37:24.0858 4128  MpKsl326ddc50 - ok
20:37:24.0874 4128  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:37:24.0874 4128  mpsdrv - ok
20:37:24.0936 4128  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:37:24.0952 4128  MpsSvc - ok
20:37:24.0983 4128  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
20:37:25.0014 4128  Mraid35x - ok
20:37:25.0108 4128  [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50         C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
20:37:25.0123 4128  MREMP50 - ok
20:37:25.0123 4128  MREMPR5 - ok
20:37:25.0139 4128  MRENDIS5 - ok
20:37:25.0170 4128  [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50         C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
20:37:25.0186 4128  MRESP50 - ok
20:37:25.0217 4128  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:37:25.0233 4128  MRxDAV - ok
20:37:25.0264 4128  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:37:25.0264 4128  mrxsmb - ok
20:37:25.0311 4128  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:37:25.0311 4128  mrxsmb10 - ok
20:37:25.0326 4128  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:37:25.0326 4128  mrxsmb20 - ok
20:37:25.0389 4128  [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:37:25.0389 4128  msahci - ok
20:37:25.0404 4128  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:37:25.0435 4128  msdsm - ok
20:37:25.0467 4128  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
20:37:25.0498 4128  MSDTC - ok
20:37:25.0529 4128  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:37:25.0529 4128  Msfs - ok
20:37:25.0576 4128  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:37:25.0576 4128  msisadrv - ok
20:37:25.0638 4128  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:37:25.0654 4128  MSiSCSI - ok
20:37:25.0669 4128  msiserver - ok
20:37:25.0701 4128  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:37:25.0716 4128  MSKSSRV - ok
20:37:25.0779 4128  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:37:25.0779 4128  MsMpSvc - ok
20:37:25.0794 4128  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:37:25.0810 4128  MSPCLOCK - ok
20:37:25.0825 4128  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:37:25.0841 4128  MSPQM - ok
20:37:25.0872 4128  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:37:25.0872 4128  MsRPC - ok
20:37:25.0903 4128  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:37:25.0903 4128  mssmbios - ok
20:37:25.0919 4128  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:37:25.0935 4128  MSTEE - ok
20:37:25.0950 4128  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
20:37:25.0950 4128  Mup - ok
20:37:25.0981 4128  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
20:37:25.0997 4128  napagent - ok
20:37:26.0044 4128  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:37:26.0044 4128  NativeWifiP - ok
20:37:26.0106 4128  [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG          C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20130309.003\NAVENG.SYS
20:37:26.0153 4128  NAVENG - ok
20:37:26.0215 4128  [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15         C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20130309.003\NAVEX15.SYS
20:37:26.0293 4128  NAVEX15 - ok
20:37:26.0340 4128  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:37:26.0340 4128  NDIS - ok
20:37:26.0387 4128  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:37:26.0387 4128  NdisTapi - ok
20:37:26.0403 4128  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:37:26.0418 4128  Ndisuio - ok
20:37:26.0434 4128  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:37:26.0434 4128  NdisWan - ok
20:37:26.0481 4128  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:37:26.0481 4128  NDProxy - ok
20:37:26.0481 4128  ndtrpqus - ok
20:37:27.0651 4128  [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:37:27.0775 4128  Net Driver HPZ12 - ok
20:37:27.0838 4128  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:37:27.0838 4128  NetBIOS - ok
20:37:27.0885 4128  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
20:37:27.0885 4128  netbt - ok
20:37:27.0916 4128  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
20:37:27.0916 4128  Netlogon - ok
20:37:27.0963 4128  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
20:37:27.0978 4128  Netman - ok
20:37:28.0041 4128  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
20:37:28.0056 4128  netprofm - ok
20:37:28.0119 4128  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:37:28.0181 4128  NetTcpPortSharing - ok
20:37:28.0259 4128  [ ACC6170D80C69E50145B370023B64ED3 ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
20:37:28.0399 4128  NETw3v32 - ok
20:37:28.0462 4128  [ 38D720E0C8B0ECB9A019980265679798 ] NETw4v32        C:\Windows\system32\DRIVERS\NETw4v32.sys
20:37:28.0618 4128  NETw4v32 - ok
20:37:28.0727 4128  [ 8DE67BD902095A13329FD82C85A1FA09 ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
20:37:28.0821 4128  NETw5v32 - ok
20:37:28.0899 4128  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:37:28.0961 4128  nfrd960 - ok
20:37:29.0008 4128  [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:37:29.0008 4128  NisDrv - ok
20:37:29.0086 4128  [ E570ECA850F30EB740C2E9699DF3D2BD ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
20:37:29.0101 4128  NisSrv - ok
20:37:29.0164 4128  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:37:29.0164 4128  NlaSvc - ok
20:37:29.0211 4128  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:37:29.0226 4128  Npfs - ok
20:37:29.0273 4128  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
20:37:29.0273 4128  nsi - ok
20:37:29.0320 4128  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:37:29.0320 4128  nsiproxy - ok
20:37:29.0398 4128  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:37:29.0585 4128  Ntfs - ok
20:37:29.0616 4128  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
20:37:29.0632 4128  ntrigdigi - ok
20:37:29.0679 4128  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
20:37:29.0679 4128  Null - ok
20:37:29.0725 4128  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:37:29.0788 4128  nvraid - ok
20:37:29.0819 4128  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:37:29.0881 4128  nvstor - ok
20:37:29.0897 4128  [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:37:29.0959 4128  nv_agp - ok
20:37:29.0959 4128  NwlnkFlt - ok
20:37:29.0975 4128  NwlnkFwd - ok
20:37:30.0069 4128  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:37:30.0209 4128  odserv - ok
20:37:30.0271 4128  [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
20:37:30.0271 4128  ohci1394 - ok
20:37:30.0349 4128  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:37:30.0459 4128  ose - ok
20:37:30.0537 4128  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
20:37:30.0630 4128  p2pimsvc - ok
20:37:30.0661 4128  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:37:30.0677 4128  p2psvc - ok
20:37:30.0708 4128  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
20:37:30.0708 4128  Parport - ok
20:37:30.0771 4128  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:37:30.0771 4128  partmgr - ok
20:37:30.0771 4128  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
20:37:30.0786 4128  Parvdm - ok
20:37:30.0880 4128  [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
20:37:30.0880 4128  PassThru Service - ok
20:37:30.0927 4128  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:37:30.0927 4128  PcaSvc - ok
20:37:31.0005 4128  [ E01AFDE1E4AE2C0B194E3523DFC79C14 ] pcCMService     C:\Program Files\Common Files\Motive\pcCMService.exe
20:37:31.0005 4128  pcCMService - ok
20:37:31.0036 4128  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
20:37:31.0036 4128  pci - ok
20:37:31.0067 4128  [ 3B1901E401473E03EB8C874271E50C26 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:37:31.0129 4128  pciide - ok
20:37:31.0176 4128  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:37:31.0239 4128  pcmcia - ok
20:37:31.0301 4128  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:37:31.0317 4128  PEAUTH - ok
20:37:31.0410 4128  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
20:37:31.0457 4128  pla - ok
20:37:31.0535 4128  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:37:31.0535 4128  PlugPlay - ok
20:37:31.0597 4128  [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:37:31.0597 4128  Pml Driver HPZ12 - ok
20:37:31.0644 4128  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
20:37:31.0660 4128  PNRPAutoReg - ok
20:37:31.0753 4128  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
20:37:31.0753 4128  PNRPsvc - ok
20:37:31.0800 4128  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:37:31.0816 4128  PolicyAgent - ok
20:37:31.0878 4128  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:37:31.0878 4128  PptpMiniport - ok
20:37:31.0925 4128  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
20:37:31.0925 4128  Processor - ok
20:37:31.0987 4128  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:37:31.0987 4128  ProfSvc - ok
20:37:32.0034 4128  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
20:37:32.0034 4128  ProtectedStorage - ok
20:37:32.0081 4128  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
20:37:32.0081 4128  PSched - ok
20:37:32.0143 4128  [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
20:37:32.0143 4128  PxHelp20 - ok
20:37:32.0190 4128  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:37:32.0299 4128  ql2300 - ok
20:37:32.0315 4128  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:37:32.0362 4128  ql40xx - ok
20:37:32.0424 4128  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
20:37:32.0440 4128  QWAVE - ok
20:37:32.0487 4128  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:37:32.0549 4128  QWAVEdrv - ok
20:37:32.0596 4128  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:37:32.0596 4128  RasAcd - ok
20:37:32.0658 4128  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
20:37:32.0674 4128  RasAuto - ok
20:37:32.0721 4128  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:37:32.0736 4128  Rasl2tp - ok
20:37:32.0783 4128  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
20:37:32.0814 4128  RasMan - ok
20:37:32.0908 4128  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:37:32.0939 4128  RasPppoe - ok
20:37:33.0048 4128  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:37:33.0064 4128  RasSstp - ok
20:37:33.0079 4128  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:37:33.0079 4128  rdbss - ok
20:37:33.0126 4128  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:37:33.0126 4128  RDPCDD - ok
20:37:33.0189 4128  [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
20:37:33.0204 4128  rdpdr - ok
20:37:33.0220 4128  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:37:33.0220 4128  RDPENCDD - ok
20:37:33.0251 4128  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:37:33.0267 4128  RDPWD - ok
20:37:33.0329 4128  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:37:33.0407 4128  RemoteAccess - ok
20:37:33.0438 4128  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:37:33.0454 4128  RemoteRegistry - ok
20:37:33.0532 4128  [ D85E3FA9F5B1F29BB4ED185C450D1470 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
20:37:33.0532 4128  rimmptsk - ok
20:37:33.0579 4128  [ DB8EB01C58C9FADA00C70B1775278AE0 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
20:37:33.0579 4128  rimsptsk - ok
20:37:33.0610 4128  [ 6C1F93C0760C9F79A1869D07233DF39D ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
20:37:33.0610 4128  rismxdp - ok
20:37:33.0688 4128  [ AD1411A7EA50F2F97A73A3F51153066E ] RoxMediaDB9     C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
20:37:33.0797 4128  RoxMediaDB9 - ok
20:37:33.0828 4128  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
20:37:33.0844 4128  RpcLocator - ok
20:37:33.0891 4128  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
20:37:33.0922 4128  RpcSs - ok
20:37:33.0953 4128  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:37:33.0953 4128  rspndr - ok
20:37:33.0969 4128  [ 3EDFB0089B9455B26154B572DB650EE3 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
20:37:34.0047 4128  RTL8192su - ok
20:37:34.0125 4128  SABKUTIL - ok
20:37:34.0140 4128  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
20:37:34.0140 4128  SamSs - ok
20:37:34.0203 4128  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:37:34.0234 4128  SASDIFSV - ok
20:37:34.0281 4128  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:37:34.0343 4128  SASKUTIL - ok
20:37:34.0374 4128  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:37:34.0437 4128  sbp2port - ok
20:37:34.0483 4128  [ C1AE5D1F53285D79A0B73A62AF20734F ] SBRE            C:\Windows\system32\drivers\SBREdrv.sys
20:37:34.0530 4128  SBRE - ok
20:37:34.0624 4128  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:37:34.0702 4128  SCardSvr - ok
20:37:34.0795 4128  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
20:37:34.0827 4128  Schedule - ok
20:37:34.0873 4128  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:37:34.0873 4128  SCPolicySvc - ok
20:37:34.0920 4128  [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
20:37:34.0920 4128  sdbus - ok
20:37:34.0967 4128  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:37:34.0983 4128  SDRSVC - ok
20:37:35.0029 4128  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:37:35.0045 4128  secdrv - ok
20:37:35.0092 4128  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
20:37:35.0092 4128  seclogon - ok
20:37:35.0154 4128  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\system32\sens.dll
20:37:35.0154 4128  SENS - ok
20:37:35.0201 4128  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:37:35.0217 4128  Serenum - ok
20:37:35.0248 4128  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
20:37:35.0263 4128  Serial - ok
20:37:35.0295 4128  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:37:35.0310 4128  sermouse - ok
20:37:35.0373 4128  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:37:35.0373 4128  SessionEnv - ok
20:37:35.0419 4128  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
20:37:35.0435 4128  sffdisk - ok
20:37:35.0482 4128  [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:37:35.0482 4128  sffp_mmc - ok
20:37:35.0529 4128  [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
20:37:35.0575 4128  sffp_sd - ok
20:37:35.0591 4128  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:37:35.0607 4128  sfloppy - ok
20:37:35.0653 4128  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:37:35.0716 4128  SharedAccess - ok
20:37:35.0778 4128  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:37:35.0794 4128  ShellHWDetection - ok
20:37:35.0825 4128  [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:37:35.0887 4128  sisagp - ok
20:37:35.0919 4128  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
20:37:35.0997 4128  SiSRaid2 - ok
20:37:36.0028 4128  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:37:36.0106 4128  SiSRaid4 - ok
20:37:36.0215 4128  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
20:37:36.0262 4128  slsvc - ok
20:37:36.0309 4128  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
20:37:36.0324 4128  SLUINotify - ok
20:37:36.0355 4128  [ 46B40982AF166BF89C3F51FB13E60D6D ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
20:37:36.0355 4128  SmartDefragDriver - ok
20:37:36.0402 4128  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:37:36.0402 4128  Smb - ok
20:37:36.0496 4128  [ 4F5DEEFB11BDF0B905BCCE60674FC2B4 ] SmcService      C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
20:37:36.0527 4128  SmcService - ok
20:37:36.0683 4128  [ 88B46AAB883225B879BB17106D342181 ] SNAC            C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
20:37:36.0855 4128  SNAC - ok
20:37:36.0901 4128  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:37:36.0917 4128  SNMPTRAP - ok
20:37:37.0026 4128  [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
20:37:37.0120 4128  Sony PC Companion - ok
20:37:37.0198 4128  [ 77780509A16A1DF7F2D8531D21DDB9B9 ] SPBBCDrv        C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
20:37:37.0260 4128  SPBBCDrv - ok
20:37:37.0291 4128  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
20:37:37.0291 4128  spldr - ok
20:37:37.0354 4128  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
20:37:37.0354 4128  Spooler - ok
20:37:37.0401 4128  [ 5E4985A84F13ABF5727BED3C50BD7031 ] SRTSP           C:\Windows\system32\Drivers\SRTSP.SYS
20:37:37.0401 4128  SRTSP - ok
20:37:37.0447 4128  [ 8117DCA2CDF9D11C441C473DC9631655 ] SRTSPL          C:\Windows\system32\Drivers\SRTSPL.SYS
20:37:37.0510 4128  SRTSPL - ok
20:37:37.0541 4128  [ 5E89104AF0DC94B659EA8EC3E66C3EEB ] SRTSPX          C:\Windows\system32\Drivers\SRTSPX.SYS
20:37:37.0541 4128  SRTSPX - ok
20:37:37.0603 4128  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:37:37.0603 4128  srv - ok
20:37:37.0666 4128  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:37:37.0666 4128  srv2 - ok
20:37:37.0697 4128  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:37:37.0713 4128  srvnet - ok
20:37:37.0728 4128  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:37:37.0744 4128  SSDPSRV - ok
20:37:37.0806 4128  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:37:37.0806 4128  SstpSvc - ok
20:37:37.0884 4128  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
20:37:37.0915 4128  stisvc - ok
20:37:37.0962 4128  [ B254B1434208F280EDF3785613DCC41B ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
20:37:37.0978 4128  stllssvr - ok
20:37:38.0009 4128  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:37:38.0009 4128  swenum - ok
20:37:38.0274 4128  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
20:37:38.0383 4128  swprv - ok
20:37:38.0477 4128  [ 2BD0FF900B443CF8EB30844F47A2B4A4 ] Symantec AntiVirus C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
20:37:38.0493 4128  Symantec AntiVirus - ok
20:37:38.0524 4128  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
20:37:38.0539 4128  Symc8xx - ok
20:37:38.0586 4128  [ E03EE3EF1037099554D17BED99545A5E ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
20:37:38.0649 4128  SymEvent - ok
20:37:38.0680 4128  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
20:37:38.0758 4128  Sym_hi - ok
20:37:38.0805 4128  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
20:37:38.0851 4128  Sym_u3 - ok
20:37:38.0898 4128  [ F5D926807BD9BC0AF68F9376144DE425 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:37:38.0898 4128  SynTP - ok
20:37:38.0961 4128  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
20:37:38.0976 4128  SysMain - ok
20:37:39.0007 4128  [ F993E24EBBEF8E9626FBEA12A6B739F2 ] SysPlant        C:\Windows\SYSTEM32\Drivers\SysPlant.sys
20:37:39.0007 4128  SysPlant - ok
20:37:39.0054 4128  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:37:39.0070 4128  TabletInputService - ok
20:37:39.0132 4128  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:37:39.0148 4128  TapiSrv - ok
20:37:39.0210 4128  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
20:37:39.0226 4128  TBS - ok
20:37:39.0288 4128  [ 3535CD93F944C00F098E73E12EE7FEB6 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:37:39.0319 4128  Tcpip - ok
20:37:39.0366 4128  [ 3535CD93F944C00F098E73E12EE7FEB6 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
20:37:39.0366 4128  Tcpip6 - ok
20:37:39.0397 4128  [ CD21572F83F7EC6E2C20C465967BEDD9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:37:39.0397 4128  tcpipreg - ok
20:37:39.0413 4128  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:37:39.0429 4128  TDPIPE - ok
20:37:39.0475 4128  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:37:39.0663 4128  TDTCP - ok
20:37:39.0709 4128  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:37:39.0709 4128  tdx - ok
20:37:39.0787 4128  [ 213723E1A736910C644B457DE6D095E2 ] TeamViewer5     C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
20:37:39.0865 4128  TeamViewer5 - ok
20:37:39.0881 4128  [ 9101FFFCFCCD1A30E870A5B8A9091B10 ] teamviewervpn   C:\Windows\system32\DRIVERS\teamviewervpn.sys
20:37:39.0897 4128  teamviewervpn - ok
20:37:39.0943 4128  [ 62F7D6E6F7F4EE9E300ED9A945534486 ] Teefer2         C:\Windows\system32\DRIVERS\teefer2.sys
20:37:39.0943 4128  Teefer2 - ok
20:37:39.0990 4128  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:37:39.0990 4128  TermDD - ok
20:37:40.0037 4128  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
20:37:40.0068 4128  TermService - ok
20:37:40.0084 4128  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
20:37:40.0084 4128  Themes - ok
20:37:40.0099 4128  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
20:37:40.0115 4128  THREADORDER - ok
20:37:40.0162 4128  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
20:37:40.0162 4128  TrkWks - ok
20:37:40.0255 4128  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:37:40.0255 4128  TrustedInstaller - ok
20:37:40.0302 4128  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:37:40.0318 4128  tssecsrv - ok
20:37:40.0380 4128  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
20:37:40.0380 4128  tunmp - ok
20:37:40.0443 4128  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:37:40.0443 4128  tunnel - ok
20:37:40.0489 4128  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:37:40.0599 4128  uagp35 - ok
20:37:40.0645 4128  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:37:40.0692 4128  udfs - ok
20:37:40.0739 4128  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:37:40.0770 4128  UI0Detect - ok
20:37:40.0801 4128  [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:37:40.0864 4128  uliagpkx - ok
20:37:40.0895 4128  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci         C:\Windows\system32\drivers\uliahci.sys
20:37:40.0989 4128  uliahci - ok
20:37:41.0004 4128  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
20:37:41.0082 4128  UlSata - ok
20:37:41.0113 4128  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
20:37:41.0191 4128  ulsata2 - ok
20:37:41.0223 4128  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:37:41.0238 4128  umbus - ok
20:37:41.0285 4128  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
20:37:41.0301 4128  upnphost - ok
20:37:41.0363 4128  [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
20:37:41.0379 4128  USBAAPL - ok
20:37:41.0441 4128  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:37:41.0457 4128  usbccgp - ok
20:37:41.0488 4128  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:37:41.0503 4128  usbcir - ok
20:37:41.0550 4128  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:37:41.0550 4128  usbehci - ok
20:37:41.0566 4128  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:37:41.0581 4128  usbhub - ok
20:37:41.0644 4128  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:37:41.0659 4128  usbohci - ok
20:37:41.0706 4128  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:37:41.0722 4128  usbprint - ok
20:37:41.0753 4128  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:37:41.0769 4128  usbscan - ok
20:37:41.0800 4128  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:37:41.0831 4128  USBSTOR - ok
20:37:41.0878 4128  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:37:41.0878 4128  usbuhci - ok
20:37:41.0925 4128  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
20:37:41.0925 4128  UxSms - ok
20:37:42.0003 4128  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
20:37:42.0081 4128  vds - ok
20:37:42.0112 4128  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:37:42.0127 4128  vga - ok
20:37:42.0159 4128  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:37:42.0159 4128  VgaSave - ok
20:37:42.0205 4128  [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:37:42.0283 4128  viaagp - ok
20:37:42.0315 4128  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
20:37:42.0315 4128  ViaC7 - ok
20:37:42.0361 4128  [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide          C:\Windows\system32\drivers\viaide.sys
20:37:42.0408 4128  viaide - ok
20:37:42.0439 4128  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:37:42.0439 4128  volmgr - ok
20:37:42.0486 4128  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:37:42.0486 4128  volmgrx - ok
20:37:42.0549 4128  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:37:42.0549 4128  volsnap - ok
20:37:42.0580 4128  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:37:42.0627 4128  vsmraid - ok
20:37:42.0673 4128  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
20:37:42.0720 4128  VSS - ok
20:37:42.0736 4128  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
20:37:42.0751 4128  W32Time - ok
20:37:42.0798 4128  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:37:42.0814 4128  WacomPen - ok
20:37:42.0861 4128  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:37:42.0861 4128  Wanarp - ok
20:37:42.0861 4128  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:37:42.0876 4128  Wanarpv6 - ok
20:37:42.0907 4128  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:37:43.0048 4128  wcncsvc - ok
20:37:43.0079 4128  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:37:43.0095 4128  WcsPlugInService - ok
20:37:43.0141 4128  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
20:37:43.0188 4128  Wd - ok
20:37:43.0235 4128  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:37:43.0266 4128  Wdf01000 - ok
20:37:43.0297 4128  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:37:43.0297 4128  WdiServiceHost - ok
20:37:43.0329 4128  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:37:43.0329 4128  WdiSystemHost - ok
20:37:43.0375 4128  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
20:37:43.0391 4128  WebClient - ok
20:37:43.0563 4128  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:37:43.0719 4128  Wecsvc - ok
20:37:43.0828 4128  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:37:43.0843 4128  wercplsupport - ok
20:37:43.0906 4128  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:37:43.0906 4128  WerSvc - ok
20:37:43.0968 4128  [ E096FFB754F1E45AE1BDDAC1275AE2C5 ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:37:43.0984 4128  winachsf - ok
20:37:44.0062 4128  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
20:37:44.0187 4128  WinDefend - ok
20:37:44.0187 4128  WinHttpAutoProxySvc - ok
20:37:44.0296 4128  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:37:44.0296 4128  Winmgmt - ok
20:37:44.0389 4128  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:37:44.0499 4128  WinRM - ok
20:37:44.0545 4128  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:37:44.0577 4128  Wlansvc - ok
20:37:44.0608 4128  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
20:37:44.0623 4128  WmiAcpi - ok
20:37:44.0686 4128  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:37:44.0733 4128  wmiApSrv - ok
20:37:44.0811 4128  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:37:44.0904 4128  WMPNetworkSvc - ok
20:37:44.0920 4128  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:37:44.0935 4128  WPCSvc - ok
20:37:44.0982 4128  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:37:44.0998 4128  WPDBusEnum - ok
20:37:45.0029 4128  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
20:37:45.0123 4128  WpdUsb - ok
20:37:45.0232 4128  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:37:45.0372 4128  WPFFontCache_v0400 - ok
20:37:45.0403 4128  [ E5788AEEB08055E006D5074ADFA5E1E8 ] WPS             C:\Windows\system32\drivers\wpsdrvnt.sys
20:37:45.0403 4128  WPS - ok
20:37:45.0450 4128  [ C306D2037EC147C7C663994F12B87F1E ] WpsHelper       C:\Windows\system32\drivers\WpsHelper.sys
20:37:45.0450 4128  WpsHelper - ok
20:37:45.0513 4128  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:37:45.0513 4128  ws2ifsl - ok
20:37:45.0559 4128  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\system32\wscsvc.dll
20:37:45.0575 4128  wscsvc - ok
20:37:45.0637 4128  [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
20:37:45.0700 4128  WSDPrintDevice - ok
20:37:45.0700 4128  WSearch - ok
20:37:45.0793 4128  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
20:37:45.0840 4128  wuauserv - ok
20:37:45.0903 4128  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:37:45.0918 4128  WudfPf - ok
20:37:45.0934 4128  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:37:45.0965 4128  WUDFRd - ok
20:37:46.0012 4128  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:37:46.0012 4128  wudfsvc - ok
20:37:46.0059 4128  [ 19E7C173B6242AD7521E537AE54768BF ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
20:37:46.0059 4128  XAudio - ok
20:37:46.0137 4128  [ CDA0BC78672B50C43649FF34E1FD0FF8 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
20:37:46.0137 4128  XAudioService - ok
20:37:46.0183 4128  ================ Scan global ===============================
20:37:46.0339 4128  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
20:37:46.0402 4128  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:37:46.0449 4128  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:37:46.0495 4128  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
20:37:46.0495 4128  [Global] - ok
20:37:46.0495 4128  ================ Scan MBR ==================================
20:37:46.0511 4128  [ 1A1A06F62E891045814007163C1C76C3 ] \Device\Harddisk0\DR0
20:37:48.0258 4128  \Device\Harddisk0\DR0 - ok
20:37:48.0258 4128  ================ Scan VBR ==================================
20:37:48.0336 4128  [ DD9C0D39DBB8DB234336940154D7B022 ] \Device\Harddisk0\DR0\Partition1
20:37:48.0336 4128  \Device\Harddisk0\DR0\Partition1 - ok
20:37:48.0383 4128  [ 4515DF801EF1097CB88A0575C7C83050 ] \Device\Harddisk0\DR0\Partition2
20:37:48.0399 4128  \Device\Harddisk0\DR0\Partition2 - ok
20:37:48.0399 4128  ============================================================
20:37:48.0399 4128  Scan finished
20:37:48.0399 4128  ============================================================
20:37:48.0414 4176  Detected object count: 0
20:37:48.0414 4176  Actual detected object count: 0

 

Mini Toolbox:

 

MiniToolBox by Farbar  Version:05-03-2013
Ran by Mike (administrator) on 10-03-2013 at 20:48:56
Running from "C:\Users\Mike\Desktop"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 15218 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection 2 (Connected)
Intel® PRO/100 VE Network Connection = Local Area Connection (Media disconnected)
TeamViewer VPN Adapter = TeamViewer VPN (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Mike-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TeamViewer VPN Adapter
   Physical Address. . . . . . . . . : 00-FF-45-91-03-EC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection #2
   Physical Address. . . . . . . . . : 00-18-DE-C5-8F-07
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::acc5:dfde:7d67:1a69%19(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, March 10, 2013 3:09:05 PM
   Lease Expires . . . . . . . . . . : Monday, March 11, 2013 3:09:05 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 419436766
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-87-61-65-00-16-36-C7-17-14
   DNS Servers . . . . . . . . . . . : 68.105.28.12
                                       68.105.29.12
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection
   Physical Address. . . . . . . . . : 00-16-36-C7-17-14
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.no.cox.net
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 21:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{B98CE047-B5BE-4482-958A-EAAD4FF4310A}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns2.cox.net
Address:  68.105.28.12

Name:    google.com
Addresses:  2001:4860:4002:802::1000
   74.125.227.78
   74.125.227.64
   74.125.227.65
   74.125.227.66
   74.125.227.67
   74.125.227.68
   74.125.227.69
   74.125.227.70
   74.125.227.71
   74.125.227.72
   74.125.227.73

 

Pinging google.com [74.125.225.224] with 32 bytes of data:

Reply from 74.125.225.224: bytes=32 time=108ms TTL=55

Reply from 74.125.225.224: bytes=32 time=46ms TTL=55

 

Ping statistics for 74.125.225.224:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 46ms, Maximum = 108ms, Average = 77ms

Server:  cdns2.cox.net
Address:  68.105.28.12

Name:    yahoo.com
Addresses:  98.139.183.24
   206.190.36.45
   98.138.253.109

 

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=237ms TTL=51

Reply from 206.190.36.45: bytes=32 time=114ms TTL=51

 

Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 114ms, Maximum = 237ms, Average = 175ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=32ms TTL=128

Reply from 127.0.0.1: bytes=32 time=6ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 6ms, Maximum = 32ms, Average = 19ms

===========================================================================
Interface List
 28 ...00 ff 45 91 03 ec ...... TeamViewer VPN Adapter
 19 ...00 18 de c5 8f 07 ...... Intel® PRO/Wireless 3945ABG Network Connection #2
  8 ...00 16 36 c7 17 14 ...... Intel® PRO/100 VE Network Connection
  1 ........................... Software Loopback Interface 1
 10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 27 ...00 00 00 00 00 00 00 e0  isatap.no.cox.net
 26 ...00 00 00 00 00 00 00 e0  isatap.{B98CE047-B5BE-4482-958A-EAAD4FF4310A}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.102     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.102    281
    192.168.1.102  255.255.255.255         On-link     192.168.1.102    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.102    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.102    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.102    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 19    281 fe80::/64                On-link
 19    281 fe80::acc5:dfde:7d67:1a69/128
                                    On-link
  1    306 ff00::/8                 On-link
 19    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/10/2013 03:56:34 PM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (03/10/2013 03:56:28 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (03/10/2013 03:13:47 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Maljava!gen23 in File: C:\Users\Mike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\60b7087-40435caf by: Auto-Protect scan.  Action: Clean failed : Quarantine failed : Access denied.  Action Description: The file was left unchanged.

Error: (03/10/2013 03:13:46 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Maljava!gen23 in File: C:\Users\Mike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\60b7087-40435caf by: Auto-Protect scan.  Action: Clean failed : Quarantine failed : Access denied.  Action Description: The file was left unchanged.

Error: (03/10/2013 03:13:41 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Maljava!gen23 in File: C:\Users\Mike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\60b7087-40435caf by: Auto-Protect scan.  Action: Clean failed : Quarantine failed : Access denied.  Action Description: The file was left unchanged.

Error: (03/10/2013 02:20:43 PM) (Source: Symantec AntiVirus) (User: Mike-PC)
Description: SYMANTEC TAMPER PROTECTION ALERT

Target:  C:\Program Files\Common Files\Symantec Shared\COH\COH32.exe
Event Info:  Set Information Process
Action Taken:  Logged
Actor Process:  C:\Program Files\Process Lasso\ProcessGovernor.exe (PID 5436)
Time:  Sunday, March 10, 2013  2:20:43 PM

Error: (03/10/2013 01:40:59 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Maljava!gen23 in File: C:\Users\Mike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\60b7087-40435caf by: Auto-Protect scan.  Action: Clean failed : Quarantine failed : Access denied.  Action Description: The file was left unchanged.

Error: (03/10/2013 01:40:56 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Maljava!gen23 in File: C:\Users\Mike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\60b7087-40435caf by: Auto-Protect scan.  Action: Clean failed : Quarantine failed : Access denied.  Action Description: The file was left unchanged.

Error: (03/10/2013 01:40:40 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Maljava!gen23 in File: C:\Users\Mike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\60b7087-40435caf by: Auto-Protect scan.  Action: Clean failed : Quarantine failed : Access denied.  Action Description: The file was left unchanged.

Error: (03/10/2013 10:20:10 AM) (Source: Symantec AntiVirus) (User: Mike-PC)
Description: SYMANTEC TAMPER PROTECTION ALERT

Target:  C:\Program Files\Common Files\Symantec Shared\COH\COH32.exe
Event Info:  Set Information Process
Action Taken:  Logged
Actor Process:  C:\Program Files\Process Lasso\ProcessGovernor.exe (PID 5436)
Time:  Sunday, March 10, 2013  10:20:10 AM


System errors:
=============
Error: (03/10/2013 08:52:17 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/10/2013 08:42:17 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/10/2013 08:32:17 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/10/2013 08:22:17 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/10/2013 08:12:17 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/10/2013 08:02:17 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/10/2013 07:52:17 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/10/2013 07:42:17 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/10/2013 07:32:17 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/10/2013 07:22:17 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-03-10 14:12:47.303
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-10 14:12:46.975
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-10 14:12:46.679
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-10 14:12:46.367
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-10 14:12:45.992
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-10 14:12:45.665
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-10 13:10:29.720
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Lavasoft\Ad-Aware\Update\Drivers\i386\sbapifs.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-10 13:10:29.392
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Lavasoft\Ad-Aware\Update\Drivers\i386\sbapifs.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-10 13:10:29.049
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Lavasoft\Ad-Aware\Update\Drivers\i386\sbapifs.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-10 13:10:28.721
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Lavasoft\Ad-Aware\Update\Drivers\i386\sbapifs.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
2010 Tax Program (Version: 2010.00)
32 Bit HP BiDi Channel Components Installer (Version: 1.1.0.2)
Acrobat.com (Version: 1.7.258)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Ad-Aware
Ad-Aware (Version: 8.2.0)
Adobe Acrobat 9 Pro (Version: 9.5.2)
Adobe Acrobat 9.5.2 - CPSID_83708
Adobe AIR (Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.171)
Adobe Flash Player 11 Plugin (Version: 11.6.602.171)
Adobe Reader X (10.1.5) (Version: 10.1.5)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Advanced SystemCare 3 (Version: 3.7.0)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
ASL_HS_Installer32 (Version: 1.0.9)
ATT Management Agent (Version: 8.2.1.6)
Attachmate EXTRA! X-treme 8 (Version: 8.0.0.0000)
AutoUpdate (Version: 1.0)
AV Video Morpher
Avidemux 2.5 (32-bit) (Version: 2.5.4.7200)
CCleaner (Version: 3.28)
Cleanse Uninstaller Pro 6.5  (Version: )
CodeStuff Starter (Version: 5.6.2.9)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HD Audio
CPUID CPU-Z 1.51
Dell Photo AIO Printer 962
DivX (Version: 5.2.1)
DPWIPER 1.05 (Version: 1.05)
DVD Shrink 3.2
ESET Online Scanner v3
EVEREST Home Edition v2.20 (Version: 2.20)
Find Files Containing Your Specified Text Software
FormatFactory 2.30 (Version: 2.30)
FreeOCR 3.0 (Version: 3.0)
GIMP 2.6.8
Google Earth Plug-in (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.135)
HDAUDIO Soft Data Fax Modem with SmartCP
HP Active Support Library (Version: 3.1.9.1)
HP Color LaserJet CP2020 Series 1.0 (Version: 1.0)
HP Customer Participation Program 10.0 (Version: 10.0)
HP Games (Version: 1.0.0.66)
HP Help and Support (Version: 2.0.9.0)
HP Product Detection (Version: 9.7.2)
HP Total Care Advisor (Version: 1.0.94)
HP Update (Version: 4.000.012.001)
HP User Guide 0048 (Version: 1.02.0001)
HP Wireless Assistant (Version: 3.00 H3)
HPAsset component for HP Active Support Library (Version: 3.0.0.3)
HPNetworkAssistant (Version: 1.1.70)
hppFonts (Version: 001.001.00056)
hppLaserJetService (Version: 001.001.0.0)
hppManualsCP2020 (Version: 001.000.00112)
hppP1100P1560P1600SeriesLaserJetService (Version: 001.001.0.0)
hppPQVideoCP2020 (Version: 001.000.00112)
hppQFolderCP2020 (Version: 1.00.0000)
hppTLBXFXCP2020 (Version: 001.012.00091)
hppusgCP2020 (Version: 000.000.00011)
hppusgP1100P1560P1600Series (Version: 1.0.0.1)
HPSSupply (Version: 100.0.170.000)
hpzTLBXFX (Version: 004.012.00146)
HTC BMP USB Driver (Version: 1.0.5375)
HTC Driver Installer (Version: 3.0.0.021)
HypnoStudio1
iCare Data Recovery Software3.6.2
Intel® Graphics Media Accelerator Driver
Intel® Network Connections Drivers
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
LightScribe  1.4.124.1 (Version: 1.4.124.1)
LiveUpdate 3.3 (Symantec Corporation) (Version: 3.3.0.61)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MarketResearch (Version: 130.0.374.000)
McAfee SiteAdvisor (Version: 2.9.258)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.05.0818)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
My HP Games (Version: HPLAP0304)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Process Lasso (Version: 3.84.3)
QLBCASL (Version: 6.40.17.2)
QuickTime (Version: 7.55.90.70)
RealNetworks - Microsoft Visual C++ 2005 Runtime (Version: 8.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
RealUpgrade 1.1 (Version: 1.1.0)
Roxio Creator Audio (Version: 3.3.0)
Roxio Creator Basic v9 (Version: 3.3.0)
Roxio Creator Copy (Version: 3.3.0)
Roxio Creator Data (Version: 3.3.0)
Roxio Creator EasyArchive (Version: 3.3.0)
Roxio Creator Tools (Version: 3.3.0)
Roxio Express Labeler 3 (Version: 2.1.0)
Roxio MyDVD Basic v9 (Version: 9.0.114)
Shop for HP Supplies (Version: 10.0)
SimpleOCR 3.1
Smart Defrag 2 (Version: 2.2)
Sonic Activation Module (Version: 1.0)
Sony Ericsson Update Engine (Version: 2.12.5.57)
Sony PC Companion 2.10.079 (Version: 2.10.079)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spybot - Search & Destroy (Version: 1.6.2)
SUPERAntiSpyware (Version: 5.5.1012)
swMSM (Version: 12.0.0.1)
Symantec Endpoint Protection (Version: 11.0.3001.2224)
Synaptics Pointing Device Driver (Version: 11.0.7.0)
TeamViewer 5 (Version: 5.0.8703 )
TweakVI (Version: 1.0 build 1090)
Uberstaller 2.0.1
Uniblue RegistryBooster 2009
Uniblue RegistryBooster 2009 (Version: 3.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WebReg (Version: 100.0.170.000)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live OneCare safety scanner
Windows Live OneCare safety scanner (Version: 1.0.0.0)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
WinUtilities 9.95 Professional Edition
WinX DVD Ripper Platinum 5.9.2
WinX HD Video Converter Deluxe 3.10.2
Youtube Music Downloader V3.2

========================= Memory info: ===================================

Percentage of memory in use: 58%
Total physical RAM: 2037.31 MB
Available physical RAM: 840.49 MB
Total Pagefile: 5033.57 MB
Available Pagefile: 3136.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.2 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:291.51 GB) (Free:164.51 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:6.58 GB) (Free:0.69 GB) NTFS

========================= Users: ========================================

User accounts for \\MIKE-PC

Administrator            Guest                    Liz                     
Mike                    

========================= Minidump Files ==================================

No minidump file found


**** End of log ****

 

 

ADWCleaner:

 

# AdwCleaner v2.114 - Logfile created 03/10/2013 at 21:00:16
# Updated 05/03/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Mike - MIKE-PC
# Boot Mode : Normal
# Running from : C:\Users\Mike\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Tarma Installer

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Tarma Installer

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (en-US)

File : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\8o98e2tl.default\prefs.js

C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\8o98e2tl.default\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1340 octets] - [10/03/2013 21:00:16]

########## EOF - C:\AdwCleaner[S1].txt - [1400 octets] ##########

 

 

ESET Scanner:

 

C:\downloads\smart-defrag-setup-beta.exe Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\downloads\wuinstall.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\My 32GB Drive 6-14-2009\DCC Desktop 7-15-2008\Desktop stuff\Jump Drive\Tools\Nero Burning ROM v6.0.0.0 Ultra Edition Keygen\Keygen.exe a variant of Win32/Keygen.CY application cleaned by deleting - quarantined
C:\My 32GB Drive 6-14-2009\DCC Desktop 7-15-2008\JUMP 9-17-2007\MIKE (G)\Tools\Nero Burning ROM v6.0.0.0 Ultra Edition Keygen\Keygen.exe a variant of Win32/Keygen.CY application cleaned by deleting - quarantined
C:\My 32GB Drive 6-14-2009\DCC Desktop 7-15-2008\Jumpdrive 8-31-2006\MIKE (G)\Tools\Nero Burning ROM v6.0.0.0 Ultra Edition Keygen\Keygen.exe a variant of Win32/Keygen.CY application cleaned by deleting - quarantined
C:\My 32GB Drive 6-14-2009\DCC Desktop 7-15-2008\Lexar 7-15-2008\Tools\Nero Burning ROM v6.0.0.0 Ultra Edition Keygen\Keygen.exe a variant of Win32/Keygen.CY application cleaned by deleting - quarantined
C:\My 32GB Drive 6-14-2009\DCC Desktop 7-15-2008\Mike's Stuff\pen drive\Tools\Nero Burning ROM v6.0.0.0 Ultra Edition Keygen\Keygen.exe a variant of Win32/Keygen.CY application cleaned by deleting - quarantined
C:\My 32GB Drive 6-14-2009\MY DRIVE\Tools\Nero Burning ROM v6.0.0.0 Ultra Edition Keygen\Keygen.exe a variant of Win32/Keygen.CY application cleaned by deleting - quarantined
C:\Users\Mike\Desktop\FOLDERS\MY DRIVE\1-2009\Tools\Nero Burning ROM v6.0.0.0 Ultra Edition Keygen\Keygen.exe a variant of Win32/Keygen.CY application cleaned by deleting - quarantined
C:\Users\Mike\Downloads\cpuz_151_setup.exe a variant of Win32/Bundled.Toolbar.Ask.A application cleaned by deleting - quarantined
C:\Users\Mike\Downloads\FFSetup230.zip multiple threats deleted - quarantined
C:\Users\Mike\Downloads\filehelper_setup_dat.exe multiple threats cleaned by deleting - quarantined
C:\Users\Mike\Downloads\Nero_BurningROM-10.0.11000_trial.exe a variant of Win32/Bundled.Toolbar.Ask.A application cleaned by deleting - quarantined
C:\Users\Mike\Downloads\sd2-setup220.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Users\Mike\Downloads\wuinstall.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined

 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:32 PM

Posted 11 March 2013 - 09:08 PM

Using key generators is infecting you.

Thats why it's free. Free for them to steal your personal information.

IMPORTANT NOTE: The practice of using cracking tools, keygens, warez or any pirated software is not only considered illegal activity but it is a serious security risk.

Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

trendmicro.com/vinfo

...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV

...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

University of Washington spyware study

...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.

Bad Web Sites: Malware

When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

Before we can continue, I need you to remove all cracks and keygens immediately to reduce the risk of infection/reinfection. If not, then we are just wasting time trying to clean your system. Further, other tools used during the disinfection process may detect crack and keygens so we need to ensure they have been removed.

Using these types of programs or the websites you visited to get them is almost a guaranteed way to get yourself infected!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:32 PM

Posted 11 March 2013 - 09:13 PM

I see Minitoolbox did not post properly.
I also meant toask ifyou do banking or financials on here??
 
Please download MiniToolBox, save it to your desktop and run it. Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
  • Junkware Removal Tool
    thisisujrt.gif Please download Junkware

    Removal Tool
    to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and

      select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.




    • Please download TFC (Temp File Cleaner) by Old Timer and save

      it to your desktop.
      alternate download link
      • Save any unsaved work. TFC will close ALL open programs including your browser!
      • Double-click on TFC.exe to run

        it. If you are using Vista, right-click on the file and choose

        Run As Administrator
        .
      • Click the Start

        button to begin the cleaning process and let it run uninterrupted to completion.
      • TFC will clear out all temp folders for all user accounts

        (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in

        the user folder.
      • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually

        reboot the machine anyway to ensure a complete clean.
      Note: It is normal for the computer to be slow to boot after

      running TFC cleaner the first time.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 psychoguy2009

psychoguy2009
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 11 March 2013 - 10:30 PM

I have never been on sites like warez, etc.  The key generators were downloaded by my daughter over three years ago, so I am not sure if there are others, nor what programs they are associated with. She graduated and no longer lives with me, and does not have access to my laptop.  Please don't think that I have an attitude, I am just trying to provide you with all the information I have.

 

I have been using this laptop to do all my banking and financial transactions until this month because of the slowness and crashing.

 

Mini Toolbox:

 

MiniToolBox by Farbar Version:05-03-2013
Ran by Mike (administrator) on 11-03-2013 at 21:30:39
Running from "C:\Users\Mike\Downloads"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 15218 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection 2 (Connected)
Intel® PRO/100 VE Network Connection = Local Area Connection (Media disconnected)
TeamViewer VPN Adapter = TeamViewer VPN (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : Mike-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TeamViewer VPN Adapter
Physical Address. . . . . . . . . : 00-FF-45-91-03-EC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection #2
Physical Address. . . . . . . . . : 00-18-DE-C5-8F-07
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::acc5:dfde:7d67:1a69%19(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, March 10, 2013 9:04:27 PM
Lease Expires . . . . . . . . . . : Tuesday, March 12, 2013 9:19:54 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 419436766
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-87-61-65-00-16-36-C7-17-14
DNS Servers . . . . . . . . . . . : 68.105.28.12
68.105.29.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection
Physical Address. . . . . . . . . : 00-16-36-C7-17-14
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.no.cox.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 21:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{B98CE047-B5BE-4482-958A-EAAD4FF4310A}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns2.cox.net
Address: 68.105.28.12

Name: google.com
Addresses: 2001:4860:4002:802::1008
74.125.225.232
74.125.225.233
74.125.225.238
74.125.225.224
74.125.225.225
74.125.225.226
74.125.225.227
74.125.225.228
74.125.225.229
74.125.225.230
74.125.225.231

Pinging google.com [74.125.225.228] with 32 bytes of data:

Reply from 74.125.225.228: bytes=32 time=66ms TTL=55

Reply from 74.125.225.228: bytes=32 time=50ms TTL=55

Ping statistics for 74.125.225.228:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 50ms, Maximum = 66ms, Average = 58ms

Server: cdns2.cox.net
Address: 68.105.28.12

Name: yahoo.com
Addresses: 98.139.183.24
206.190.36.45
98.138.253.109

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=181ms TTL=51

Reply from 206.190.36.45: bytes=32 time=183ms TTL=51

Ping statistics for 206.190.36.45:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 181ms, Maximum = 183ms, Average = 182ms

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=38ms TTL=128

Reply from 127.0.0.1: bytes=32 time=8ms TTL=128

Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 8ms, Maximum = 38ms, Average = 23ms

===========================================================================
Interface List
28 ...00 ff 45 91 03 ec ...... TeamViewer VPN Adapter
19 ...00 18 de c5 8f 07 ...... Intel® PRO/Wireless 3945ABG Network Connection #2
8 ...00 16 36 c7 17 14 ...... Intel® PRO/100 VE Network Connection
1 ........................... Software Loopback Interface 1
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
27 ...00 00 00 00 00 00 00 e0 isatap.no.cox.net
26 ...00 00 00 00 00 00 00 e0 isatap.{B98CE047-B5BE-4482-958A-EAAD4FF4310A}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.102 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.102 281
192.168.1.102 255.255.255.255 On-link 192.168.1.102 281
192.168.1.255 255.255.255.255 On-link 192.168.1.102 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.102 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.102 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
19 281 fe80::/64 On-link
19 281 fe80::acc5:dfde:7d67:1a69/128
On-link
1 306 ff00::/8 On-link
19 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/11/2013 07:08:25 AM) (Source: Symantec AntiVirus) (User: )
Description: TruScan has generated an error: code 14: description: CAL Failure

Error: (03/11/2013 04:21:57 AM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Maljava!gen23 in File: C:\Users\Mike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\60b7087-40435caf by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Access denied. Action Description: The file was left unchanged.

Error: (03/11/2013 04:21:52 AM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Maljava!gen23 in File: C:\Users\Mike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\60b7087-40435caf by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Access denied. Action Description: The file was left unchanged.

Error: (03/11/2013 04:21:46 AM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Maljava!gen23 in File: C:\Users\Mike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\60b7087-40435caf by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Access denied. Action Description: The file was left unchanged.

Error: (03/11/2013 04:20:29 AM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Maljava!gen23 in File: C:\Users\Mike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\60b7087-40435caf by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Access denied. Action Description: The file was left unchanged.

Error: (03/10/2013 09:15:48 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Maljava!gen23 in File: C:\Users\Mike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\60b7087-40435caf by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Access denied. Action Description: The file was left unchanged.

Error: (03/10/2013 09:11:47 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Maljava!gen23 in File: C:\Users\Mike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\60b7087-40435caf by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Access denied. Action Description: The file was left unchanged.

Error: (03/10/2013 09:07:33 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Maljava!gen23 in File: C:\Users\Mike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\60b7087-40435caf by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Access denied. Action Description: The file was left unchanged.

Error: (03/10/2013 09:00:21 PM) (Source: Symantec AntiVirus) (User: Mike-PC)
Description: SYMANTEC TAMPER PROTECTION ALERT

Target: C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
Event Info: Terminate Process
Action Taken: Logged
Actor Process: C:\Users\Mike\Desktop\AdwCleaner.exe (PID 4516)
Time: Sunday, March 10, 2013 9:00:21 PM

Error: (03/10/2013 09:00:21 PM) (Source: Symantec AntiVirus) (User: Mike-PC)
Description: SYMANTEC TAMPER PROTECTION ALERT

Target: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Event Info: Terminate Process
Action Taken: Logged
Actor Process: C:\Users\Mike\Desktop\AdwCleaner.exe (PID 4516)
Time: Sunday, March 10, 2013 9:00:21 PM


System errors:
=============
Error: (03/11/2013 09:27:39 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/11/2013 09:17:39 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/11/2013 09:07:39 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/11/2013 08:57:39 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/11/2013 08:47:39 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/11/2013 08:37:39 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/11/2013 08:27:39 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/11/2013 08:17:39 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/11/2013 08:07:39 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/11/2013 07:57:39 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-03-10 14:12:47.303
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-03-10 14:12:46.975
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-03-10 14:12:46.679
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-03-10 14:12:46.367
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-03-10 14:12:45.992
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-03-10 14:12:45.665
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-03-10 13:10:29.720
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Lavasoft\Ad-Aware\Update\Drivers\i386\sbapifs.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-03-10 13:10:29.392
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Lavasoft\Ad-Aware\Update\Drivers\i386\sbapifs.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-03-10 13:10:29.049
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Lavasoft\Ad-Aware\Update\Drivers\i386\sbapifs.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-03-10 13:10:28.721
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Lavasoft\Ad-Aware\Update\Drivers\i386\sbapifs.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
2010 Tax Program (Version: 2010.00)
32 Bit HP BiDi Channel Components Installer (Version: 1.1.0.2)
Acrobat.com (Version: 1.7.258)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Ad-Aware
Ad-Aware (Version: 8.2.0)
Adobe Acrobat 9 Pro (Version: 9.5.2)
Adobe Acrobat 9.5.2 - CPSID_83708
Adobe AIR (Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.171)
Adobe Flash Player 11 Plugin (Version: 11.6.602.171)
Adobe Reader X (10.1.5) (Version: 10.1.5)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Advanced SystemCare 3 (Version: 3.7.0)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
ASL_HS_Installer32 (Version: 1.0.9)
ATT Management Agent (Version: 8.2.1.6)
Attachmate EXTRA! X-treme 8 (Version: 8.0.0.0000)
AutoUpdate (Version: 1.0)
AV Video Morpher
Avidemux 2.5 (32-bit) (Version: 2.5.4.7200)
CCleaner (Version: 3.28)
Cleanse Uninstaller Pro 6.5 (Version: )
CodeStuff Starter (Version: 5.6.2.9)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HD Audio
CPUID CPU-Z 1.51
Dell Photo AIO Printer 962
DivX (Version: 5.2.1)
DPWIPER 1.05 (Version: 1.05)
DVD Shrink 3.2
ESET Online Scanner v3
EVEREST Home Edition v2.20 (Version: 2.20)
Find Files Containing Your Specified Text Software
FormatFactory 2.30 (Version: 2.30)
FreeOCR 3.0 (Version: 3.0)
GIMP 2.6.8
Google Earth Plug-in (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.135)
HDAUDIO Soft Data Fax Modem with SmartCP
HP Active Support Library (Version: 3.1.9.1)
HP Color LaserJet CP2020 Series 1.0 (Version: 1.0)
HP Customer Participation Program 10.0 (Version: 10.0)
HP Games (Version: 1.0.0.66)
HP Help and Support (Version: 2.0.9.0)
HP Product Detection (Version: 9.7.2)
HP Total Care Advisor (Version: 1.0.94)
HP Update (Version: 4.000.012.001)
HP User Guide 0048 (Version: 1.02.0001)
HP Wireless Assistant (Version: 3.00 H3)
HPAsset component for HP Active Support Library (Version: 3.0.0.3)
HPNetworkAssistant (Version: 1.1.70)
hppFonts (Version: 001.001.00056)
hppLaserJetService (Version: 001.001.0.0)
hppManualsCP2020 (Version: 001.000.00112)
hppP1100P1560P1600SeriesLaserJetService (Version: 001.001.0.0)
hppPQVideoCP2020 (Version: 001.000.00112)
hppQFolderCP2020 (Version: 1.00.0000)
hppTLBXFXCP2020 (Version: 001.012.00091)
hppusgCP2020 (Version: 000.000.00011)
hppusgP1100P1560P1600Series (Version: 1.0.0.1)
HPSSupply (Version: 100.0.170.000)
hpzTLBXFX (Version: 004.012.00146)
HTC BMP USB Driver (Version: 1.0.5375)
HTC Driver Installer (Version: 3.0.0.021)
HypnoStudio1
iCare Data Recovery Software3.6.2
Intel® Graphics Media Accelerator Driver
Intel® Network Connections Drivers
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
LightScribe 1.4.124.1 (Version: 1.4.124.1)
LiveUpdate 3.3 (Symantec Corporation) (Version: 3.3.0.61)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MarketResearch (Version: 130.0.374.000)
McAfee SiteAdvisor (Version: 2.9.258)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.05.0818)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
My HP Games (Version: HPLAP0304)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Process Lasso (Version: 3.84.3)
QLBCASL (Version: 6.40.17.2)
QuickTime (Version: 7.55.90.70)
RealNetworks - Microsoft Visual C++ 2005 Runtime (Version: 8.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
RealUpgrade 1.1 (Version: 1.1.0)
Roxio Creator Audio (Version: 3.3.0)
Roxio Creator Basic v9 (Version: 3.3.0)
Roxio Creator Copy (Version: 3.3.0)
Roxio Creator Data (Version: 3.3.0)
Roxio Creator EasyArchive (Version: 3.3.0)
Roxio Creator Tools (Version: 3.3.0)
Roxio Express Labeler 3 (Version: 2.1.0)
Roxio MyDVD Basic v9 (Version: 9.0.114)
Shop for HP Supplies (Version: 10.0)
SimpleOCR 3.1
Smart Defrag 2 (Version: 2.2)
Sonic Activation Module (Version: 1.0)
Sony Ericsson Update Engine (Version: 2.12.5.57)
Sony PC Companion 2.10.079 (Version: 2.10.079)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spybot - Search & Destroy (Version: 1.6.2)
SUPERAntiSpyware (Version: 5.5.1012)
swMSM (Version: 12.0.0.1)
Symantec Endpoint Protection (Version: 11.0.3001.2224)
Synaptics Pointing Device Driver (Version: 11.0.7.0)
TeamViewer 5 (Version: 5.0.8703 )
TweakVI (Version: 1.0 build 1090)
Uberstaller 2.0.1
Uniblue RegistryBooster 2009
Uniblue RegistryBooster 2009 (Version: 3.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WebReg (Version: 100.0.170.000)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live OneCare safety scanner
Windows Live OneCare safety scanner (Version: 1.0.0.0)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
WinUtilities 9.95 Professional Edition
WinX DVD Ripper Platinum 5.9.2
WinX HD Video Converter Deluxe 3.10.2
Youtube Music Downloader V3.2

========================= Memory info: ===================================

Percentage of memory in use: 58%
Total physical RAM: 2037.31 MB
Available physical RAM: 855.48 MB
Total Pagefile: 5029.6 MB
Available Pagefile: 3297.1 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.2 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:291.51 GB) (Free:162.12 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:6.58 GB) (Free:0.69 GB) NTFS

========================= Users: ========================================

User accounts for \\MIKE-PC

Administrator Guest Liz
Mike


**** End of log ****

 

 

Junk Removal Tool


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.7.0 (03.11.2013:1)

OS: Windows Vista ™ Home Premium x86

Ran by Mike on Mon 03/11/2013 at 21:45:02.56

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\main\\Start Page

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ FireFox

 

Emptied folder: C:\Users\Mike\AppData\Roaming\mozilla\firefox\profiles\8o98e2tl.default\minidumps [6 files]

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Mon 03/11/2013 at 21:52:32.98

End of JRT log

 

TFC

 

Getting user folders.

 

Stopping running processes.

 

Emptying Temp folders.

 

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 56466 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Liz

->Temporary Internet Files folder emptied: 45223 bytes

 

User: Mike

->Temp folder emptied: 1450321 bytes

->Temporary Internet Files folder emptied: 19300977 bytes

->Java cache emptied: 5314230 bytes

->FireFox cache emptied: 5388078 bytes

->Google Chrome cache emptied: 0 bytes

->Flash cache emptied: 506 bytes

 

User: Public

->Temp folder emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 50774 bytes

%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes

%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 243 bytes

 

Emptying RecycleBin. Do not interrupt.

 

RecycleBin emptied: 0 bytes

Process complete!

 

Total Files Cleaned = 30.00 mb



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:32 PM

Posted 12 March 2013 - 10:20 PM

Hello, that's fine and I am not scolding only advising as many feel that they are getting something for nothing ,but in reality they want to steal from people by installing malwares.

 

Your Symantec Endpoint Protection looks outdated.. Do you pay for this or is it a leftover also?

You also have another AV installed,Microsoft Security Essentials.

Have you run the SUPERAntiSpyware program that is installed,its a good tool?

 

Fortunately there were no infostealers found,so banking is OK.

 

 

We need to remove some things as they are old and allow malware exploits. Go into Control Panel ...Remove Progrrams...

Uninstall........

Uniblue RegistryBooster 2009
UAdobe Reader Xniblue RegistryBooster 2009 (Version: 3.0) These are actually just bad tools CCleaner is better.

 

Java™ 6 Update 26 (Version: 6.0.260)

Adobe Reader X

 

Reboot

Install Adobe Reader XI

Java Version 7 Update 17

 

I suggest that your un-check the box "Install the ??? Toolbar or any browser" before proceeding with those installs when you are at the downoad page.

 

Does Norton stiil see anything?


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 psychoguy2009

psychoguy2009
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 12 March 2013 - 10:54 PM

The Symantec was provided by my employer, tough they have since switched to McAfee.  I thought the Symantec was still updating so I didn't see any reason to change it.  I have access to McAfee if you think it is better, I just had the idea that it was more of a resource hog.

 

The Microsoft Essentials is active because I thought it replaced Defender.  Should I not have both running?  If not, which is better, Symantec, McAfee, or Essentials?

 

I have removed the Uniblue Registry Booster, Adobe Reader X, and the Java 6 update.  Was there anything else I need to remove?  That part of your post seemed a little jumbled.

 

I am currently running a full scan with SUPERAntiSpyware, though I do run the quick scan on a fairly regular basis.  I have the paid versions of it and Malwarebytes (not cracked LOL).

 

Norton flashed a window about trojans last night when I was running one of the programs that you directed me to run, but it disappeared before I could get a screen shot when the program caused the desktop to flash off and on.



#9 psychoguy2009

psychoguy2009
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 13 March 2013 - 04:29 AM

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/13/2013 at 01:50 AM

Application Version : 5.6.1014

Core Rules Database Version : 10120
Trace Rules Database Version: 7932

Scan type       : Complete Scan
Total Scan Time : 03:16:41

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned      : 692
Memory threats detected   : 0
Registry items scanned    : 40449
Registry threats detected : 0
File items scanned        : 178304
File threats detected     : 3

Adware.Tracking Cookie
 C:\USERS\MIKE\AppData\Roaming\Microsoft\Windows\Cookies\Low\9C673ULF.txt [ Cookie:mike@invitemedia.com/ ]
 C:\USERS\MIKE\AppData\Roaming\Microsoft\Windows\Cookies\Low\2K3OOWNB.txt [ Cookie:mike@accounts.google.com/ ]
 C:\USERS\MIKE\AppData\Roaming\Microsoft\Windows\Cookies\Low\D3POF98F.txt [ Cookie:mike@eset.122.2o7.net/ ]



#10 psychoguy2009

psychoguy2009
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 13 March 2013 - 08:03 AM

Apparently, Windows Vista does not meet the specs for Adobe Reader XI.  When I tried to download Reader XI, the Adobe website redirected me to the Reader X download.  I checked the technical requirements for Reader Xi, and Vista does not appear to be supported.  This is what I found:

 

Adobe Reader XI system requirements

These system requirements are for Adobe® Reader® XI software, v11.0. Because system requirements change with each software update, refer to the Release Notes for your software version for the latest information on supported operating systems and browsers. Technical specifications are also available for the mobile version of Adobe Reader.

Windows
  • 1.3GHz or faster processor
  • Microsoft® Windows® XP with Service Pack 3 for 32 bit or Service Pack 2 for 64 bit; Windows Server® 2003 R2 (32 bit and 64 bit); Windows Server 2008 or 2008 R2 (32 bit and 64 bit); Windows 7 (32 bit and 64 bit); Windows 8 (32 bit and 64 bit)
  • 256MB of RAM (512MB recommended)
  • 320MB of available hard-disk space
  • 1024x768 screen resolution
  • Internet Explorer 7, 8, 9, or 10; Firefox Extended Support Release; Chrome


#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:32 PM

Posted 13 March 2013 - 12:08 PM

Well,I learned something there on Vista too!

The machine looks clean.

 

I saw that Symantec was at Version 12 so I asked. As they are paying I'd keep Symantec.. But I noticed a lot of errors in the post 6,Mini log. So I think you should re install it.

 If MSE is playing nice then perhaps no need to worry. Generally 2 AV's will conflict and slow the machine down.

 

 

Do you have a vista install disc?

 

I want to run SFC.

 

Please run SFC (System File Checker)
Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files

NOTE for Vista/WIN 7 users..The command needs to be run from an Elevated Command Prompt.Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'


You will need your operating system  CD handy.

Open Windows Task Manager....by pressing CTRL+SHIFT+ESC

Then click  File.. then New Task(Run)

In the box that opens type sfc /scannow ......There is a space between c and /

Click OK
Let it run and insert the CD when asked.


Edited by boopme, 14 March 2013 - 07:49 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 psychoguy2009

psychoguy2009
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 13 March 2013 - 10:44 PM

I finally found my HP System Recovery disc with Vista, ran the SFC scan, and it did not ask me for the disc. It said "Windows Resourse Protection found corrupt files but was unable to fix some of them. Details are included in the CBS log. The system file repair changes will take effect after the next reboot."

 

I rebooted the system and ran the scan again, and got the same message regarding corrupt files.



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:32 PM

Posted 14 March 2013 - 07:52 PM

Do you have any other system issues like this one,Windows Resourse Protection?

 

We can try a couple things yet.

 

You did install Java Version 7 Update 17

 

First scan with symantec and see if it finds that again.


Edited by boopme, 14 March 2013 - 07:54 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 psychoguy2009

psychoguy2009
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 15 March 2013 - 04:46 AM

Yes, I reinstalled Java with the link you provided.  I ran the Symantec full scan overnight, and it found 0 results.



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:32 PM

Posted 15 March 2013 - 02:52 PM

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users