Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Daughter's Computer non responsive


  • Please log in to reply
11 replies to this topic

#1 nwbalddog

nwbalddog

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Snohomish, WA
  • Local time:05:10 PM

Posted 12 March 2013 - 07:54 PM

My daughter's PC is very slow, prorams will not launch.

 

I ran Malware and AVG and not seeing anything.

I tried to uninstall, now running Microsoft Essential, yet need some help please!

Thanks very much


Edited by hamluis, 13 March 2013 - 08:33 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 eoval

eoval

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Plain Colorado
  • Local time:06:10 PM

Posted 12 March 2013 - 09:37 PM

Have you tried trenmicro.housecall.com? Its free, its online, and its always at least helpful in letting you know what infections you have (if its not able to remove them.) If you can't access the internet through normal measures, try in safe mode with networking. 



#3 nwbalddog

nwbalddog
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Snohomish, WA
  • Local time:05:10 PM

Posted 17 March 2013 - 12:35 PM

I ran the trenmicro...found 1 item, I still have this showing on Microsoft Essentials and is not working to get rid of:

Category:

Trojan

Description:

This program is dangerous and executes commands from an attacker.

Recommended action:

Remove this software immediately.

Items:

rootkit:Alureon->Mbr::Alureon

Get more information about this item online.

 

 

I am also now w/ competing software:

 

Malware, AVG, Trenmicro, Microsoft Essentials

 

I am still really slow and bogged down

Thanks for anymore help



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,534 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:10 PM

Posted 17 March 2013 - 02:42 PM

Hello to remove this please run..

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.




Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.



Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.



MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 nwbalddog

nwbalddog
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Snohomish, WA
  • Local time:05:10 PM

Posted 17 March 2013 - 03:01 PM

13:00:01.0512 7116 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

13:00:02.0136 7116 ============================================================

13:00:02.0136 7116 Current date / time: 2013/03/17 13:00:02.0136

13:00:02.0136 7116 SystemInfo:

13:00:02.0136 7116

13:00:02.0136 7116 OS Version: 6.1.7601 ServicePack: 1.0

13:00:02.0136 7116 Product type: Workstation

13:00:02.0136 7116 ComputerName: AMANDA-PC

13:00:02.0136 7116 UserName: Amanda

13:00:02.0136 7116 Windows directory: C:\Windows

13:00:02.0136 7116 System windows directory: C:\Windows

13:00:02.0136 7116 Processor architecture: Intel x86

13:00:02.0136 7116 Number of processors: 2

13:00:02.0136 7116 Page size: 0x1000

13:00:02.0136 7116 Boot type: Normal boot

13:00:02.0136 7116 ============================================================

13:00:04.0554 7116 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

13:00:04.0554 7116 ============================================================

13:00:04.0554 7116 \Device\Harddisk0\DR0:

13:00:04.0554 7116 MBR partitions:

13:00:04.0554 7116 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23D9C201

13:00:04.0554 7116 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23D9C240, BlocksNum 0x1691481

13:00:04.0554 7116 ============================================================

13:00:04.0586 7116 C: <-> \Device\Harddisk0\DR0\Partition1

13:00:04.0632 7116 D: <-> \Device\Harddisk0\DR0\Partition2

13:00:04.0632 7116 ============================================================

13:00:04.0632 7116 Initialize success

13:00:04.0632 7116 ============================================================

 

 

# AdwCleaner v2.115 - Logfile created 03/17/2013 at 12:56:38
# Updated 17/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Amanda - AMANDA-PC
# Boot Mode : Normal
# Running from : C:\Users\Amanda\Desktop\Dad's Computer stuff\AdwCleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : IB Updater
Stopped & Deleted : WajamUpdater

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search
File Deleted : C:\user.js
File Deleted : C:\Windows\system32\ImhxxpComm.dll
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\IB Updater
Folder Deleted : C:\Program Files\incredibar.com
Folder Deleted : C:\Program Files\Perion
Folder Deleted : C:\Program Files\Wajam
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Folder Deleted : C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Deleted : C:\Users\Amanda\AppData\Local\OpenCandy
Folder Deleted : C:\Users\Amanda\AppData\Local\Wajam
Folder Deleted : C:\Users\Amanda\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\Amanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Deleted : C:\Windows\system32\WNLT

***** [Registry] *****

Key Deleted : HKCU\Software\Alexa Internet
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB
Key Deleted : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB.1
Key Deleted : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy
Key Deleted : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021802.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021802.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021802.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\I
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\Software\IB Updater
Key Deleted : HKLM\Software\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKLM\Software\WNLT
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EA582743-9076-4178-9AA6-7393FDF4D5CE}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Google Chrome v25.0.1364.97

File : C:\Users\Amanda\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.53] : search_url =},omepage":true,"homepage_is_newtabpage":false,"session":{"restore_on_startup":4,"urls_to_r[...]

*************************

AdwCleaner[S1].txt - [17637 octets] - [17/03/2013 12:56:38]

########## EOF - C:\AdwCleaner[S1].txt - [17698 octets] ##########



#6 nwbalddog

nwbalddog
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Snohomish, WA
  • Local time:05:10 PM

Posted 17 March 2013 - 03:05 PM

MiniToolBox by Farbar  Version:05-03-2013
Ran by Amanda (administrator) on 17-03-2013 at 13:02:40
Running from "C:\Users\Amanda\Desktop\Dad's Computer stuff"
Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet  = Local Area Connection (Connecting)
Linksys WUSB600N Wireless-N USB Network Adapter with Dual-Band ver. 2 = Wireless Network Connection 3 (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Amanda-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.wa.comcast.net.

Wireless LAN adapter Wireless Network Connection 3:

   Connection-specific DNS Suffix  . : hsd1.wa.comcast.net.
   Description . . . . . . . . . . . : Linksys WUSB600N Wireless-N USB Network Adapter with Dual-Band ver. 2 #2
   Physical Address. . . . . . . . . : 00-25-9C-0A-7D-5D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2002:43b7:e9b4:1234:10dc:160e:a363:384(Preferred)
   Temporary IPv6 Address. . . . . . : 2002:43b7:e9b4:1234:9982:84f2:1810:ba7e(Preferred)
   Link-local IPv6 Address . . . . . : fe80::10dc:160e:a363:384%15(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, March 17, 2013 12:58:20 PM
   Lease Expires . . . . . . . . . . : Monday, March 18, 2013 12:58:29 PM
   Default Gateway . . . . . . . . . : fe80::200:ff:fe00:0%15
                                       192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 369108380
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-AE-9E-37-00-26-18-0D-D7-20
   DNS Servers . . . . . . . . . . . : 216.146.35.240
                                       216.146.36.240
                                       75.75.75.75
                                       75.75.76.76
                                       192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.wa.comcast.net.
   Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
   Physical Address. . . . . . . . . : 00-26-18-0D-D7-20
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f45d:c171:6dd6:865%10(Deprecated)
   Autoconfiguration IPv4 Address. . : 169.254.8.101(Tentative)
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.wa.comcast.net.:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.wa.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:18b5:1d21:3f57:fe99(Preferred)
   Link-local IPv6 Address . . . . . : fe80::18b5:1d21:3f57:fe99%12(Preferred)
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  sendori-rdns1.dyndns.com
Address:  216.146.35.240

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Address:  2607:f8b0:4009:801::1002


Pinging google.com [74.125.225.128] with 32 bytes of data:
Reply from 74.125.225.128: bytes=32 time=59ms TTL=53
Reply from 74.125.225.128: bytes=32 time=61ms TTL=53

Ping statistics for 74.125.225.128:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 59ms, Maximum = 61ms, Average = 60ms
Server:  sendori-rdns1.dyndns.com
Address:  216.146.35.240

Name:    yahoo.com
Addresses:  98.139.183.24
   98.138.253.109
   206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Request timed out.
Reply from 98.139.183.24: bytes=32 time=504ms TTL=49

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 504ms, Maximum = 504ms, Average = 504ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...00 25 9c 0a 7d 5d ......Linksys WUSB600N Wireless-N USB Network Adapter with Dual-Band ver. 2 #2
 10...00 26 18 0d d7 20 ......NVIDIA nForce 10/100 Mbps Ethernet
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.102     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.102    281
    192.168.1.102  255.255.255.255         On-link     192.168.1.102    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.102    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.102    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.102    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 15    281 ::/0                     fe80::200:ff:fe00:0
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:6ab8:18b5:1d21:3f57:fe99/128
                                    On-link
 15     33 2002:43b7:e9b4:1234::/64 On-link
 15    281 2002:43b7:e9b4:1234:10dc:160e:a363:384/128
                                    On-link
 15    281 2002:43b7:e9b4:1234:9982:84f2:1810:ba7e/128
                                    On-link
 15    281 fe80::/64                On-link
 12    306 fe80::/64                On-link
 15    281 fe80::10dc:160e:a363:384/128
                                    On-link
 12    306 fe80::18b5:1d21:3f57:fe99/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 15    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\Sendori.dll [321384] (Sendori)
Catalog9 02 C:\Windows\system32\Sendori.dll [321384] (Sendori)
Catalog9 03 C:\Windows\system32\Sendori.dll [321384] (Sendori)
Catalog9 04 C:\Windows\system32\Sendori.dll [321384] (Sendori)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\Sendori.dll [321384] (Sendori)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/17/2013 00:58:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/17/2013 00:50:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/17/2013 00:49:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4316906

Error: (03/17/2013 00:49:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4316906

Error: (03/17/2013 00:49:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/17/2013 00:48:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4301509

Error: (03/17/2013 00:48:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4301509

Error: (03/17/2013 00:48:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/17/2013 00:48:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4285472

Error: (03/17/2013 00:48:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4285472


System errors:
=============
Error: (03/17/2013 00:58:16 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.

Error: (03/17/2013 00:52:05 PM) (Source: Service Control Manager) (User: )
Description: The Service Sendori service hung on starting.

Error: (03/17/2013 00:50:20 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.

Error: (03/17/2013 00:48:55 PM) (Source: Microsoft Antimalware) (User: )
Description: %Trojan:Win64/Alureon.gen!F60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Trojan:Win64/Alureon.gen!F603

 Name: Trojan:Win64/Alureon.gen!F

 ID: 2147649329

 Severity: %Trojan:Win64/Alureon.gen!F600

 Category: %Trojan:Win64/Alureon.gen!F602

 Path: 4.2.0223.02

 Detection Origin: 4.2.0223.04

 Detection Type: 4.2.0223.08

 Detection Source: %Trojan:Win64/Alureon.gen!F608

 User: {472D14E0-13BE-41D7-831E-6EEF991CF4D2}9

 Process Name: %Trojan:Win64/Alureon.gen!F609

 Action: {472D14E0-13BE-41D7-831E-6EEF991CF4D2}1

 Action Status:  {472D14E0-13BE-41D7-831E-6EEF991CF4D2}8

 Error Code: {472D14E0-13BE-41D7-831E-6EEF991CF4D2}3

 Error description: {472D14E0-13BE-41D7-831E-6EEF991CF4D2}4

 Signature Version: 2013-03-17T19:48:34.879Z1

 Engine Version: 2013-03-17T19:48:34.879Z2

Error: (03/17/2013 00:09:12 PM) (Source: Service Control Manager) (User: )
Description: The Pure Networks Platform Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/17/2013 10:32:16 AM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.

Error: (03/17/2013 10:29:02 AM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.

Error: (03/17/2013 10:27:08 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.145.1667.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.2.0223.00

 Source Path: 4.2.0223.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (03/17/2013 10:27:08 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.145.1667.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.2.0223.00

 Source Path: 4.2.0223.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (03/17/2013 09:45:41 AM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (03/17/2013 00:58:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/17/2013 00:50:41 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/17/2013 00:49:01 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4316906

Error: (03/17/2013 00:49:01 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4316906

Error: (03/17/2013 00:49:01 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/17/2013 00:48:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4301509

Error: (03/17/2013 00:48:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4301509

Error: (03/17/2013 00:48:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/17/2013 00:48:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4285472

Error: (03/17/2013 00:48:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4285472


CodeIntegrity Errors:
===================================
  Date: 2013-03-17 12:46:31.296
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-17 10:32:15.437
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-17 10:29:00.607
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-17 10:26:12.693
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-17 09:45:38.464
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-14 17:28:07.105
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-12 20:50:43.867
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-12 19:29:13.001
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-12 17:40:14.950
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-12 16:56:28.420
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe AIR (Version: 1.1.0.5790)
Adobe Flash Player 10 Plugin (Version: 10.0.12.36)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Photoshop Elements 7.0 (Version: 7.0)
Adobe Photoshop.com Inspiration Browser (Version: 2.61)
Adobe Reader X (10.1.6) (Version: 10.1.6)
Amazon Browser Bar (Version: 3.0.2012.0507)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
AVG 2012 (Version: 2012.1.2238)
AVG SafeGuard toolbar (Version: 14.2.0.1)
Belkin Wireless Driver (Version: 1.80.0000)
Belkin Wireless G PCI Adapter (Version: 2.0.0.08)
Belkin Wireless Utility (Version: 3.02.003)
Bonjour (Version: 3.0.0.10)
BuzzSocialPoints version 1.0 (Version: 1.0)
BuzzSocialPoints_DNS version 1.0 (Version: 1.0)
BuzzSocialPoints_DNS_IE (Version: 1.0.0.0)
BuzzSocialPoints_IE (Version: 1.0.0.0)
Canon Inkjet Printer Driver Add-On Module
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CyberLink DVD Suite Deluxe (Version: 6.0.2602)
Default Manager (Version: 1.0.105.0)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
EA Download Manager (Version: 7.2.0.32)
ESET Online Scanner v3
Flash Player Pro V5.4
Google Chrome (Version: 25.0.1364.97)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
Hardware Diagnostic Tools (Version: 5.1.5144.16)
HiJackThis (Version: 1.0.0)
HP Active Support Library (Version: 3.1.10.1)
HP Advisor (Version: 3.3.12286.3436)
HP Customer Experience Enhancements (Version: 5.7.0.2945)
HP Games (Version: 1.0.0.66)
HP MediaSmart DVD (Version: 3.0.3420)
HP Odometer (Version: 2.10.0000)
HP Recovery Manager RSS (Version: 92.0.0.11)
HP Support Information (Version: 10.1.0001)
HP Total Care Setup (Version: 1.2.2854.2975)
HP Update (Version: 4.000.013.003)
HPAsset component for HP Active Support Library (Version: 3.0.1.0)
iCloud (Version: 2.1.1.3)
iTunes (Version: 11.0.2.26)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
LabelPrint (Version: 2.5.1402)
LightScribe System Software (Version: 1.18.3.2)
Linksys Wireless Manager (Version: 4.9.9131.1)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Live Search Toolbar (Version: 3.0.552.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 60 day trial
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MobileMe Control Panel (Version: 3.1.8.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Netgear WGX102 Configuration Utility (Version: 1.00.0000)
NVIDIA Drivers (Version: 1.6)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PhotoshopdotcomInspirationBrowser (Version: 0.0.0)
PictureMover (Version: 3.3.1.12)
Power2Go (Version: 6.0.2602)
PowerDirector (Version: 7.0.2611)
Pure Networks Platform (Version: 11.1.9044.0)
Python 2.6 pywin32-212 (Version: 2.12)
Python 2.6.1 (Version: 2.6.1150)
QuickTime (Version: 7.73.80.64)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.5910)
RealUpgrade 1.1 (Version: 1.1.0)
Revo Uninstaller 1.93 (Version: 1.93)
Safari (Version: 5.34.57.2)
Sendori (Version: 2.0.6)
The Sims™ 3 (Version: 1.36.45)
The Sims™ 3 Ambitions (Version: 4.0.87)
The Sims™ 3 Fast Lane Stuff (Version: 5.0.44)
The Sims™ 3 High-End Loft Stuff (Version: 3.0.38)
The Sims™ 3 Late Night (Version: 6.5.1)
The Sims™ 3 World Adventures (Version: 2.3.33)
TuneUp 2.4.6.4 (Version: 2.4.6.4)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Yahoo! Detect
Zoo Tycoon: Complete Collection

========================= Memory info: ===================================

Percentage of memory in use: 48%
Total physical RAM: 2942.49 MB
Available physical RAM: 1519.06 MB
Total Pagefile: 5884.98 MB
Available Pagefile: 4225.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1937.88 MB

========================= Partitions: =====================================

1 Drive c: (COMPAQ) (Fixed) (Total:286.8 GB) (Free:84.17 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.28 GB) (Free:1.59 GB) NTFS

========================= Users: ========================================

User accounts for \\AMANDA-PC

Administrator            Amanda                   Guest                   


**** End of log ****

 

Thanks



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,534 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:10 PM

Posted 17 March 2013 - 08:32 PM

Hello.it appears the bottom of the TDSS killer log did not get posted. Please post the last 10 -20 lines.

 

Was "malware" MalwareBytes?

 

Please Un-install Java™ 6 Update 30 (Version: 6.0.300), AVG and TrendMicro thru Control Panel, Programs, Uninistall.

Reboot

Install and scan with Avira Antivir

 

I posted adwcleaner twice sorry.

 

Please download TFC[/b] (Temp File Cleaner) by Old Timer and save it to your desktop.
alternate download link

  • Save any unsaved work. TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • TFC will clear out all temp folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
  • [b]Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Note: It is normal for the computer to be slow to boot after running TFC cleaner the first time.


 


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 nwbalddog

nwbalddog
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Snohomish, WA
  • Local time:05:10 PM

Posted 17 March 2013 - 11:17 PM

12:46:34.0505 10088  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:46:35.0238 10088  ============================================================
12:46:35.0238 10088  Current date / time: 2013/03/17 12:46:35.0238
12:46:35.0238 10088  SystemInfo:
12:46:35.0238 10088 
12:46:35.0238 10088  OS Version: 6.1.7601 ServicePack: 1.0
12:46:35.0238 10088  Product type: Workstation
12:46:35.0238 10088  ComputerName: AMANDA-PC
12:46:35.0238 10088  UserName: Amanda
12:46:35.0238 10088  Windows directory: C:\Windows
12:46:35.0238 10088  System windows directory: C:\Windows
12:46:35.0238 10088  Processor architecture: Intel x86
12:46:35.0238 10088  Number of processors: 2
12:46:35.0238 10088  Page size: 0x1000
12:46:35.0238 10088  Boot type: Normal boot
12:46:35.0238 10088  ============================================================
12:46:37.0485 10088  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:46:37.0485 10088  ============================================================
12:46:37.0485 10088  \Device\Harddisk0\DR0:
12:46:37.0485 10088  MBR partitions:
12:46:37.0485 10088  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23D9C201
12:46:37.0485 10088  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23D9C240, BlocksNum 0x1691481
12:46:37.0485 10088  ============================================================
12:46:37.0516 10088  C: <-> \Device\Harddisk0\DR0\Partition1
12:46:37.0609 10088  D: <-> \Device\Harddisk0\DR0\Partition2
12:46:37.0609 10088  ============================================================
12:46:37.0609 10088  Initialize success
12:46:37.0609 10088  ============================================================
12:47:09.0949 8548  ============================================================
12:47:09.0949 8548  Scan started
12:47:09.0949 8548  Mode: Manual; TDLFS;
12:47:09.0949 8548  ============================================================
12:47:10.0464 8548  ================ Scan system memory ========================
12:47:10.0464 8548  System memory - ok
12:47:10.0464 8548  ================ Scan services =============================
12:47:10.0667 8548  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:47:10.0667 8548  1394ohci - ok
12:47:10.0714 8548  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:47:10.0714 8548  ACPI - ok
12:47:10.0760 8548  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:47:10.0760 8548  AcpiPmi - ok
12:47:10.0885 8548  [ 3FD8DC2C9735C2AA70155102CFB93EDA ] AdobeActiveFileMonitor7.0 C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
12:47:10.0901 8548  AdobeActiveFileMonitor7.0 - ok
12:47:11.0057 8548  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:47:11.0057 8548  AdobeARMservice - ok
12:47:11.0150 8548  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:47:11.0150 8548  AdobeFlashPlayerUpdateSvc - ok
12:47:11.0213 8548  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:47:11.0213 8548  adp94xx - ok
12:47:11.0244 8548  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:47:11.0244 8548  adpahci - ok
12:47:11.0260 8548  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:47:11.0260 8548  adpu320 - ok
12:47:11.0322 8548  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:47:11.0322 8548  AeLookupSvc - ok
12:47:11.0353 8548  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
12:47:11.0353 8548  AFD - ok
12:47:11.0416 8548  [ 9C9D3B7A05445B1AB2DF4D0C4D6B77E8 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
12:47:11.0416 8548  AgereModemAudio - ok
12:47:11.0462 8548  [ 724262247645120A28C2743B7278A91A ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
12:47:11.0494 8548  AgereSoftModem - ok
12:47:11.0525 8548  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
12:47:11.0525 8548  agp440 - ok
12:47:11.0556 8548  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
12:47:11.0556 8548  aic78xx - ok
12:47:11.0587 8548  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
12:47:11.0587 8548  ALG - ok
12:47:11.0603 8548  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:47:11.0603 8548  aliide - ok
12:47:11.0603 8548  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
12:47:11.0603 8548  amdagp - ok
12:47:11.0618 8548  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:47:11.0618 8548  amdide - ok
12:47:11.0634 8548  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:47:11.0634 8548  AmdK8 - ok
12:47:11.0665 8548  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:47:11.0665 8548  AmdPPM - ok
12:47:11.0696 8548  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:47:11.0696 8548  amdsata - ok
12:47:11.0712 8548  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:47:11.0712 8548  amdsbs - ok
12:47:11.0743 8548  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:47:11.0743 8548  amdxata - ok
12:47:11.0759 8548  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
12:47:11.0759 8548  AppID - ok
12:47:11.0790 8548  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:47:11.0790 8548  AppIDSvc - ok
12:47:11.0837 8548  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
12:47:11.0837 8548  Appinfo - ok
12:47:11.0930 8548  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:47:11.0930 8548  Apple Mobile Device - ok
12:47:12.0008 8548  [ DCEBADAB68650A3EC48FDC102A6D67E8 ] Application Sendori C:\Program Files\Sendori\SendoriSvc.exe
12:47:12.0102 8548  Application Sendori - ok
12:47:12.0149 8548  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:47:12.0149 8548  arc - ok
12:47:12.0164 8548  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:47:12.0164 8548  arcsas - ok
12:47:12.0211 8548  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:47:12.0227 8548  AsyncMac - ok
12:47:12.0242 8548  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
12:47:12.0242 8548  atapi - ok
12:47:12.0320 8548  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:47:12.0320 8548  AudioEndpointBuilder - ok
12:47:12.0336 8548  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
12:47:12.0336 8548  Audiosrv - ok
12:47:12.0492 8548  [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent     C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
12:47:12.0586 8548  AVGIDSAgent - ok
12:47:12.0617 8548  [ DB61A6ECACD9D84405D2F3E411B25409 ] avgtp           C:\Windows\system32\drivers\avgtpx86.sys
12:47:12.0617 8548  avgtp - ok
12:47:12.0648 8548  [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd           C:\Program Files\AVG\AVG2012\avgwdsvc.exe
12:47:12.0648 8548  avgwd - ok
12:47:12.0710 8548  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:47:12.0710 8548  AxInstSV - ok
12:47:12.0773 8548  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
12:47:12.0773 8548  b06bdrv - ok
12:47:12.0788 8548  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
12:47:12.0788 8548  b57nd60x - ok
12:47:12.0851 8548  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:47:12.0851 8548  BDESVC - ok
12:47:12.0913 8548  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:47:12.0913 8548  Beep - ok
12:47:12.0976 8548  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
12:47:12.0976 8548  BFE - ok
12:47:13.0038 8548  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\system32\qmgr.dll
12:47:13.0038 8548  BITS - ok
12:47:13.0054 8548  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:47:13.0054 8548  blbdrive - ok
12:47:13.0132 8548  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:47:13.0132 8548  Bonjour Service - ok
12:47:13.0163 8548  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:47:13.0163 8548  bowser - ok
12:47:13.0178 8548  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:47:13.0178 8548  BrFiltLo - ok
12:47:13.0194 8548  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:47:13.0194 8548  BrFiltUp - ok
12:47:13.0241 8548  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
12:47:13.0241 8548  BridgeMP - ok
12:47:13.0272 8548  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
12:47:13.0272 8548  Browser - ok
12:47:13.0319 8548  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:47:13.0334 8548  Brserid - ok
12:47:13.0350 8548  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:47:13.0350 8548  BrSerWdm - ok
12:47:13.0381 8548  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:47:13.0381 8548  BrUsbMdm - ok
12:47:13.0397 8548  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:47:13.0397 8548  BrUsbSer - ok
12:47:13.0412 8548  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:47:13.0412 8548  BTHMODEM - ok
12:47:13.0475 8548  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
12:47:13.0475 8548  bthserv - ok
12:47:13.0490 8548  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:47:13.0490 8548  cdfs - ok
12:47:13.0522 8548  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:47:13.0522 8548  cdrom - ok
12:47:13.0568 8548  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
12:47:13.0568 8548  CertPropSvc - ok
12:47:13.0584 8548  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:47:13.0584 8548  circlass - ok
12:47:13.0600 8548  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
12:47:13.0615 8548  CLFS - ok
12:47:13.0709 8548  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:47:13.0709 8548  clr_optimization_v2.0.50727_32 - ok
12:47:13.0818 8548  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:47:13.0818 8548  clr_optimization_v4.0.30319_32 - ok
12:47:13.0818 8548  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:47:13.0834 8548  CmBatt - ok
12:47:13.0849 8548  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:47:13.0849 8548  cmdide - ok
12:47:13.0880 8548  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
12:47:13.0880 8548  CNG - ok
12:47:13.0927 8548  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:47:13.0927 8548  Compbatt - ok
12:47:13.0974 8548  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:47:13.0974 8548  CompositeBus - ok
12:47:13.0990 8548  COMSysApp - ok
12:47:14.0005 8548  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:47:14.0005 8548  crcdisk - ok
12:47:14.0052 8548  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:47:14.0052 8548  CryptSvc - ok
12:47:14.0114 8548  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:47:14.0114 8548  DcomLaunch - ok
12:47:14.0208 8548  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:47:14.0239 8548  defragsvc - ok
12:47:14.0348 8548  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:47:14.0380 8548  DfsC - ok
12:47:14.0426 8548  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:47:14.0426 8548  Dhcp - ok
12:47:14.0473 8548  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
12:47:14.0473 8548  discache - ok
12:47:14.0504 8548  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:47:14.0504 8548  Disk - ok
12:47:14.0551 8548  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:47:14.0551 8548  Dnscache - ok
12:47:14.0598 8548  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:47:14.0598 8548  dot3svc - ok
12:47:14.0645 8548  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
12:47:14.0645 8548  DPS - ok
12:47:14.0707 8548  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:47:14.0707 8548  drmkaud - ok
12:47:14.0754 8548  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:47:14.0754 8548  DXGKrnl - ok
12:47:14.0816 8548  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
12:47:14.0816 8548  EapHost - ok
12:47:14.0926 8548  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
12:47:14.0972 8548  ebdrv - ok
12:47:15.0004 8548  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
12:47:15.0004 8548  EFS - ok
12:47:15.0097 8548  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:47:15.0113 8548  ehRecvr - ok
12:47:15.0160 8548  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
12:47:15.0175 8548  ehSched - ok
12:47:15.0191 8548  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:47:15.0206 8548  elxstor - ok
12:47:15.0222 8548  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:47:15.0222 8548  ErrDev - ok
12:47:15.0300 8548  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
12:47:15.0300 8548  EventSystem - ok
12:47:15.0347 8548  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
12:47:15.0347 8548  exfat - ok
12:47:15.0378 8548  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:47:15.0378 8548  fastfat - ok
12:47:15.0440 8548  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
12:47:15.0440 8548  Fax - ok
12:47:15.0456 8548  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:47:15.0456 8548  fdc - ok
12:47:15.0472 8548  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
12:47:15.0487 8548  fdPHost - ok
12:47:15.0487 8548  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
12:47:15.0487 8548  FDResPub - ok
12:47:15.0503 8548  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:47:15.0503 8548  FileInfo - ok
12:47:15.0518 8548  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:47:15.0518 8548  Filetrace - ok
12:47:15.0596 8548  [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:47:15.0612 8548  FLEXnet Licensing Service - ok
12:47:15.0706 8548  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:47:15.0706 8548  flpydisk - ok
12:47:15.0737 8548  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:47:15.0737 8548  FltMgr - ok
12:47:15.0768 8548  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\Windows\system32\FntCache.dll
12:47:15.0784 8548  FontCache - ok
12:47:15.0862 8548  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:47:15.0862 8548  FontCache3.0.0.0 - ok
12:47:15.0893 8548  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:47:15.0893 8548  FsDepends - ok
12:47:15.0924 8548  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:47:15.0924 8548  Fs_Rec - ok
12:47:15.0986 8548  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:47:15.0986 8548  fvevol - ok
12:47:16.0018 8548  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:47:16.0018 8548  gagp30kx - ok
12:47:16.0158 8548  [ DB3D8979064CE299927CC1DA57E9A659 ] GameConsoleService C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe
12:47:16.0283 8548  GameConsoleService - ok
12:47:16.0330 8548  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:47:16.0330 8548  GEARAspiWDM - ok
12:47:16.0392 8548  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:47:16.0392 8548  gpsvc - ok
12:47:16.0486 8548  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
12:47:16.0486 8548  gupdate - ok
12:47:16.0501 8548  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
12:47:16.0501 8548  gupdatem - ok
12:47:16.0564 8548  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:47:16.0564 8548  gusvc - ok
12:47:16.0579 8548  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:47:16.0595 8548  hcw85cir - ok
12:47:16.0610 8548  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:47:16.0626 8548  HDAudBus - ok
12:47:16.0673 8548  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:47:16.0673 8548  HidBatt - ok
12:47:16.0688 8548  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:47:16.0704 8548  HidBth - ok
12:47:16.0720 8548  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:47:16.0720 8548  HidIr - ok
12:47:16.0766 8548  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\System32\hidserv.dll
12:47:16.0766 8548  hidserv - ok
12:47:16.0798 8548  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:47:16.0798 8548  HidUsb - ok
12:47:16.0860 8548  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:47:16.0860 8548  hkmsvc - ok
12:47:16.0922 8548  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:47:16.0922 8548  HomeGroupListener - ok
12:47:16.0969 8548  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:47:16.0985 8548  HomeGroupProvider - ok
12:47:17.0094 8548  [ AA9EF0B395097F24D289F64445B2FD2E ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
12:47:17.0094 8548  HP Health Check Service - ok
12:47:17.0125 8548  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:47:17.0125 8548  HpSAMD - ok
12:47:17.0188 8548  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:47:17.0188 8548  HTTP - ok
12:47:17.0234 8548  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:47:17.0234 8548  hwpolicy - ok
12:47:17.0250 8548  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:47:17.0266 8548  i8042prt - ok
12:47:17.0312 8548  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:47:17.0328 8548  iaStorV - ok
12:47:17.0406 8548  [ CEDB27BACA286F063C3A11D44AF530AE ] IB Updater      C:\Program Files\IB Updater\ExtensionUpdaterService.exe
12:47:17.0515 8548  IB Updater - ok
12:47:17.0578 8548  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:47:17.0593 8548  idsvc - ok
12:47:17.0609 8548  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:47:17.0609 8548  iirsp - ok
12:47:17.0687 8548  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
12:47:17.0702 8548  IKEEXT - ok
12:47:17.0812 8548  [ 3914EA9111DBEFFAF1C68200817768AD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
12:47:17.0858 8548  IntcAzAudAddService - ok
12:47:17.0874 8548  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:47:17.0874 8548  intelide - ok
12:47:17.0905 8548  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:47:17.0905 8548  intelppm - ok
12:47:17.0952 8548  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:47:17.0952 8548  IPBusEnum - ok
12:47:18.0014 8548  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:47:18.0014 8548  IpFilterDriver - ok
12:47:18.0061 8548  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:47:18.0061 8548  iphlpsvc - ok
12:47:18.0077 8548  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:47:18.0077 8548  IPMIDRV - ok
12:47:18.0092 8548  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:47:18.0092 8548  IPNAT - ok
12:47:18.0170 8548  [ E46B17060D3962A384AE484094614788 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:47:18.0186 8548  iPod Service - ok
12:47:18.0217 8548  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:47:18.0217 8548  IRENUM - ok
12:47:18.0248 8548  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:47:18.0248 8548  isapnp - ok
12:47:18.0264 8548  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:47:18.0264 8548  iScsiPrt - ok
12:47:18.0358 8548  [ 8DBC3F0205458DDA01964008B4A0F25D ] jswpsapi        C:\Program Files\Belkin\F5D7000v8\jswpsapi.exe
12:47:18.0638 8548  jswpsapi - ok
12:47:18.0685 8548  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:47:18.0685 8548  kbdclass - ok
12:47:18.0701 8548  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:47:18.0701 8548  kbdhid - ok
12:47:18.0716 8548  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
12:47:18.0716 8548  KeyIso - ok
12:47:18.0732 8548  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:47:18.0732 8548  KSecDD - ok
12:47:18.0763 8548  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:47:18.0763 8548  KSecPkg - ok
12:47:18.0810 8548  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:47:18.0810 8548  KtmRm - ok
12:47:18.0841 8548  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\System32\srvsvc.dll
12:47:18.0857 8548  LanmanServer - ok
12:47:18.0888 8548  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:47:18.0904 8548  LanmanWorkstation - ok
12:47:18.0966 8548  [ DFEFF67508D3A9AEB1A85D7B0F513B24 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
12:47:18.0966 8548  LightScribeService - ok
12:47:19.0075 8548  [ 06DC2FDC6282F0D68910417B1150C848 ] LinksysUpdater  C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
12:47:19.0075 8548  LinksysUpdater - ok
12:47:19.0138 8548  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:47:19.0138 8548  lltdio - ok
12:47:19.0184 8548  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:47:19.0184 8548  lltdsvc - ok
12:47:19.0200 8548  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:47:19.0216 8548  lmhosts - ok
12:47:19.0278 8548  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:47:19.0278 8548  LSI_FC - ok
12:47:19.0294 8548  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:47:19.0294 8548  LSI_SAS - ok
12:47:19.0309 8548  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:47:19.0309 8548  LSI_SAS2 - ok
12:47:19.0325 8548  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:47:19.0340 8548  LSI_SCSI - ok
12:47:19.0356 8548  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
12:47:19.0356 8548  luafv - ok
12:47:19.0512 8548  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
12:47:19.0512 8548  MBAMProtector - ok
12:47:19.0574 8548  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:47:19.0574 8548  MBAMScheduler - ok
12:47:19.0606 8548  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
12:47:19.0621 8548  MBAMService - ok
12:47:19.0668 8548  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:47:19.0668 8548  Mcx2Svc - ok
12:47:19.0684 8548  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
12:47:19.0684 8548  mdmxsdk - ok
12:47:19.0699 8548  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:47:19.0699 8548  megasas - ok
12:47:19.0746 8548  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:47:19.0746 8548  MegaSR - ok
12:47:19.0793 8548  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
12:47:19.0793 8548  MMCSS - ok
12:47:19.0855 8548  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
12:47:19.0855 8548  Modem - ok
12:47:19.0871 8548  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:47:19.0871 8548  monitor - ok
12:47:19.0902 8548  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:47:19.0902 8548  mouclass - ok
12:47:19.0918 8548  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:47:19.0918 8548  mouhid - ok
12:47:19.0949 8548  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:47:19.0964 8548  mountmgr - ok
12:47:20.0027 8548  [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
12:47:20.0027 8548  MpFilter - ok
12:47:20.0042 8548  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:47:20.0058 8548  mpio - ok
12:47:20.0276 8548  [ A69630D039C38018689190234F866D77 ] MpKsl94760727   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7524956A-4A60-4405-BC52-4401183510D9}\MpKsl94760727.sys
12:47:20.0276 8548  MpKsl94760727 - ok
12:47:20.0323 8548  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:47:20.0323 8548  mpsdrv - ok
12:47:20.0386 8548  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:47:20.0401 8548  MpsSvc - ok
12:47:20.0448 8548  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:47:20.0448 8548  MRxDAV - ok
12:47:20.0464 8548  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:47:20.0464 8548  mrxsmb - ok
12:47:20.0510 8548  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:47:20.0510 8548  mrxsmb10 - ok
12:47:20.0526 8548  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:47:20.0526 8548  mrxsmb20 - ok
12:47:20.0573 8548  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
12:47:20.0573 8548  msahci - ok
12:47:20.0604 8548  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:47:20.0604 8548  msdsm - ok
12:47:20.0620 8548  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
12:47:20.0620 8548  MSDTC - ok
12:47:20.0682 8548  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:47:20.0682 8548  Msfs - ok
12:47:20.0698 8548  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:47:20.0698 8548  mshidkmdf - ok
12:47:20.0713 8548  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:47:20.0713 8548  msisadrv - ok
12:47:20.0776 8548  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:47:20.0776 8548  MSiSCSI - ok
12:47:20.0791 8548  msiserver - ok
12:47:20.0822 8548  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:47:20.0822 8548  MSKSSRV - ok
12:47:20.0916 8548  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
12:47:20.0916 8548  MsMpSvc - ok
12:47:20.0932 8548  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:47:20.0947 8548  MSPCLOCK - ok
12:47:20.0978 8548  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:47:20.0978 8548  MSPQM - ok
12:47:20.0994 8548  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:47:20.0994 8548  MsRPC - ok
12:47:21.0025 8548  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:47:21.0025 8548  mssmbios - ok
12:47:21.0041 8548  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:47:21.0041 8548  MSTEE - ok
12:47:21.0088 8548  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:47:21.0088 8548  MTConfig - ok
12:47:21.0103 8548  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
12:47:21.0103 8548  Mup - ok
12:47:21.0150 8548  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
12:47:21.0150 8548  napagent - ok
12:47:21.0166 8548  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:47:21.0166 8548  NativeWifiP - ok
12:47:21.0212 8548  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:47:21.0228 8548  NDIS - ok
12:47:21.0244 8548  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:47:21.0244 8548  NdisCap - ok
12:47:21.0275 8548  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:47:21.0275 8548  NdisTapi - ok
12:47:21.0290 8548  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:47:21.0290 8548  Ndisuio - ok
12:47:21.0337 8548  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:47:21.0337 8548  NdisWan - ok
12:47:21.0384 8548  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:47:21.0400 8548  NDProxy - ok
12:47:21.0446 8548  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:47:21.0446 8548  NetBIOS - ok
12:47:21.0509 8548  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:47:21.0509 8548  NetBT - ok
12:47:21.0509 8548  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
12:47:21.0524 8548  Netlogon - ok
12:47:21.0587 8548  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
12:47:21.0587 8548  Netman - ok
12:47:21.0602 8548  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
12:47:21.0618 8548  netprofm - ok
12:47:21.0649 8548  [ 105A0947E6E01E5A6B76DAD87547CD89 ] netr28u         C:\Windows\system32\DRIVERS\netr28u.sys
12:47:21.0665 8548  netr28u - ok
12:47:21.0696 8548  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:47:21.0712 8548  NetTcpPortSharing - ok
12:47:21.0743 8548  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:47:21.0743 8548  nfrd960 - ok
12:47:21.0805 8548  [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:47:21.0805 8548  NisDrv - ok
12:47:21.0836 8548  [ E570ECA850F30EB740C2E9699DF3D2BD ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
12:47:21.0852 8548  NisSrv - ok
12:47:21.0899 8548  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:47:21.0899 8548  NlaSvc - ok
12:47:21.0977 8548  [ CD2FE9C33CFD0FE0AF124E05907E5C3D ] nmservice       C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
12:47:21.0992 8548  nmservice - ok
12:47:22.0039 8548  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:47:22.0039 8548  Npfs - ok
12:47:22.0086 8548  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
12:47:22.0086 8548  nsi - ok
12:47:22.0102 8548  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:47:22.0102 8548  nsiproxy - ok
12:47:22.0180 8548  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:47:22.0195 8548  Ntfs - ok
12:47:22.0211 8548  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
12:47:22.0211 8548  Null - ok
12:47:22.0273 8548  [ B5E37E31C053BC9950455A257526514B ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x32.sys
12:47:22.0273 8548  NVENETFD - ok
12:47:22.0538 8548  [ B0881DDA5A8160422561FFAB7F0008B1 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:47:22.0757 8548  nvlddmkm - ok
12:47:22.0804 8548  [ 5BF9C11586F4764446407F509F1BECA8 ] NVNET           C:\Windows\system32\DRIVERS\nvmf6232.sys
12:47:22.0804 8548  NVNET - ok
12:47:22.0819 8548  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:47:22.0819 8548  nvraid - ok
12:47:22.0850 8548  [ 5DD1242CABC1EF8DCE4438D72D72A436 ] nvrd32          C:\Windows\system32\DRIVERS\nvrd32.sys
12:47:22.0850 8548  nvrd32 - ok
12:47:22.0882 8548  [ 62754E376185EACBB73D06FEA0FFC54A ] nvsmu           C:\Windows\system32\drivers\nvsmu.sys
12:47:22.0882 8548  nvsmu - ok
12:47:22.0897 8548  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:47:22.0913 8548  nvstor - ok
12:47:22.0928 8548  [ F73533D47857D819E082E42EA1300E50 ] nvstor32        C:\Windows\system32\DRIVERS\nvstor32.sys
12:47:22.0928 8548  nvstor32 - ok
12:47:22.0944 8548  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:47:22.0944 8548  nv_agp - ok
12:47:22.0960 8548  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:47:22.0975 8548  ohci1394 - ok
12:47:23.0022 8548  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:47:23.0022 8548  ose - ok
12:47:23.0084 8548  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:47:23.0084 8548  p2pimsvc - ok
12:47:23.0100 8548  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:47:23.0116 8548  p2psvc - ok
12:47:23.0131 8548  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:47:23.0131 8548  Parport - ok
12:47:23.0147 8548  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:47:23.0147 8548  partmgr - ok
12:47:23.0162 8548  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
12:47:23.0162 8548  Parvdm - ok
12:47:23.0194 8548  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:47:23.0194 8548  PcaSvc - ok
12:47:23.0287 8548  [ A88F42AD20418620D08A13AD1A70C083 ] PCDSRVC{4F253FFC-7957E8FC-06000000}_0 c:\program files\pc-doctor for windows\pcdsrvc.pkms
12:47:23.0287 8548  PCDSRVC{4F253FFC-7957E8FC-06000000}_0 - ok
12:47:23.0334 8548  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
12:47:23.0334 8548  pci - ok
12:47:23.0334 8548  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
12:47:23.0350 8548  pciide - ok
12:47:23.0396 8548  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:47:23.0396 8548  pcmcia - ok
12:47:23.0443 8548  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
12:47:23.0443 8548  pcw - ok
12:47:23.0474 8548  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:47:23.0490 8548  PEAUTH - ok
12:47:23.0568 8548  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
12:47:23.0615 8548  pla - ok
12:47:23.0646 8548  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:47:23.0662 8548  PlugPlay - ok
12:47:23.0677 8548  [ 63200893C9D5934A7504D20F68276CC7 ] pnarp           C:\Windows\system32\DRIVERS\pnarp.sys
12:47:23.0677 8548  pnarp - ok
12:47:23.0724 8548  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:47:23.0724 8548  PNRPAutoReg - ok
12:47:23.0755 8548  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:47:23.0755 8548  PNRPsvc - ok
12:47:23.0802 8548  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:47:23.0802 8548  PolicyAgent - ok
12:47:23.0864 8548  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
12:47:23.0880 8548  Power - ok
12:47:23.0927 8548  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:47:23.0927 8548  PptpMiniport - ok
12:47:23.0974 8548  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:47:23.0974 8548  Processor - ok
12:47:24.0005 8548  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
12:47:24.0020 8548  ProfSvc - ok
12:47:24.0036 8548  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:47:24.0036 8548  ProtectedStorage - ok
12:47:24.0052 8548  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:47:24.0052 8548  Psched - ok
12:47:24.0067 8548  [ 748BCAB4EFF5959ED347C05A1C1A0AF8 ] purendis        C:\Windows\system32\DRIVERS\purendis.sys
12:47:24.0067 8548  purendis - ok
12:47:24.0098 8548  [ D86B4A68565E444D76457F14172C875A ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
12:47:24.0098 8548  PxHelp20 - ok
12:47:24.0130 8548  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:47:24.0145 8548  ql2300 - ok
12:47:24.0176 8548  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:47:24.0176 8548  ql40xx - ok
12:47:24.0223 8548  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
12:47:24.0223 8548  QWAVE - ok
12:47:24.0239 8548  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:47:24.0239 8548  QWAVEdrv - ok
12:47:24.0254 8548  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:47:24.0254 8548  RasAcd - ok
12:47:24.0301 8548  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:47:24.0317 8548  RasAgileVpn - ok
12:47:24.0379 8548  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
12:47:24.0379 8548  RasAuto - ok
12:47:24.0395 8548  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:47:24.0395 8548  Rasl2tp - ok
12:47:24.0442 8548  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
12:47:24.0457 8548  RasMan - ok
12:47:24.0473 8548  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:47:24.0473 8548  RasPppoe - ok
12:47:24.0488 8548  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:47:24.0488 8548  RasSstp - ok
12:47:24.0504 8548  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:47:24.0504 8548  rdbss - ok
12:47:24.0551 8548  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:47:24.0566 8548  rdpbus - ok
12:47:24.0598 8548  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:47:24.0598 8548  RDPCDD - ok
12:47:24.0629 8548  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:47:24.0629 8548  RDPENCDD - ok
12:47:24.0644 8548  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:47:24.0644 8548  RDPREFMP - ok
12:47:24.0676 8548  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:47:24.0676 8548  RDPWD - ok
12:47:24.0722 8548  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:47:24.0722 8548  rdyboost - ok
12:47:24.0769 8548  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:47:24.0769 8548  RemoteAccess - ok
12:47:24.0832 8548  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:47:24.0863 8548  RemoteRegistry - ok
12:47:24.0910 8548  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:47:24.0910 8548  RpcEptMapper - ok
12:47:24.0988 8548  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
12:47:24.0988 8548  RpcLocator - ok
12:47:25.0050 8548  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
12:47:25.0066 8548  RpcSs - ok
12:47:25.0112 8548  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:47:25.0112 8548  rspndr - ok
12:47:25.0128 8548  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
12:47:25.0128 8548  SamSs - ok
12:47:25.0144 8548  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:47:25.0144 8548  sbp2port - ok
12:47:25.0159 8548  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:47:25.0175 8548  SCardSvr - ok
12:47:25.0175 8548  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:47:25.0175 8548  scfilter - ok
12:47:25.0237 8548  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
12:47:25.0253 8548  Schedule - ok
12:47:25.0300 8548  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:47:25.0300 8548  SCPolicySvc - ok
12:47:25.0378 8548  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:47:25.0440 8548  SDRSVC - ok
12:47:25.0612 8548  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:47:25.0612 8548  secdrv - ok
12:47:25.0690 8548  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
12:47:25.0721 8548  seclogon - ok
12:47:25.0830 8548  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\system32\sens.dll
12:47:25.0830 8548  SENS - ok
12:47:25.0846 8548  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:47:25.0846 8548  SensrSvc - ok
12:47:25.0892 8548  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:47:25.0908 8548  Serenum - ok
12:47:25.0924 8548  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:47:25.0924 8548  Serial - ok
12:47:25.0955 8548  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:47:25.0955 8548  sermouse - ok
12:47:26.0080 8548  [ B8080082E50653121591885E43A33250 ] Service Sendori C:\Program Files\Sendori\Sendori.Service.exe
12:47:26.0095 8548  Service Sendori - ok
12:47:26.0142 8548  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:47:26.0158 8548  SessionEnv - ok
12:47:26.0158 8548  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:47:26.0173 8548  sffdisk - ok
12:47:26.0173 8548  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:47:26.0173 8548  sffp_mmc - ok
12:47:26.0189 8548  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:47:26.0189 8548  sffp_sd - ok
12:47:26.0189 8548  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:47:26.0204 8548  sfloppy - ok
12:47:26.0251 8548  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:47:26.0267 8548  SharedAccess - ok
12:47:26.0314 8548  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:47:26.0314 8548  ShellHWDetection - ok
12:47:26.0329 8548  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
12:47:26.0329 8548  sisagp - ok
12:47:26.0376 8548  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:47:26.0376 8548  SiSRaid2 - ok
12:47:26.0407 8548  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:47:26.0407 8548  SiSRaid4 - ok
12:47:26.0470 8548  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:47:26.0470 8548  Smb - ok
12:47:26.0563 8548  [ 51630E657E104487AD3897A7A6047B94 ] sndappv2        C:\Program Files\Sendori\sndappv2.exe
12:47:26.0641 8548  sndappv2 - ok
12:47:26.0688 8548  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:47:26.0688 8548  SNMPTRAP - ok
12:47:26.0719 8548  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:47:26.0719 8548  spldr - ok
12:47:26.0750 8548  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
12:47:26.0750 8548  Spooler - ok
12:47:26.0860 8548  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
12:47:26.0906 8548  sppsvc - ok
12:47:26.0953 8548  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:47:26.0953 8548  sppuinotify - ok
12:47:26.0984 8548  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:47:26.0984 8548  srv - ok
12:47:27.0000 8548  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:47:27.0016 8548  srv2 - ok
12:47:27.0016 8548  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:47:27.0031 8548  srvnet - ok
12:47:27.0078 8548  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:47:27.0078 8548  SSDPSRV - ok
12:47:27.0078 8548  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:47:27.0094 8548  SstpSvc - ok
12:47:27.0109 8548  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:47:27.0109 8548  stexstor - ok
12:47:27.0172 8548  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
12:47:27.0172 8548  StiSvc - ok
12:47:27.0187 8548  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:47:27.0187 8548  swenum - ok
12:47:27.0203 8548  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
12:47:27.0203 8548  swprv - ok
12:47:27.0265 8548  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
12:47:27.0296 8548  SysMain - ok
12:47:27.0343 8548  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:47:27.0343 8548  TabletInputService - ok
12:47:27.0421 8548  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:47:27.0421 8548  TapiSrv - ok
12:47:27.0437 8548  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
12:47:27.0437 8548  TBS - ok
12:47:27.0515 8548  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:47:27.0530 8548  Tcpip - ok
12:47:27.0577 8548  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:47:27.0577 8548  TCPIP6 - ok
12:47:27.0624 8548  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:47:27.0640 8548  tcpipreg - ok
12:47:27.0686 8548  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:47:27.0686 8548  TDPIPE - ok
12:47:27.0718 8548  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:47:27.0718 8548  TDTCP - ok
12:47:27.0764 8548  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:47:27.0764 8548  tdx - ok
12:47:27.0780 8548  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:47:27.0780 8548  TermDD - ok
12:47:27.0842 8548  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
12:47:27.0842 8548  TermService - ok
12:47:27.0889 8548  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
12:47:27.0889 8548  Themes - ok
12:47:27.0936 8548  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
12:47:27.0936 8548  THREADORDER - ok
12:47:28.0045 8548  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
12:47:28.0045 8548  TrkWks - ok
12:47:28.0139 8548  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:47:28.0154 8548  TrustedInstaller - ok
12:47:28.0201 8548  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:47:28.0201 8548  tssecsrv - ok
12:47:28.0248 8548  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:47:28.0248 8548  TsUsbFlt - ok
12:47:28.0310 8548  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:47:28.0310 8548  tunnel - ok
12:47:28.0342 8548  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:47:28.0342 8548  uagp35 - ok
12:47:28.0388 8548  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:47:28.0388 8548  udfs - ok
12:47:28.0420 8548  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:47:28.0420 8548  UI0Detect - ok
12:47:28.0466 8548  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:47:28.0482 8548  uliagpkx - ok
12:47:28.0529 8548  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
12:47:28.0529 8548  umbus - ok
12:47:28.0544 8548  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:47:28.0544 8548  UmPass - ok
12:47:28.0591 8548  [ 6E30C47050124B12D55ECF7F516F28E2 ] Updater Service for AMZN C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe
12:47:28.0841 8548  Updater Service for AMZN - ok
12:47:28.0888 8548  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
12:47:28.0903 8548  upnphost - ok
12:47:28.0950 8548  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
12:47:28.0997 8548  USBAAPL - ok
12:47:29.0044 8548  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:47:29.0044 8548  usbccgp - ok
12:47:29.0059 8548  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:47:29.0059 8548  usbcir - ok
12:47:29.0090 8548  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:47:29.0090 8548  usbehci - ok
12:47:29.0106 8548  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:47:29.0106 8548  usbhub - ok
12:47:29.0122 8548  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
12:47:29.0122 8548  usbohci - ok
12:47:29.0168 8548  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:47:29.0168 8548  usbprint - ok
12:47:29.0184 8548  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:47:29.0200 8548  USBSTOR - ok
12:47:29.0200 8548  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:47:29.0200 8548  usbuhci - ok
12:47:29.0262 8548  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
12:47:29.0262 8548  UxSms - ok
12:47:29.0278 8548  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
12:47:29.0278 8548  VaultSvc - ok
12:47:29.0309 8548  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:47:29.0309 8548  vdrvroot - ok
12:47:29.0371 8548  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
12:47:29.0387 8548  vds - ok
12:47:29.0387 8548  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:47:29.0402 8548  vga - ok
12:47:29.0402 8548  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:47:29.0402 8548  VgaSave - ok
12:47:29.0418 8548  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:47:29.0418 8548  vhdmp - ok
12:47:29.0465 8548  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
12:47:29.0480 8548  viaagp - ok
12:47:29.0496 8548  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
12:47:29.0496 8548  ViaC7 - ok
12:47:29.0527 8548  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
12:47:29.0527 8548  viaide - ok
12:47:29.0543 8548  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:47:29.0543 8548  volmgr - ok
12:47:29.0558 8548  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:47:29.0558 8548  volmgrx - ok
12:47:29.0574 8548  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:47:29.0590 8548  volsnap - ok
12:47:29.0636 8548  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:47:29.0636 8548  vsmraid - ok
12:47:29.0699 8548  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
12:47:29.0714 8548  VSS - ok
12:47:29.0870 8548  [ 222D84CBE6A428A66A513B339EC633C8 ] vToolbarUpdater14.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
12:47:29.0886 8548  vToolbarUpdater14.2.0 - ok
12:47:29.0948 8548  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:47:29.0948 8548  vwifibus - ok
12:47:29.0964 8548  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:47:29.0964 8548  vwififlt - ok
12:47:30.0026 8548  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
12:47:30.0042 8548  W32Time - ok
12:47:30.0058 8548  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:47:30.0058 8548  WacomPen - ok
12:47:30.0104 8548  [ 4AA2CC5979AFF984227364F2C23B04F3 ] WajamUpdater    C:\Program Files\Wajam\Updater\WajamUpdater.exe
12:47:30.0104 8548  WajamUpdater - ok
12:47:30.0151 8548  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:47:30.0151 8548  WANARP - ok
12:47:30.0151 8548  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:47:30.0151 8548  Wanarpv6 - ok
12:47:30.0214 8548  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:47:30.0245 8548  WatAdminSvc - ok
12:47:30.0307 8548  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
12:47:30.0338 8548  wbengine - ok
12:47:30.0401 8548  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:47:30.0401 8548  WbioSrvc - ok
12:47:30.0463 8548  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:47:30.0479 8548  wcncsvc - ok
12:47:30.0494 8548  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:47:30.0510 8548  WcsPlugInService - ok
12:47:30.0541 8548  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:47:30.0541 8548  Wd - ok
12:47:30.0604 8548  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:47:30.0619 8548  Wdf01000 - ok
12:47:30.0650 8548  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:47:30.0666 8548  WdiServiceHost - ok
12:47:30.0666 8548  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:47:30.0666 8548  WdiSystemHost - ok
12:47:30.0728 8548  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
12:47:30.0744 8548  WebClient - ok
12:47:30.0806 8548  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:47:30.0869 8548  Wecsvc - ok
12:47:30.0916 8548  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:47:30.0947 8548  wercplsupport - ok
12:47:31.0056 8548  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:47:31.0056 8548  WerSvc - ok
12:47:31.0150 8548  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:47:31.0150 8548  WfpLwf - ok
12:47:31.0181 8548  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:47:31.0181 8548  WIMMount - ok
12:47:31.0290 8548  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
12:47:31.0306 8548  WinDefend - ok
12:47:31.0321 8548  WinHttpAutoProxySvc - ok
12:47:31.0415 8548  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:47:31.0415 8548  Winmgmt - ok
12:47:31.0493 8548  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
12:47:31.0524 8548  WinRM - ok
12:47:31.0571 8548  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:47:31.0571 8548  WinUsb - ok
12:47:31.0649 8548  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:47:31.0649 8548  Wlansvc - ok
12:47:31.0680 8548  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:47:31.0680 8548  WmiAcpi - ok
12:47:31.0727 8548  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:47:31.0727 8548  wmiApSrv - ok
12:47:31.0836 8548  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
12:47:31.0867 8548  WMPNetworkSvc - ok
12:47:31.0898 8548  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:47:31.0914 8548  WPCSvc - ok
12:47:31.0961 8548  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:47:31.0961 8548  WPDBusEnum - ok
12:47:32.0054 8548  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:47:32.0070 8548  ws2ifsl - ok
12:47:32.0101 8548  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\system32\wscsvc.dll
12:47:32.0101 8548  wscsvc - ok
12:47:32.0101 8548  WSearch - ok
12:47:32.0179 8548  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
12:47:32.0226 8548  wuauserv - ok
12:47:32.0273 8548  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:47:32.0288 8548  WudfPf - ok
12:47:32.0304 8548  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:47:32.0320 8548  WUDFRd - ok
12:47:32.0366 8548  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:47:32.0366 8548  wudfsvc - ok
12:47:32.0382 8548  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:47:32.0382 8548  WwanSvc - ok
12:47:32.0444 8548  [ BFCC507ECA58F11C5FED96E192B878CB ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
12:47:32.0444 8548  XAudio - ok
12:47:32.0460 8548  XAudioService - ok
12:47:32.0491 8548  ================ Scan global ===============================
12:47:32.0538 8548  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
12:47:32.0569 8548  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
12:47:32.0585 8548  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
12:47:32.0632 8548  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
12:47:32.0647 8548  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
12:47:32.0647 8548  [Global] - ok
12:47:32.0647 8548  ================ Scan MBR ==================================
12:47:32.0663 8548  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:47:32.0663 8548  Suspicious mbr (Forged): \Device\Harddisk0\DR0
12:47:32.0694 8548  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
12:47:32.0694 8548  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
12:47:32.0725 8548  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:47:32.0725 8548  \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:47:32.0725 8548  ================ Scan VBR ==================================
12:47:32.0725 8548  [ EE6CC2B71C3E01CCE62F20E024F12689 ] \Device\Harddisk0\DR0\Partition1
12:47:32.0725 8548  \Device\Harddisk0\DR0\Partition1 - ok
12:47:32.0741 8548  [ 0B0DA37ADE752F88D2202D35A96D330D ] \Device\Harddisk0\DR0\Partition2
12:47:32.0741 8548  \Device\Harddisk0\DR0\Partition2 - ok
12:47:32.0741 8548  ============================================================
12:47:32.0741 8548  Scan finished
12:47:32.0741 8548  ============================================================
12:47:32.0756 8340  Detected object count: 2
12:47:32.0756 8340  Actual detected object count: 2
12:48:31.0852 8340  \Device\Harddisk0\DR0\# - copied to quarantine
12:48:31.0977 8340  \Device\Harddisk0\DR0 - copied to quarantine
12:48:33.0833 8340  \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
12:48:33.0958 8340  \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
12:48:34.0021 8340  \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
12:48:34.0317 8340  \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
12:48:34.0411 8340  \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
12:48:34.0520 8340  \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
12:48:34.0535 8340  \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
12:48:34.0567 8340  \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
12:48:34.0832 8340  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
12:48:34.0863 8340  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
12:48:34.0894 8340  \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
12:48:34.0894 8340  \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
12:48:34.0941 8340  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
12:48:34.0941 8340  \Device\Harddisk0\DR0 - ok
12:48:36.0033 8340  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
12:48:36.0033 8340  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:48:36.0033 8340  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
12:48:43.0630 8492  Deinitialize success
 



#9 nwbalddog

nwbalddog
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Snohomish, WA
  • Local time:05:10 PM

Posted 17 March 2013 - 11:19 PM

The log was the wrong ione I posted 1st time for TDSS



Was "malware" MalwareBytes?....Yes



#10 nwbalddog

nwbalddog
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Snohomish, WA
  • Local time:05:10 PM

Posted 17 March 2013 - 11:39 PM

Avira Free Antivirus
Report file date: Sunday, March 17, 2013  21:37


The program is running as an unrestricted full version.
Online services are available.

Licensee        : Avira Free Antivirus
Serial number   : 0000149996-ADJIE-0000001
Platform        : Windows 7 Home Premium
Windows version : (Service Pack 1)  [6.1.7601]
Boot mode       : Normally booted
Username        : Amanda
Computer name   : AMANDA-PC

Version information:
BUILD.DAT       : 13.0.0.3185    47702 Bytes   1/30/2013 10:13:00
AVSCAN.EXE      : 13.6.0.584    640224 Bytes   3/18/2013 04:32:22
AVSCANRC.DLL    : 13.4.0.360     54560 Bytes   3/18/2013 04:32:22
LUKE.DLL        : 13.6.0.602     67808 Bytes   3/18/2013 04:33:08
AVSCPLR.DLL     : 13.6.0.628     94432 Bytes   3/18/2013 04:34:14
AVREG.DLL       : 13.6.0.600    250592 Bytes   3/18/2013 04:34:13
avlode.dll      : 13.6.2.624    434912 Bytes   3/18/2013 04:34:15
avlode.rdf      : 13.0.0.38      15231 Bytes   3/18/2013 04:34:14
VBASE000.VDF    : 7.10.0.0    19875328 Bytes   11/6/2009 04:28:10
VBASE001.VDF    : 7.11.0.0    13342208 Bytes  12/14/2010 04:28:51
VBASE002.VDF    : 7.11.19.170 14374912 Bytes  12/20/2011 04:29:35
VBASE003.VDF    : 7.11.21.238  4472832 Bytes    2/1/2012 04:29:48
VBASE004.VDF    : 7.11.26.44   4329472 Bytes   3/28/2012 04:30:01
VBASE005.VDF    : 7.11.34.116  4034048 Bytes   6/29/2012 04:30:13
VBASE006.VDF    : 7.11.41.250  4902400 Bytes    9/6/2012 04:30:28
VBASE007.VDF    : 7.11.50.230  3904512 Bytes  11/22/2012 04:30:40
VBASE008.VDF    : 7.11.60.10   6627328 Bytes    2/7/2013 04:30:59
VBASE009.VDF    : 7.11.60.11      2048 Bytes    2/7/2013 04:30:59
VBASE010.VDF    : 7.11.60.12      2048 Bytes    2/7/2013 04:30:59
VBASE011.VDF    : 7.11.60.13      2048 Bytes    2/7/2013 04:30:59
VBASE012.VDF    : 7.11.60.14      2048 Bytes    2/7/2013 04:31:00
VBASE013.VDF    : 7.11.60.62    351232 Bytes    2/8/2013 04:31:01
VBASE014.VDF    : 7.11.60.115   190976 Bytes    2/9/2013 04:31:01
VBASE015.VDF    : 7.11.60.177   282624 Bytes   2/11/2013 04:31:02
VBASE016.VDF    : 7.11.60.249   215552 Bytes   2/13/2013 04:31:03
VBASE017.VDF    : 7.11.61.65    151040 Bytes   2/15/2013 04:31:04
VBASE018.VDF    : 7.11.61.135   159232 Bytes   2/18/2013 04:31:04
VBASE019.VDF    : 7.11.61.163   152064 Bytes   2/18/2013 04:31:05
VBASE020.VDF    : 7.11.61.207   164352 Bytes   2/19/2013 04:31:05
VBASE021.VDF    : 7.11.62.43    206336 Bytes   2/21/2013 04:31:06
VBASE022.VDF    : 7.11.64.106  1510912 Bytes   3/11/2013 04:31:11
VBASE023.VDF    : 7.11.64.157   137216 Bytes   3/12/2013 04:31:11
VBASE024.VDF    : 7.11.64.233   159744 Bytes   3/14/2013 04:31:12
VBASE025.VDF    : 7.11.65.19    143360 Bytes   3/15/2013 04:31:12
VBASE026.VDF    : 7.11.65.63    150528 Bytes   3/17/2013 04:31:13
VBASE027.VDF    : 7.11.65.64      2048 Bytes   3/17/2013 04:31:13
VBASE028.VDF    : 7.11.65.65      2048 Bytes   3/17/2013 04:31:13
VBASE029.VDF    : 7.11.65.66      2048 Bytes   3/17/2013 04:31:13
VBASE030.VDF    : 7.11.65.67      2048 Bytes   3/17/2013 04:31:13
VBASE031.VDF    : 7.11.65.70     13312 Bytes   3/17/2013 04:31:14
Engine version  : 8.2.12.16
AEVDF.DLL       : 8.1.2.10      102772 Bytes   3/18/2013 04:31:29
AESCRIPT.DLL    : 8.1.4.98      475516 Bytes   3/18/2013 04:31:29
AESCN.DLL       : 8.1.10.0      131445 Bytes   3/18/2013 04:31:28
AESBX.DLL       : 8.2.5.12      606578 Bytes   3/18/2013 04:31:30
AERDL.DLL       : 8.2.0.88      643444 Bytes   3/18/2013 04:31:28
AEPACK.DLL      : 8.3.2.2       827767 Bytes   3/18/2013 04:31:26
AEOFFICE.DLL    : 8.1.2.56      205180 Bytes   3/18/2013 04:31:25
AEHEUR.DLL      : 8.1.4.248    5804409 Bytes   3/18/2013 04:31:25
AEHELP.DLL      : 8.1.25.2      258423 Bytes   3/18/2013 04:31:17
AEGEN.DLL       : 8.1.6.16      434549 Bytes   3/18/2013 04:31:17
AEEXP.DLL       : 8.4.0.12      192886 Bytes   3/18/2013 04:31:30
AEEMU.DLL       : 8.1.3.2       393587 Bytes   3/18/2013 04:31:16
AECORE.DLL      : 8.1.31.2      201080 Bytes   3/18/2013 04:31:15
AEBB.DLL        : 8.1.1.4        53619 Bytes   3/18/2013 04:31:15
AVWINLL.DLL     : 13.6.0.480     26480 Bytes   3/18/2013 04:27:04
AVPREF.DLL      : 13.6.0.480     51056 Bytes   3/18/2013 04:32:20
AVREP.DLL       : 13.6.0.480    178544 Bytes   3/18/2013 04:34:14
AVARKT.DLL      : 13.6.0.624    260832 Bytes   3/18/2013 04:32:08
AVEVTLOG.DLL    : 13.6.0.600    167648 Bytes   3/18/2013 04:32:14
SQLITE3.DLL     : 3.7.0.1       397704 Bytes   3/18/2013 04:33:39
AVSMTP.DLL      : 13.6.0.480     62832 Bytes   3/18/2013 04:32:25
NETNT.DLL       : 13.6.0.480     16240 Bytes   3/18/2013 04:33:21
RCIMAGE.DLL     : 13.4.0.360   4782880 Bytes   3/18/2013 04:27:06
RCTEXT.DLL      : 13.6.0.480     66928 Bytes   3/18/2013 04:27:07

Configuration settings for the scan:
Jobname.............................: Quick system scan
Configuration file..................: c:\program files\avira\antivir desktop\quicksysscan.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended

Start of the scan: Sunday, March 17, 2013  21:37

Starting master boot sector scan:
Master boot sector HD0
    [INFO]      No virus was found!

Start scanning boot sectors:

The scan of running processes will be started:
Scan process 'svchost.exe' - '9' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '39' Module(s) have been scanned
Scan process 'avscan.exe' - '100' Module(s) have been scanned
Scan process 'avcenter.exe' - '64' Module(s) have been scanned
Scan process 'iexplore.exe' - '124' Module(s) have been scanned
Scan process 'avconfig.exe' - '73' Module(s) have been scanned
Scan process 'avgnt.exe' - '78' Module(s) have been scanned
Scan process 'sched.exe' - '40' Module(s) have been scanned
Scan process 'avshadow.exe' - '22' Module(s) have been scanned
Scan process 'avguard.exe' - '83' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '28' Module(s) have been scanned
Scan process 'setup.exe' - '99' Module(s) have been scanned
Scan process 'presetup.exe' - '48' Module(s) have been scanned
Scan process 'hphc_service.exe' - '31' Module(s) have been scanned
Scan process 'avwebloader.exe' - '82' Module(s) have been scanned
Scan process 'avira_free_antivirus.exe' - '39' Module(s) have been scanned
Scan process 'iexplore.exe' - '133' Module(s) have been scanned
Scan process 'FlashUtil32_11_6_602_180_ActiveX.exe' - '57' Module(s) have been scanned
Scan process 'GoogleToolbarUser_32.exe' - '79' Module(s) have been scanned
Scan process 'iexplore.exe' - '135' Module(s) have been scanned
Scan process 'iexplore.exe' - '155' Module(s) have been scanned
Scan process 'TrustedInstaller.exe' - '47' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '114' Module(s) have been scanned
Scan process 'NisSrv.exe' - '42' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '59' Module(s) have been scanned
Scan process 'iPodService.exe' - '33' Module(s) have been scanned
Scan process 'DVDAgent.exe' - '58' Module(s) have been scanned
Scan process 'sidebar.exe' - '100' Module(s) have been scanned
Scan process 'jusched.exe' - '24' Module(s) have been scanned
Scan process 'msseces.exe' - '50' Module(s) have been scanned
Scan process 'avgtray.exe' - '45' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '73' Module(s) have been scanned
Scan process 'vprot.exe' - '62' Module(s) have been scanned
Scan process 'SendoriTray.exe' - '38' Module(s) have been scanned
Scan process 'realsched.exe' - '39' Module(s) have been scanned
Scan process 'nmctxth.exe' - '62' Module(s) have been scanned
Scan process 'LinksysWirelessManager.exe' - '57' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '13' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '18' Module(s) have been scanned
Scan process 'bcmwltry.exe' - '58' Module(s) have been scanned
Scan process 'taskhost.exe' - '55' Module(s) have been scanned
Scan process 'Explorer.EXE' - '181' Module(s) have been scanned
Scan process 'Dwm.exe' - '42' Module(s) have been scanned
Scan process 'mbamgui.exe' - '34' Module(s) have been scanned
Scan process 'SendoriUp.exe' - '53' Module(s) have been scanned
Scan process 'unsecapp.exe' - '27' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '61' Module(s) have been scanned
Scan process 'nmsrvc.exe' - '100' Module(s) have been scanned
Scan process 'SendoriSvc.exe' - '58' Module(s) have been scanned
Scan process 'Sendori.Service.exe' - '97' Module(s) have been scanned
Scan process 'xaudio.exe' - '17' Module(s) have been scanned
Scan process 'ToolbarUpdater.exe' - '28' Module(s) have been scanned
Scan process 'conhost.exe' - '14' Module(s) have been scanned
Scan process 'ToolbarUpdaterService.exe' - '33' Module(s) have been scanned
Scan process 'java.exe' - '58' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'sndappv2.exe' - '39' Module(s) have been scanned
Scan process 'mbamservice.exe' - '41' Module(s) have been scanned
Scan process 'mbamscheduler.exe' - '32' Module(s) have been scanned
Scan process 'LinksysUpdater.exe' - '50' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '23' Module(s) have been scanned
Scan process 'svchost.exe' - '74' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '39' Module(s) have been scanned
Scan process 'avgwdsvc.exe' - '61' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '66' Module(s) have been scanned
Scan process 'agrsmsvc.exe' - '15' Module(s) have been scanned
Scan process 'armsvc.exe' - '23' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '26' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'spoolsv.exe' - '95' Module(s) have been scanned
Scan process 'svchost.exe' - '91' Module(s) have been scanned
Scan process 'svchost.exe' - '84' Module(s) have been scanned
Scan process 'svchost.exe' - '171' Module(s) have been scanned
Scan process 'svchost.exe' - '102' Module(s) have been scanned
Scan process 'svchost.exe' - '83' Module(s) have been scanned
Scan process 'MsMpEng.exe' - '61' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'lsass.exe' - '63' Module(s) have been scanned
Scan process 'services.exe' - '40' Module(s) have been scanned
Scan process 'winlogon.exe' - '32' Module(s) have been scanned
Scan process 'csrss.exe' - '16' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting to scan executable files (registry):
The registry was scanned ( '2153' files ).

 

End of the scan: Sunday, March 17, 2013  21:38
Used time: 00:57 Minute(s)

The scan has been done completely.

      0 Scanned directories
   2970 Files were scanned
      0 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 Files were deleted
      0 Viruses and unwanted programs were repaired
      0 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
   2970 Files not concerned
     19 Archives were scanned
      0 Warnings
      0 Notes



#11 nwbalddog

nwbalddog
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Snohomish, WA
  • Local time:05:10 PM

Posted 17 March 2013 - 11:48 PM

Thanks, I assume I should remove one or more of the AVG, Microsft essentials, etc...and if so, what is the cleanest way to remove, unistall has been unsuccesful for some,  which one should I retain?



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,534 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:10 PM

Posted 18 March 2013 - 11:01 AM

Ok, yes that the log I needed. We got most of it.

 

Rerun TDSS and change the option on these to either Cure or delete

12:48:36.0033 8340  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:48:36.0033 8340  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

 

 

We did remove with this step...

Please Un-install Java™ 6 Update 30 (Version: 6.0.300), AVG and TrendMicro thru Control Panel, Programs, Uninistall.

Reboot

 

You now have Avira .. If you want MSE then Uninstall Avira and keep MSE.

 

How is it running now?


Edited by boopme, 18 March 2013 - 11:03 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users