Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Yahoo Email virus??? What to do


  • Please log in to reply
17 replies to this topic

#1 Theresa R

Theresa R

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 22 March 2013 - 02:46 PM

Received an email from my parents yahoo email.  It contained a link.  I clicked on the link which took me to an advertisement page.   

 

Contacted my parents and they confirmed that their yahoo email account was hijacked.  I found instructions on how to view recent sign on activity.  My question is:  If I do not have a yahoo email account (I currently run Outlook with an old AOL email account and a gmail account attached) and am running Norton Intenet Security - did I get a virus anyway?  I ran a Norton full scan and it did not find anything. Thanks for your help     

 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:49 PM

Posted 22 March 2013 - 07:54 PM

Welcome Theresa

 

This line.. I clicked on the link which took me to an advertisement page.   Indicates to me you open the malware executable as it redirected you to some where else, a browser hijack..

 

Lets run these...

 

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.

 

 

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

 

 

>>>>>

 

Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Theresa R

Theresa R
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 23 March 2013 - 08:43 AM

Toolkit results

MiniToolBox by Farbar  Version:05-03-2013
Ran by Theresa (administrator) on 23-03-2013 at 09:38:53
Running from "C:\Users\Theresa\Downloads"
Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

 

========================= IP Configuration: ================================

Linksys AE2500 = Wireless Network Connection (Connected)
Broadcom NetXtreme 57xx Gigabit Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Theresa-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Linksys AE2500
   Physical Address. . . . . . . . . : 58-6D-8F-EE-15-23
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::6121:cb2:7758:f5f%17(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.10(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, March 13, 2013 3:25:03 AM
   Lease Expires . . . . . . . . . . : Sunday, March 24, 2013 3:25:02 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 374893967
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-6F-36-70-00-19-B9-34-16-07
   DNS Servers . . . . . . . . . . . : 192.168.1.1
                                       71.250.0.12
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller
   Physical Address. . . . . . . . . : 00-19-B9-34-16-07
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:38ab:231e:9f0d:a8c6(Preferred)
   Link-local IPv6 Address . . . . . : fe80::38ab:231e:9f0d:a8c6%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4006:800::1003
   173.194.43.32
   173.194.43.36
   173.194.43.35
   173.194.43.38
   173.194.43.37
   173.194.43.39
   173.194.43.40
   173.194.43.41
   173.194.43.34
   173.194.43.46
   173.194.43.33


Pinging google.com [173.194.43.0] with 32 bytes of data:
Reply from 173.194.43.0: bytes=32 time=9ms TTL=251
Reply from 173.194.43.0: bytes=32 time=10ms TTL=251

Ping statistics for 173.194.43.0:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 9ms, Maximum = 10ms, Average = 9ms
Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.139.183.24
   98.138.253.109
   206.190.36.45


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=579ms TTL=50
Reply from 98.138.253.109: bytes=32 time=799ms TTL=249

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 579ms, Maximum = 799ms, Average = 689ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 17...58 6d 8f ee 15 23 ......Linksys AE2500
 10...00 19 b9 34 16 07 ......Broadcom NetXtreme 57xx Gigabit Controller
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 15...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.10     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.10    281
     192.168.1.10  255.255.255.255         On-link      192.168.1.10    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.10    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.10    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.10    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:9d38:6ab8:38ab:231e:9f0d:a8c6/128
                                    On-link
 17    281 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::38ab:231e:9f0d:a8c6/128
                                    On-link
 17    281 fe80::6121:cb2:7758:f5f/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 17    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/22/2013 07:11:43 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/22/2013 00:50:14 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/21/2013 05:41:14 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/20/2013 10:50:32 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/19/2013 03:36:52 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/18/2013 08:09:25 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/18/2013 01:43:35 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/17/2013 06:30:16 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/16/2013 11:55:20 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/20/2013 10:51:12 AM) (Source: DCOM) (User: Theresa-PC)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Theresa-PCTheresaS-1-5-21-934021220-3246597124-4072488087-1001LocalHost (Using LRPC)

Error: (03/20/2013 10:49:55 AM) (Source: DCOM) (User: Theresa-PC)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Theresa-PCTheresaS-1-5-21-934021220-3246597124-4072488087-1001LocalHost (Using LRPC)

Error: (03/20/2013 10:42:54 AM) (Source: DCOM) (User: Theresa-PC)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Theresa-PCTheresaS-1-5-21-934021220-3246597124-4072488087-1001LocalHost (Using LRPC)

Error: (03/20/2013 10:41:47 AM) (Source: DCOM) (User: Theresa-PC)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Theresa-PCTheresaS-1-5-21-934021220-3246597124-4072488087-1001LocalHost (Using LRPC)

Error: (03/18/2013 11:06:11 AM) (Source: DCOM) (User: Theresa-PC)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Theresa-PCTheresaS-1-5-21-934021220-3246597124-4072488087-1001LocalHost (Using LRPC)

Error: (03/18/2013 11:05:21 AM) (Source: DCOM) (User: Theresa-PC)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Theresa-PCTheresaS-1-5-21-934021220-3246597124-4072488087-1001LocalHost (Using LRPC)

Error: (03/18/2013 09:25:54 AM) (Source: DCOM) (User: Theresa-PC)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Theresa-PCTheresaS-1-5-21-934021220-3246597124-4072488087-1001LocalHost (Using LRPC)

Error: (03/18/2013 09:24:30 AM) (Source: DCOM) (User: Theresa-PC)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Theresa-PCTheresaS-1-5-21-934021220-3246597124-4072488087-1001LocalHost (Using LRPC)

Error: (03/18/2013 09:23:45 AM) (Source: DCOM) (User: Theresa-PC)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Theresa-PCTheresaS-1-5-21-934021220-3246597124-4072488087-1001LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================
Error: (03/22/2013 07:11:43 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (03/22/2013 00:50:14 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (03/21/2013 05:41:14 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (03/20/2013 10:50:32 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (03/19/2013 03:36:52 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (03/18/2013 08:09:25 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (03/18/2013 01:43:35 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (03/17/2013 06:30:16 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (03/16/2013 11:55:20 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (03/15/2013 04:06:27 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005



#4 Theresa R

Theresa R
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 23 March 2013 - 08:45 AM

09:31:16.0493 34228  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:31:16.0961 34228  ============================================================
09:31:16.0961 34228  Current date / time: 2013/03/23 09:31:16.0961
09:31:16.0961 34228  SystemInfo:
09:31:16.0961 34228 
09:31:16.0961 34228  OS Version: 6.1.7601 ServicePack: 1.0
09:31:16.0961 34228  Product type: Workstation
09:31:16.0961 34228  ComputerName: THERESA-PC
09:31:16.0961 34228  UserName: Theresa
09:31:16.0961 34228  Windows directory: C:\Windows
09:31:16.0961 34228  System windows directory: C:\Windows
09:31:16.0961 34228  Processor architecture: Intel x86
09:31:16.0961 34228  Number of processors: 2
09:31:16.0961 34228  Page size: 0x1000
09:31:16.0961 34228  Boot type: Normal boot
09:31:16.0961 34228  ============================================================
09:31:18.0443 34228  Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:31:18.0443 34228  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:31:18.0723 34228  ============================================================
09:31:18.0723 34228  \Device\Harddisk0\DR0:
09:31:18.0723 34228  MBR partitions:
09:31:18.0723 34228  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:31:18.0723 34228  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D176000
09:31:18.0723 34228  \Device\Harddisk1\DR1:
09:31:18.0755 34228  MBR partitions:
09:31:18.0755 34228  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A380D41
09:31:18.0755 34228  ============================================================
09:31:18.0786 34228  C: <-> \Device\Harddisk0\DR0\Partition2
09:31:18.0786 34228  G: <-> \Device\Harddisk1\DR1\Partition1
09:31:18.0786 34228  ============================================================
09:31:18.0786 34228  Initialize success
09:31:18.0786 34228  ============================================================
09:31:36.0181 7804  ============================================================
09:31:36.0181 7804  Scan started
09:31:36.0181 7804  Mode: Manual;
09:31:36.0181 7804  ============================================================
09:31:38.0240 7804  ================ Scan system memory ========================
09:31:38.0240 7804  System memory - ok
09:31:38.0256 7804  ================ Scan services =============================
09:31:38.0381 7804  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:31:38.0381 7804  1394ohci - ok
09:31:38.0427 7804  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:31:38.0427 7804  ACPI - ok
09:31:38.0474 7804  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:31:38.0474 7804  AcpiPmi - ok
09:31:38.0599 7804  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:31:38.0599 7804  AdobeARMservice - ok
09:31:38.0693 7804  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:31:38.0708 7804  AdobeFlashPlayerUpdateSvc - ok
09:31:38.0739 7804  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
09:31:38.0755 7804  adp94xx - ok
09:31:38.0755 7804  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
09:31:38.0755 7804  adpahci - ok
09:31:38.0771 7804  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
09:31:38.0771 7804  adpu320 - ok
09:31:38.0802 7804  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:31:38.0802 7804  AeLookupSvc - ok
09:31:38.0849 7804  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
09:31:38.0849 7804  AFD - ok
09:31:38.0895 7804  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
09:31:38.0895 7804  agp440 - ok
09:31:38.0927 7804  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
09:31:38.0927 7804  aic78xx - ok
09:31:38.0958 7804  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
09:31:38.0958 7804  ALG - ok
09:31:38.0973 7804  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:31:38.0973 7804  aliide - ok
09:31:38.0973 7804  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
09:31:38.0973 7804  amdagp - ok
09:31:38.0989 7804  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:31:39.0005 7804  amdide - ok
09:31:39.0020 7804  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
09:31:39.0020 7804  AmdK8 - ok
09:31:39.0036 7804  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
09:31:39.0036 7804  AmdPPM - ok
09:31:39.0067 7804  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:31:39.0067 7804  amdsata - ok
09:31:39.0083 7804  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
09:31:39.0083 7804  amdsbs - ok
09:31:39.0098 7804  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:31:39.0098 7804  amdxata - ok
09:31:39.0207 7804  [ 85180CF88C5EBAD73B452A43A004CA51 ] AOL ACS         C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
09:31:39.0207 7804  AOL ACS - ok
09:31:39.0239 7804  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
09:31:39.0239 7804  AppID - ok
09:31:39.0270 7804  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:31:39.0270 7804  AppIDSvc - ok
09:31:39.0301 7804  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
09:31:39.0301 7804  Appinfo - ok
09:31:39.0379 7804  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:31:39.0379 7804  Apple Mobile Device - ok
09:31:39.0426 7804  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
09:31:39.0426 7804  AppMgmt - ok
09:31:39.0457 7804  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
09:31:39.0457 7804  arc - ok
09:31:39.0473 7804  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
09:31:39.0473 7804  arcsas - ok
09:31:39.0597 7804  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:31:39.0613 7804  aspnet_state - ok
09:31:39.0644 7804  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:31:39.0644 7804  AsyncMac - ok
09:31:39.0675 7804  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
09:31:39.0675 7804  atapi - ok
09:31:39.0816 7804  [ 712D8A95E45B070114C5309ADA7358FF ] atikmdag        C:\Windows\system32\drivers\atikmdag.sys
09:31:39.0863 7804  atikmdag - ok
09:31:39.0925 7804  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:31:39.0925 7804  AudioEndpointBuilder - ok
09:31:39.0941 7804  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
09:31:39.0941 7804  Audiosrv - ok
09:31:39.0972 7804  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:31:39.0972 7804  AxInstSV - ok
09:31:40.0003 7804  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
09:31:40.0019 7804  b06bdrv - ok
09:31:40.0050 7804  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
09:31:40.0050 7804  b57nd60x - ok
09:31:40.0065 7804  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:31:40.0081 7804  BDESVC - ok
09:31:40.0081 7804  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:31:40.0097 7804  Beep - ok
09:31:40.0128 7804  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
09:31:40.0128 7804  BFE - ok
09:31:40.0362 7804  [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20130301.001\BHDrvx86.sys
09:31:40.0362 7804  BHDrvx86 - ok
09:31:40.0409 7804  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
09:31:40.0424 7804  BITS - ok
09:31:40.0440 7804  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:31:40.0440 7804  blbdrive - ok
09:31:40.0518 7804  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:31:40.0533 7804  Bonjour Service - ok
09:31:40.0580 7804  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:31:40.0580 7804  bowser - ok
09:31:40.0596 7804  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:31:40.0596 7804  BrFiltLo - ok
09:31:40.0611 7804  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:31:40.0611 7804  BrFiltUp - ok
09:31:40.0643 7804  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
09:31:40.0643 7804  Browser - ok
09:31:40.0658 7804  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:31:40.0674 7804  Brserid - ok
09:31:40.0689 7804  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:31:40.0689 7804  BrSerWdm - ok
09:31:40.0705 7804  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:31:40.0705 7804  BrUsbMdm - ok
09:31:40.0721 7804  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:31:40.0721 7804  BrUsbSer - ok
09:31:40.0736 7804  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
09:31:40.0736 7804  BTHMODEM - ok
09:31:40.0767 7804  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
09:31:40.0767 7804  bthserv - ok
09:31:40.0861 7804  [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_NIS       C:\Windows\system32\drivers\NIS\1403000.024\ccSetx86.sys
09:31:40.0861 7804  ccSet_NIS - ok
09:31:40.0892 7804  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:31:40.0892 7804  cdfs - ok
09:31:40.0939 7804  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
09:31:40.0955 7804  cdrom - ok
09:31:41.0001 7804  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
09:31:41.0001 7804  CertPropSvc - ok
09:31:41.0017 7804  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
09:31:41.0017 7804  circlass - ok
09:31:41.0048 7804  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
09:31:41.0048 7804  CLFS - ok
09:31:41.0095 7804  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:31:41.0095 7804  clr_optimization_v2.0.50727_32 - ok
09:31:41.0142 7804  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:31:41.0173 7804  clr_optimization_v4.0.30319_32 - ok
09:31:41.0189 7804  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:31:41.0189 7804  CmBatt - ok
09:31:41.0220 7804  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:31:41.0220 7804  cmdide - ok
09:31:41.0251 7804  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
09:31:41.0267 7804  CNG - ok
09:31:41.0282 7804  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:31:41.0282 7804  Compbatt - ok
09:31:41.0329 7804  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
09:31:41.0329 7804  CompositeBus - ok
09:31:41.0345 7804  COMSysApp - ok
09:31:41.0360 7804  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
09:31:41.0360 7804  crcdisk - ok
09:31:41.0423 7804  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:31:41.0423 7804  CryptSvc - ok
09:31:41.0454 7804  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC             C:\Windows\system32\drivers\csc.sys
09:31:41.0469 7804  CSC - ok
09:31:41.0516 7804  [ 15F93B37F6801943360D9EB42485D5D3 ] CscService      C:\Windows\System32\cscsvc.dll
09:31:41.0516 7804  CscService - ok
09:31:41.0594 7804  [ 7CAAF4AF453EF3582FEF65DD72CAA0AA ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
09:31:41.0594 7804  dc3d - ok
09:31:41.0610 7804  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:31:41.0610 7804  DcomLaunch - ok
09:31:41.0641 7804  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
09:31:41.0641 7804  defragsvc - ok
09:31:41.0688 7804  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:31:41.0688 7804  DfsC - ok
09:31:41.0719 7804  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:31:41.0719 7804  Dhcp - ok
09:31:41.0735 7804  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
09:31:41.0735 7804  discache - ok
09:31:41.0766 7804  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
09:31:41.0766 7804  Disk - ok
09:31:41.0797 7804  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:31:41.0797 7804  Dnscache - ok
09:31:41.0844 7804  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:31:41.0844 7804  dot3svc - ok
09:31:41.0875 7804  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
09:31:41.0891 7804  DPS - ok
09:31:41.0906 7804  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:31:41.0906 7804  drmkaud - ok
09:31:41.0953 7804  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:31:41.0969 7804  DXGKrnl - ok
09:31:41.0984 7804  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
09:31:41.0984 7804  EapHost - ok
09:31:42.0078 7804  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
09:31:42.0125 7804  ebdrv - ok
09:31:42.0203 7804  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
09:31:42.0203 7804  eeCtrl - ok
09:31:42.0234 7804  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
09:31:42.0249 7804  EFS - ok
09:31:42.0312 7804  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:31:42.0312 7804  ehRecvr - ok
09:31:42.0343 7804  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
09:31:42.0343 7804  ehSched - ok
09:31:42.0374 7804  [ 44996A2ADDD2DB7454F2CA40B67D8941 ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
09:31:42.0374 7804  ElbyCDIO - ok
09:31:42.0421 7804  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
09:31:42.0421 7804  elxstor - ok
09:31:42.0483 7804  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:31:42.0483 7804  EraserUtilRebootDrv - ok
09:31:42.0515 7804  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:31:42.0515 7804  ErrDev - ok
09:31:42.0561 7804  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
09:31:42.0561 7804  EventSystem - ok
09:31:42.0593 7804  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
09:31:42.0593 7804  exfat - ok
09:31:42.0608 7804  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:31:42.0608 7804  fastfat - ok
09:31:42.0671 7804  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
09:31:42.0671 7804  Fax - ok
09:31:42.0686 7804  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
09:31:42.0686 7804  fdc - ok
09:31:42.0717 7804  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
09:31:42.0717 7804  fdPHost - ok
09:31:42.0717 7804  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
09:31:42.0717 7804  FDResPub - ok
09:31:42.0733 7804  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:31:42.0733 7804  FileInfo - ok
09:31:42.0749 7804  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:31:42.0749 7804  Filetrace - ok
09:31:42.0764 7804  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
09:31:42.0764 7804  flpydisk - ok
09:31:42.0795 7804  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:31:42.0795 7804  FltMgr - ok
09:31:42.0858 7804  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\Windows\system32\FntCache.dll
09:31:42.0873 7804  FontCache - ok
09:31:42.0920 7804  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:31:42.0920 7804  FontCache3.0.0.0 - ok
09:31:42.0936 7804  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:31:42.0936 7804  FsDepends - ok
09:31:42.0951 7804  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:31:42.0951 7804  Fs_Rec - ok
09:31:42.0998 7804  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:31:43.0014 7804  fvevol - ok
09:31:43.0029 7804  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
09:31:43.0029 7804  gagp30kx - ok
09:31:43.0076 7804  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:31:43.0076 7804  GEARAspiWDM - ok
09:31:43.0123 7804  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:31:43.0139 7804  gpsvc - ok
09:31:43.0170 7804  [ 6003BC70F1A8307262BD3C941BDA0B7E ] grmnusb         C:\Windows\system32\drivers\grmnusb.sys
09:31:43.0170 7804  grmnusb - ok
09:31:43.0263 7804  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
09:31:43.0263 7804  gupdate - ok
09:31:43.0263 7804  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
09:31:43.0263 7804  gupdatem - ok
09:31:43.0310 7804  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:31:43.0310 7804  gusvc - ok
09:31:43.0326 7804  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:31:43.0326 7804  hcw85cir - ok
09:31:43.0373 7804  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:31:43.0388 7804  HdAudAddService - ok
09:31:43.0419 7804  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
09:31:43.0419 7804  HDAudBus - ok
09:31:43.0451 7804  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
09:31:43.0451 7804  HidBatt - ok
09:31:43.0466 7804  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
09:31:43.0466 7804  HidBth - ok
09:31:43.0482 7804  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
09:31:43.0482 7804  HidIr - ok
09:31:43.0513 7804  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
09:31:43.0513 7804  hidserv - ok
09:31:43.0560 7804  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:31:43.0560 7804  HidUsb - ok
09:31:43.0591 7804  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:31:43.0591 7804  hkmsvc - ok
09:31:43.0622 7804  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:31:43.0638 7804  HomeGroupListener - ok
09:31:43.0669 7804  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:31:43.0669 7804  HomeGroupProvider - ok
09:31:43.0700 7804  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:31:43.0716 7804  HpSAMD - ok
09:31:43.0763 7804  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:31:43.0778 7804  HTTP - ok
09:31:43.0809 7804  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:31:43.0809 7804  hwpolicy - ok
09:31:43.0856 7804  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
09:31:43.0856 7804  i8042prt - ok
09:31:43.0872 7804  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:31:43.0887 7804  iaStorV - ok
09:31:43.0934 7804  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:31:43.0950 7804  idsvc - ok
09:31:44.0059 7804  [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20130322.001\IDSvix86.sys
09:31:44.0075 7804  IDSVix86 - ok
09:31:44.0106 7804  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
09:31:44.0106 7804  iirsp - ok
09:31:44.0168 7804  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
09:31:44.0168 7804  IKEEXT - ok
09:31:44.0215 7804  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:31:44.0215 7804  intelide - ok
09:31:44.0231 7804  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:31:44.0231 7804  intelppm - ok
09:31:44.0309 7804  [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
09:31:44.0309 7804  IntuitUpdateService - ok
09:31:44.0387 7804  [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
09:31:44.0387 7804  IntuitUpdateServiceV4 - ok
09:31:44.0418 7804  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:31:44.0418 7804  IPBusEnum - ok
09:31:44.0433 7804  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:31:44.0433 7804  IpFilterDriver - ok
09:31:44.0480 7804  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:31:44.0496 7804  iphlpsvc - ok
09:31:44.0527 7804  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:31:44.0527 7804  IPMIDRV - ok
09:31:44.0543 7804  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:31:44.0543 7804  IPNAT - ok
09:31:44.0589 7804  [ E46B17060D3962A384AE484094614788 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:31:44.0605 7804  iPod Service - ok
09:31:44.0636 7804  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:31:44.0636 7804  IRENUM - ok
09:31:44.0636 7804  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:31:44.0652 7804  isapnp - ok
09:31:44.0667 7804  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:31:44.0667 7804  iScsiPrt - ok
09:31:44.0683 7804  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:31:44.0683 7804  kbdclass - ok
09:31:44.0730 7804  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:31:44.0730 7804  kbdhid - ok
09:31:44.0745 7804  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
09:31:44.0745 7804  KeyIso - ok
09:31:44.0777 7804  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:31:44.0777 7804  KSecDD - ok
09:31:44.0823 7804  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:31:44.0823 7804  KSecPkg - ok
09:31:44.0855 7804  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:31:44.0855 7804  KtmRm - ok
09:31:44.0901 7804  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:31:44.0917 7804  LanmanServer - ok
09:31:44.0948 7804  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:31:44.0948 7804  LanmanWorkstation - ok
09:31:45.0011 7804  [ A6E0D6305D1125AEAFD279AE60FEB07B ] Linksys_adapter_H C:\Windows\system32\DRIVERS\AE2500w7.sys
09:31:45.0026 7804  Linksys_adapter_H - ok
09:31:45.0073 7804  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:31:45.0073 7804  lltdio - ok
09:31:45.0104 7804  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:31:45.0104 7804  lltdsvc - ok
09:31:45.0120 7804  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:31:45.0120 7804  lmhosts - ok
09:31:45.0151 7804  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
09:31:45.0151 7804  LSI_FC - ok
09:31:45.0167 7804  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
09:31:45.0167 7804  LSI_SAS - ok
09:31:45.0182 7804  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:31:45.0182 7804  LSI_SAS2 - ok
09:31:45.0198 7804  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:31:45.0198 7804  LSI_SCSI - ok
09:31:45.0213 7804  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
09:31:45.0213 7804  luafv - ok
09:31:45.0260 7804  [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS            C:\Windows\system32\DRIVERS\lvrs.sys
09:31:45.0260 7804  LVRS - ok
09:31:45.0416 7804  [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC           C:\Windows\system32\DRIVERS\lvuvc.sys
09:31:45.0463 7804  LVUVC - ok
09:31:45.0557 7804  [ 1F37F74E1F719B0D75F0398F1F397F66 ] lxedCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxedserv.exe
09:31:45.0557 7804  lxedCATSCustConnectService - ok
09:31:45.0557 7804  lxed_device - ok
09:31:45.0588 7804  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:31:45.0603 7804  Mcx2Svc - ok
09:31:45.0650 7804  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
09:31:45.0650 7804  MDM - ok
09:31:45.0666 7804  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
09:31:45.0666 7804  megasas - ok
09:31:45.0713 7804  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
09:31:45.0713 7804  MegaSR - ok
09:31:45.0806 7804  [ D184AA8D7A1B3AA94508BA6C0BCC3BD6 ] MemeoBackgroundService C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe
09:31:45.0806 7804  MemeoBackgroundService - ok
09:31:45.0837 7804  Microsoft SharePoint Workspace Audit Service - ok
09:31:45.0869 7804  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
09:31:45.0869 7804  MMCSS - ok
09:31:45.0884 7804  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
09:31:45.0884 7804  Modem - ok
09:31:45.0915 7804  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:31:45.0915 7804  monitor - ok
09:31:45.0931 7804  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:31:45.0931 7804  mouclass - ok
09:31:45.0962 7804  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:31:45.0962 7804  mouhid - ok
09:31:45.0993 7804  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:31:45.0993 7804  mountmgr - ok
09:31:46.0040 7804  [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:31:46.0040 7804  MozillaMaintenance - ok
09:31:46.0071 7804  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:31:46.0071 7804  mpio - ok
09:31:46.0087 7804  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:31:46.0087 7804  mpsdrv - ok
09:31:46.0134 7804  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:31:46.0149 7804  MpsSvc - ok
09:31:46.0181 7804  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:31:46.0181 7804  MRxDAV - ok
09:31:46.0227 7804  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:31:46.0227 7804  mrxsmb - ok
09:31:46.0274 7804  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:31:46.0274 7804  mrxsmb10 - ok
09:31:46.0290 7804  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:31:46.0290 7804  mrxsmb20 - ok
09:31:46.0321 7804  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
09:31:46.0321 7804  msahci - ok
09:31:46.0415 7804  [ 7A0BD2093B09FBDC555CE707A26756AB ] MsDepSvc        C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
09:31:46.0415 7804  MsDepSvc - ok
09:31:46.0446 7804  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:31:46.0446 7804  msdsm - ok
09:31:46.0477 7804  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
09:31:46.0477 7804  MSDTC - ok
09:31:46.0508 7804  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:31:46.0508 7804  Msfs - ok
09:31:46.0524 7804  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:31:46.0524 7804  mshidkmdf - ok
09:31:46.0555 7804  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:31:46.0555 7804  msisadrv - ok
09:31:46.0602 7804  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:31:46.0602 7804  MSiSCSI - ok
09:31:46.0602 7804  msiserver - ok
09:31:46.0633 7804  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:31:46.0633 7804  MSKSSRV - ok
09:31:46.0649 7804  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:31:46.0649 7804  MSPCLOCK - ok
09:31:46.0664 7804  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:31:46.0664 7804  MSPQM - ok
09:31:46.0695 7804  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:31:46.0695 7804  MsRPC - ok
09:31:46.0695 7804  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
09:31:46.0695 7804  mssmbios - ok
09:31:46.0789 7804  MSSQL$SQLEXPRESS - ok
09:31:46.0867 7804  [ 8E8E74C953EB0C4F8828D99D6F27FD6F ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
09:31:46.0883 7804  MSSQLServerADHelper100 - ok
09:31:46.0883 7804  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:31:46.0898 7804  MSTEE - ok
09:31:46.0898 7804  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
09:31:46.0898 7804  MTConfig - ok
09:31:46.0914 7804  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
09:31:46.0914 7804  Mup - ok
09:31:46.0961 7804  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
09:31:46.0961 7804  napagent - ok
09:31:46.0992 7804  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:31:46.0992 7804  NativeWifiP - ok
09:31:47.0070 7804  [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130322.032\NAVENG.SYS
09:31:47.0070 7804  NAVENG - ok
09:31:47.0117 7804  [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130322.032\NAVEX15.SYS
09:31:47.0132 7804  NAVEX15 - ok
09:31:47.0195 7804  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:31:47.0210 7804  NDIS - ok
09:31:47.0226 7804  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:31:47.0226 7804  NdisCap - ok
09:31:47.0257 7804  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:31:47.0257 7804  NdisTapi - ok
09:31:47.0288 7804  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:31:47.0288 7804  Ndisuio - ok
09:31:47.0335 7804  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:31:47.0335 7804  NdisWan - ok
09:31:47.0366 7804  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:31:47.0366 7804  NDProxy - ok
09:31:47.0382 7804  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:31:47.0382 7804  NetBIOS - ok
09:31:47.0429 7804  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:31:47.0429 7804  NetBT - ok
09:31:47.0444 7804  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
09:31:47.0444 7804  Netlogon - ok
09:31:47.0475 7804  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
09:31:47.0491 7804  Netman - ok
09:31:47.0522 7804  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:31:47.0522 7804  NetMsmqActivator - ok
09:31:47.0538 7804  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:31:47.0538 7804  NetPipeActivator - ok
09:31:47.0553 7804  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
09:31:47.0553 7804  netprofm - ok
09:31:47.0569 7804  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:31:47.0569 7804  NetTcpActivator - ok
09:31:47.0569 7804  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:31:47.0569 7804  NetTcpPortSharing - ok
09:31:47.0600 7804  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
09:31:47.0600 7804  nfrd960 - ok
09:31:47.0678 7804  [ 241BD3019FB31E812A51B31B06906335 ] NIS             C:\Program Files\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe
09:31:47.0678 7804  NIS - ok
09:31:47.0709 7804  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:31:47.0725 7804  NlaSvc - ok
09:31:47.0741 7804  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:31:47.0741 7804  Npfs - ok
09:31:47.0756 7804  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
09:31:47.0756 7804  nsi - ok
09:31:47.0772 7804  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:31:47.0772 7804  nsiproxy - ok
09:31:47.0834 7804  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:31:47.0850 7804  Ntfs - ok
09:31:47.0850 7804  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
09:31:47.0865 7804  Null - ok
09:31:47.0881 7804  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:31:47.0881 7804  nvraid - ok
09:31:47.0912 7804  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:31:47.0912 7804  nvstor - ok
09:31:47.0928 7804  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:31:47.0928 7804  nv_agp - ok
09:31:47.0959 7804  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:31:47.0975 7804  ohci1394 - ok
09:31:47.0990 7804  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:31:48.0006 7804  ose - ok
09:31:48.0177 7804  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:31:48.0224 7804  osppsvc - ok
09:31:48.0255 7804  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:31:48.0255 7804  p2pimsvc - ok
09:31:48.0271 7804  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:31:48.0287 7804  p2psvc - ok
09:31:48.0318 7804  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
09:31:48.0318 7804  Parport - ok
09:31:48.0365 7804  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:31:48.0365 7804  partmgr - ok
09:31:48.0365 7804  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
09:31:48.0380 7804  Parvdm - ok
09:31:48.0396 7804  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:31:48.0396 7804  PcaSvc - ok
09:31:48.0411 7804  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
09:31:48.0411 7804  pci - ok
09:31:48.0443 7804  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
09:31:48.0443 7804  pciide - ok
09:31:48.0458 7804  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
09:31:48.0458 7804  pcmcia - ok
09:31:48.0474 7804  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
09:31:48.0474 7804  pcw - ok
09:31:48.0521 7804  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:31:48.0521 7804  PEAUTH - ok
09:31:48.0567 7804  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
09:31:48.0583 7804  PeerDistSvc - ok
09:31:48.0645 7804  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
09:31:48.0677 7804  pla - ok
09:31:48.0708 7804  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:31:48.0723 7804  PlugPlay - ok
09:31:48.0739 7804  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:31:48.0739 7804  PNRPAutoReg - ok
09:31:48.0755 7804  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:31:48.0755 7804  PNRPsvc - ok
09:31:48.0817 7804  [ 896D916DE06F5502D301E8C4DC442AE8 ] Point32         C:\Windows\system32\DRIVERS\point32.sys
09:31:48.0817 7804  Point32 - ok
09:31:48.0833 7804  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:31:48.0833 7804  PolicyAgent - ok
09:31:48.0864 7804  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
09:31:48.0864 7804  Power - ok
09:31:48.0895 7804  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:31:48.0911 7804  PptpMiniport - ok
09:31:48.0926 7804  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
09:31:48.0926 7804  Processor - ok
09:31:48.0957 7804  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
09:31:48.0973 7804  ProfSvc - ok
09:31:48.0973 7804  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:31:48.0973 7804  ProtectedStorage - ok
09:31:49.0004 7804  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:31:49.0004 7804  Psched - ok
09:31:49.0051 7804  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
09:31:49.0067 7804  ql2300 - ok
09:31:49.0082 7804  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
09:31:49.0082 7804  ql40xx - ok
09:31:49.0113 7804  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
09:31:49.0113 7804  QWAVE - ok
09:31:49.0113 7804  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:31:49.0129 7804  QWAVEdrv - ok
09:31:49.0145 7804  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:31:49.0145 7804  RasAcd - ok
09:31:49.0176 7804  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:31:49.0176 7804  RasAgileVpn - ok
09:31:49.0191 7804  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
09:31:49.0191 7804  RasAuto - ok
09:31:49.0191 7804  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:31:49.0191 7804  Rasl2tp - ok
09:31:49.0254 7804  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
09:31:49.0254 7804  RasMan - ok
09:31:49.0269 7804  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:31:49.0269 7804  RasPppoe - ok
09:31:49.0285 7804  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:31:49.0285 7804  RasSstp - ok
09:31:49.0316 7804  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:31:49.0316 7804  rdbss - ok
09:31:49.0332 7804  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
09:31:49.0332 7804  rdpbus - ok
09:31:49.0363 7804  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:31:49.0363 7804  RDPCDD - ok
09:31:49.0394 7804  [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
09:31:49.0394 7804  RDPDR - ok
09:31:49.0410 7804  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:31:49.0425 7804  RDPENCDD - ok
09:31:49.0441 7804  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:31:49.0441 7804  RDPREFMP - ok
09:31:49.0503 7804  [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:31:49.0503 7804  RdpVideoMiniport - ok
09:31:49.0535 7804  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:31:49.0550 7804  RDPWD - ok
09:31:49.0581 7804  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:31:49.0581 7804  rdyboost - ok
09:31:49.0613 7804  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:31:49.0613 7804  RemoteAccess - ok
09:31:49.0628 7804  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:31:49.0628 7804  RemoteRegistry - ok
09:31:49.0659 7804  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:31:49.0659 7804  RpcEptMapper - ok
09:31:49.0675 7804  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
09:31:49.0675 7804  RpcLocator - ok
09:31:49.0706 7804  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
09:31:49.0722 7804  RpcSs - ok
09:31:49.0769 7804  [ A95840A95A9FF74B0009E5D848CDDB39 ] RsFx0150        C:\Windows\system32\DRIVERS\RsFx0150.sys
09:31:49.0769 7804  RsFx0150 - ok
09:31:49.0815 7804  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:31:49.0815 7804  rspndr - ok
09:31:49.0847 7804  [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
09:31:49.0847 7804  s3cap - ok
09:31:49.0847 7804  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
09:31:49.0862 7804  SamSs - ok
09:31:49.0893 7804  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:31:49.0893 7804  sbp2port - ok
09:31:49.0909 7804  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:31:49.0909 7804  SCardSvr - ok
09:31:49.0940 7804  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:31:49.0956 7804  scfilter - ok
09:31:50.0003 7804  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
09:31:50.0018 7804  Schedule - ok
09:31:50.0049 7804  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:31:50.0049 7804  SCPolicySvc - ok
09:31:50.0096 7804  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:31:50.0096 7804  SDRSVC - ok
09:31:50.0127 7804  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:31:50.0127 7804  secdrv - ok
09:31:50.0143 7804  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
09:31:50.0143 7804  seclogon - ok
09:31:50.0174 7804  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
09:31:50.0174 7804  SENS - ok
09:31:50.0190 7804  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:31:50.0190 7804  SensrSvc - ok
09:31:50.0221 7804  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
09:31:50.0221 7804  Serenum - ok
09:31:50.0237 7804  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
09:31:50.0237 7804  Serial - ok
09:31:50.0268 7804  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
09:31:50.0268 7804  sermouse - ok
09:31:50.0315 7804  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:31:50.0315 7804  SessionEnv - ok
09:31:50.0346 7804  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:31:50.0346 7804  sffdisk - ok
09:31:50.0361 7804  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:31:50.0361 7804  sffp_mmc - ok
09:31:50.0377 7804  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:31:50.0377 7804  sffp_sd - ok
09:31:50.0393 7804  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
09:31:50.0393 7804  sfloppy - ok
09:31:50.0424 7804  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:31:50.0424 7804  SharedAccess - ok
09:31:50.0471 7804  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:31:50.0471 7804  ShellHWDetection - ok
09:31:50.0486 7804  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
09:31:50.0486 7804  sisagp - ok
09:31:50.0517 7804  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:31:50.0517 7804  SiSRaid2 - ok
09:31:50.0533 7804  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
09:31:50.0533 7804  SiSRaid4 - ok
09:31:50.0689 7804  [ 23E3C83DFF7B09A97B01A85ED8A44478 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
09:31:50.0720 7804  Skype C2C Service - ok
09:31:50.0783 7804  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
09:31:50.0783 7804  SkypeUpdate - ok
09:31:50.0814 7804  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:31:50.0814 7804  Smb - ok
09:31:50.0861 7804  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:31:50.0861 7804  SNMPTRAP - ok
09:31:50.0876 7804  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:31:50.0876 7804  spldr - ok
09:31:50.0939 7804  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
09:31:50.0939 7804  Spooler - ok
09:31:51.0048 7804  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
09:31:51.0079 7804  sppsvc - ok
09:31:51.0126 7804  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:31:51.0126 7804  sppuinotify - ok
09:31:51.0157 7804  [ 37761F6BE2EBAED72CC0D43BD4C8C2A6 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
09:31:51.0173 7804  SQLAgent$SQLEXPRESS - ok
09:31:51.0251 7804  [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
09:31:51.0251 7804  SQLBrowser - ok
09:31:51.0313 7804  [ 2798E5AA05DACF91DA029005176756F1 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
09:31:51.0313 7804  SQLWriter - ok
09:31:51.0407 7804  [ 0A8F71E1DB5432A5B9285111421E77EC ] SRTSP           C:\Windows\System32\Drivers\NIS\1403000.024\SRTSP.SYS
09:31:51.0422 7804  SRTSP - ok
09:31:51.0453 7804  [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX          C:\Windows\system32\drivers\NIS\1403000.024\SRTSPX.SYS
09:31:51.0453 7804  SRTSPX - ok
09:31:51.0485 7804  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:31:51.0485 7804  srv - ok
09:31:51.0516 7804  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:31:51.0516 7804  srv2 - ok
09:31:51.0547 7804  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:31:51.0547 7804  srvnet - ok
09:31:51.0563 7804  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:31:51.0578 7804  SSDPSRV - ok
09:31:51.0594 7804  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:31:51.0594 7804  SstpSvc - ok
09:31:51.0625 7804  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
09:31:51.0625 7804  stexstor - ok
09:31:51.0672 7804  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
09:31:51.0687 7804  StiSvc - ok
09:31:51.0719 7804  [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
09:31:51.0719 7804  storflt - ok
09:31:51.0765 7804  [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
09:31:51.0765 7804  storvsc - ok
09:31:51.0797 7804  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
09:31:51.0797 7804  swenum - ok
09:31:51.0812 7804  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
09:31:51.0828 7804  swprv - ok
09:31:51.0859 7804  [ 6EA77FF0CE4E839EA8B1CEA5F5B28C00 ] SymDS           C:\Windows\system32\drivers\NIS\1403000.024\SYMDS.SYS
09:31:51.0875 7804  SymDS - ok
09:31:51.0906 7804  [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA          C:\Windows\system32\drivers\NIS\1403000.024\SYMEFA.SYS
09:31:51.0921 7804  SymEFA - ok
09:31:51.0953 7804  [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
09:31:51.0953 7804  SymEvent - ok
09:31:51.0968 7804  [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON         C:\Windows\system32\drivers\NIS\1403000.024\Ironx86.SYS
09:31:51.0968 7804  SymIRON - ok
09:31:51.0999 7804  [ 21698476A90ACAA056B8CFE09A82785F ] SymNetS         C:\Windows\System32\Drivers\NIS\1403000.024\SYMNETS.SYS
09:31:51.0999 7804  SymNetS - ok
09:31:52.0015 7804  Synth3dVsc - ok
09:31:52.0093 7804  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
09:31:52.0109 7804  SysMain - ok
09:31:52.0140 7804  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:31:52.0140 7804  TabletInputService - ok
09:31:52.0187 7804  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:31:52.0187 7804  TapiSrv - ok
09:31:52.0202 7804  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
09:31:52.0218 7804  TBS - ok
09:31:52.0265 7804  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:31:52.0280 7804  Tcpip - ok
09:31:52.0311 7804  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:31:52.0311 7804  TCPIP6 - ok
09:31:52.0358 7804  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:31:52.0358 7804  tcpipreg - ok
09:31:52.0389 7804  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:31:52.0389 7804  TDPIPE - ok
09:31:52.0421 7804  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:31:52.0421 7804  TDTCP - ok
09:31:52.0452 7804  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:31:52.0452 7804  tdx - ok
09:31:52.0483 7804  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
09:31:52.0483 7804  TermDD - ok
09:31:52.0530 7804  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
09:31:52.0545 7804  TermService - ok
09:31:52.0592 7804  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
09:31:52.0592 7804  Themes - ok
09:31:52.0608 7804  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
09:31:52.0608 7804  THREADORDER - ok
09:31:52.0639 7804  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
09:31:52.0639 7804  TrkWks - ok
09:31:52.0686 7804  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:31:52.0686 7804  TrustedInstaller - ok
09:31:52.0701 7804  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:31:52.0701 7804  tssecsrv - ok
09:31:52.0748 7804  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:31:52.0748 7804  TsUsbFlt - ok
09:31:52.0764 7804  tsusbhub - ok
09:31:52.0811 7804  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:31:52.0811 7804  tunnel - ok
09:31:52.0842 7804  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
09:31:52.0842 7804  uagp35 - ok
09:31:52.0873 7804  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:31:52.0873 7804  udfs - ok
09:31:52.0889 7804  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:31:52.0889 7804  UI0Detect - ok
09:31:52.0904 7804  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:31:52.0920 7804  uliagpkx - ok
09:31:52.0951 7804  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
09:31:52.0951 7804  umbus - ok
09:31:52.0967 7804  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
09:31:52.0967 7804  UmPass - ok
09:31:53.0029 7804  [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService    C:\Windows\System32\umrdp.dll
09:31:53.0029 7804  UmRdpService - ok
09:31:53.0091 7804  [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv        C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
09:31:53.0107 7804  UMVPFSrv - ok
09:31:53.0123 7804  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
09:31:53.0138 7804  upnphost - ok
09:31:53.0169 7804  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
09:31:53.0169 7804  USBAAPL - ok
09:31:53.0216 7804  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
09:31:53.0216 7804  usbaudio - ok
09:31:53.0247 7804  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:31:53.0247 7804  usbccgp - ok
09:31:53.0294 7804  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:31:53.0294 7804  usbcir - ok
09:31:53.0310 7804  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:31:53.0310 7804  usbehci - ok
09:31:53.0341 7804  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:31:53.0341 7804  usbhub - ok
09:31:53.0357 7804  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:31:53.0372 7804  usbohci - ok
09:31:53.0403 7804  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:31:53.0403 7804  usbprint - ok
09:31:53.0435 7804  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:31:53.0435 7804  usbscan - ok
09:31:53.0466 7804  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:31:53.0466 7804  USBSTOR - ok
09:31:53.0481 7804  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
09:31:53.0481 7804  usbuhci - ok
09:31:53.0497 7804  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
09:31:53.0497 7804  UxSms - ok
09:31:53.0513 7804  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
09:31:53.0513 7804  VaultSvc - ok
09:31:53.0528 7804  [ 94D73B62E458FB56C9CE60AA96D914F9 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
09:31:53.0528 7804  VClone - ok
09:31:53.0559 7804  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:31:53.0559 7804  vdrvroot - ok
09:31:53.0622 7804  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
09:31:53.0622 7804  vds - ok
09:31:53.0653 7804  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:31:53.0653 7804  vga - ok
09:31:53.0684 7804  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:31:53.0700 7804  VgaSave - ok
09:31:53.0700 7804  VGPU - ok
09:31:53.0747 7804  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:31:53.0747 7804  vhdmp - ok
09:31:53.0762 7804  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
09:31:53.0778 7804  viaagp - ok
09:31:53.0778 7804  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
09:31:53.0793 7804  ViaC7 - ok
09:31:53.0825 7804  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
09:31:53.0825 7804  viaide - ok
09:31:53.0856 7804  [ C2F2911156FDC7817C52829C86DA494E ] vmbus           C:\Windows\system32\drivers\vmbus.sys
09:31:53.0856 7804  vmbus - ok
09:31:53.0903 7804  [ D4D77455211E204F370D08F4963063CE ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
09:31:53.0903 7804  VMBusHID - ok
09:31:53.0918 7804  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:31:53.0918 7804  volmgr - ok
09:31:53.0934 7804  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:31:53.0934 7804  volmgrx - ok
09:31:53.0965 7804  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:31:53.0981 7804  volsnap - ok
09:31:53.0996 7804  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
09:31:54.0012 7804  vsmraid - ok
09:31:54.0059 7804  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
09:31:54.0074 7804  VSS - ok
09:31:54.0090 7804  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
09:31:54.0090 7804  vwifibus - ok
09:31:54.0105 7804  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:31:54.0105 7804  vwififlt - ok
09:31:54.0137 7804  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
09:31:54.0137 7804  W32Time - ok
09:31:54.0152 7804  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
09:31:54.0152 7804  WacomPen - ok
09:31:54.0183 7804  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:31:54.0183 7804  WANARP - ok
09:31:54.0183 7804  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:31:54.0199 7804  Wanarpv6 - ok
09:31:54.0230 7804  [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw          C:\Windows\system32\DRIVERS\wanatw4.sys
09:31:54.0230 7804  wanatw - ok
09:31:54.0293 7804  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
09:31:54.0308 7804  WatAdminSvc - ok
09:31:54.0371 7804  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
09:31:54.0386 7804  wbengine - ok
09:31:54.0402 7804  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:31:54.0417 7804  WbioSrvc - ok
09:31:54.0449 7804  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:31:54.0449 7804  wcncsvc - ok
09:31:54.0464 7804  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:31:54.0464 7804  WcsPlugInService - ok
09:31:54.0495 7804  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
09:31:54.0495 7804  Wd - ok
09:31:54.0542 7804  [ A1A36682DF22777834E1C37F3C79AEC2 ] WDBtnMgrSvc.exe C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
09:31:54.0558 7804  WDBtnMgrSvc.exe - ok
09:31:54.0620 7804  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:31:54.0620 7804  Wdf01000 - ok
09:31:54.0636 7804  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:31:54.0636 7804  WdiServiceHost - ok
09:31:54.0636 7804  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:31:54.0651 7804  WdiSystemHost - ok
09:31:54.0683 7804  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
09:31:54.0683 7804  WebClient - ok
09:31:54.0698 7804  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:31:54.0714 7804  Wecsvc - ok
09:31:54.0714 7804  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:31:54.0729 7804  wercplsupport - ok
09:31:54.0745 7804  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:31:54.0745 7804  WerSvc - ok
09:31:54.0776 7804  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:31:54.0776 7804  WfpLwf - ok
09:31:54.0792 7804  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:31:54.0792 7804  WIMMount - ok
09:31:54.0854 7804  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
09:31:54.0854 7804  WinDefend - ok
09:31:54.0870 7804  WinHttpAutoProxySvc - ok
09:31:54.0932 7804  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:31:54.0932 7804  Winmgmt - ok
09:31:54.0995 7804  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
09:31:55.0010 7804  WinRM - ok
09:31:55.0041 7804  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
09:31:55.0041 7804  WinUsb - ok
09:31:55.0073 7804  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:31:55.0088 7804  Wlansvc - ok
09:31:55.0119 7804  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:31:55.0119 7804  WmiAcpi - ok
09:31:55.0135 7804  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:31:55.0151 7804  wmiApSrv - ok
09:31:55.0213 7804  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
09:31:55.0213 7804  WMPNetworkSvc - ok
09:31:55.0229 7804  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:31:55.0244 7804  WPCSvc - ok
09:31:55.0275 7804  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:31:55.0275 7804  WPDBusEnum - ok
09:31:55.0307 7804  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:31:55.0307 7804  ws2ifsl - ok
09:31:55.0322 7804  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
09:31:55.0322 7804  wscsvc - ok
09:31:55.0369 7804  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
09:31:55.0369 7804  WSDPrintDevice - ok
09:31:55.0369 7804  WSearch - ok
09:31:55.0447 7804  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
09:31:55.0463 7804  wuauserv - ok
09:31:55.0509 7804  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:31:55.0509 7804  WudfPf - ok
09:31:55.0541 7804  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:31:55.0556 7804  WUDFRd - ok
09:31:55.0587 7804  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:31:55.0587 7804  wudfsvc - ok
09:31:55.0634 7804  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:31:55.0650 7804  WwanSvc - ok
09:31:55.0665 7804  ================ Scan global ===============================
09:31:55.0697 7804  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
09:31:55.0743 7804  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
09:31:55.0743 7804  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
09:31:55.0775 7804  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
09:31:55.0806 7804  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
09:31:55.0806 7804  [Global] - ok
09:31:55.0806 7804  ================ Scan MBR ==================================
09:31:55.0821 7804  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:31:56.0040 7804  \Device\Harddisk0\DR0 - ok
09:31:56.0321 7804  [ 988D3C46CBD13EC7F482B833C55264C8 ] \Device\Harddisk1\DR1
09:31:56.0321 7804  \Device\Harddisk1\DR1 - ok
09:31:56.0321 7804  ================ Scan VBR ==================================
09:31:56.0321 7804  [ F8197E06DFFCF156236DA28042AD91B5 ] \Device\Harddisk0\DR0\Partition1
09:31:56.0321 7804  \Device\Harddisk0\DR0\Partition1 - ok
09:31:56.0336 7804  [ 4BFE75B0BAB6CBC2AAD630B99ED7E9B7 ] \Device\Harddisk0\DR0\Partition2
09:31:56.0336 7804  \Device\Harddisk0\DR0\Partition2 - ok
09:31:56.0336 7804  [ 1ACA3A328AA38708F8577BC6996FFE7A ] \Device\Harddisk1\DR1\Partition1
09:31:56.0336 7804  \Device\Harddisk1\DR1\Partition1 - ok
09:31:56.0336 7804  ============================================================
09:31:56.0336 7804  Scan finished
09:31:56.0336 7804  ============================================================
09:31:56.0352 12024  Detected object count: 0
09:31:56.0352 12024  Actual detected object count: 0
09:40:08.0475 12888  Deinitialize success



#5 Theresa R

Theresa R
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 23 March 2013 - 08:51 AM

 AdwCleaner v2.115 - Logfile created 03/23/2013 at 09:47:16
# Updated 17/03/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Theresa - THERESA-PC
# Boot Mode : Normal
# Running from : C:\Users\Theresa\Downloads\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Program Files\OApps
Folder Found : C:\Program Files\Viewpoint
Folder Found : C:\ProgramData\Viewpoint
Folder Found : C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Found : C:\Users\Theresa\AppData\Local\Wajam
Folder Found : C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\wve39xe0.default\extensions\plugin@selectionlinks.com

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Found : HKLM\Software\MetaStream
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found : HKLM\Software\Viewpoint
Key Found : HKU\S-1-5-21-934021220-3246597124-4072488087-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (en-US)

File : C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\wve39xe0.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v25.0.1364.172

File : C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R2].txt - [3089 octets] - [23/03/2013 09:47:16]

########## EOF - C:\AdwCleaner[R2].txt - [3149 octets] ##########



#6 Theresa R

Theresa R
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 23 March 2013 - 09:15 AM

Sorry I ran search .  These are the results from delete

 

# AdwCleaner v2.115 - Logfile created 03/23/2013 at 10:00:33
# Updated 17/03/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Theresa - THERESA-PC
# Boot Mode : Normal
# Running from : C:\Users\Theresa\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files\OApps
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Deleted : C:\Users\Theresa\AppData\Local\Wajam
Folder Deleted : C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\wve39xe0.default\extensions\plugin@selectionlinks.com

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (en-US)

File : C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\wve39xe0.default\prefs.js

C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\wve39xe0.default\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v25.0.1364.172

File : C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R2].txt - [3218 octets] - [23/03/2013 09:47:16]
AdwCleaner[R3].txt - [3278 octets] - [23/03/2013 09:56:26]
AdwCleaner[S1].txt - [3075 octets] - [23/03/2013 10:00:33]

########## EOF - C:\AdwCleaner[S1].txt - [3135 octets] ##########



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:49 PM

Posted 23 March 2013 - 06:50 PM

Hello, what is your usual Search Engine?

 

Do you still redirect?

 


Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go [url="http://support.microsoft.com/kb/972034"]HERE[/url] click the MSFixit.png button.  Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the prompts in the Fix it wizard.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Theresa R

Theresa R
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 23 March 2013 - 08:04 PM

I reset the HOSTS file.  I usuallly use google as my search engine.     

 

Based on the information in the log files I posted, does it look like my PC was infected when I clicked on that  link?  Can I assume that Norton Internet security did not stop the virus?  Is my PC now ok?   

 

I do not redirect .   That part is ok .  



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:49 PM

Posted 23 March 2013 - 08:33 PM

Hiit looks like it installed the Wajam search and was removed.

It gone now.. The Minitoolbox log was cut off after ◾List last 10 Event Viewer log
Can you still post these 2.....
◾List Installed Programs
◾List Users, Partitions and Memory size

Please download TFC (Temp File Cleaner) by Old Timer and save it to your desktop.
alternate download link
  • Save any unsaved work. TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • TFC will clear out all temp folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
  • Note: It is normal for the computer to be slow to boot after running TFC cleaner the first time.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Theresa R

Theresa R
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 23 March 2013 - 08:47 PM

MiniToolBox by Farbar  Version:05-03-2013
Ran by Theresa (administrator) on 23-03-2013 at 21:45:26
Running from "C:\Users\Theresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSD1Q39P"
Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

=========================== Installed Programs ============================

Adobe AIR (Version: 2.7.0.19480)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Adobe Reader X (10.1.6) (Version: 10.1.6)
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
calibre (Version: 0.9.12)
Canon DIGITAL CAMERA Solution Disk Software Guide (Version: 1.5.0.1)
CANON iMAGE GATEWAY MyCamera Download Plugin (Version: 3.1.1.2)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.9.0.9)
Canon MOV Decoder (Version: 1.8.0.7)
Canon MOV Encoder (Version: 1.7.0.3)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.8.0.5)
Canon PowerShot SX230 HS and PowerShot SX220 HS Camera User Guide (Version: 1.0.1.2)
Canon Utilities CameraWindow DC 8 (Version: 8.5.0.7)
Canon Utilities CameraWindow Launcher (Version: 7.5.0.2)
Canon Utilities Map Utility (Version: 1.0.0.19)
Canon Utilities Movie Uploader for YouTube (Version: 1.2.0.7)
Canon Utilities MyCamera (Version: 7.4.0.2)
Canon Utilities PhotoStitch (Version: 3.1.22.46)
Canon Utilities ZoomBrowser EX (Version: 6.7.2.33)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.5.1.10)
Coupon Printer for Windows (Version: 5.0.0.0)
Data Lifeguard Diagnostic for Windows (Version: 1.13)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dropbox (Version: 1.6.16)
Google Chrome (Version: 25.0.1364.172)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
IIS 8.0 Express (Version: 8.0.1557)
IIS Express Application Compatibility Database for x86
iTunes (Version: 11.0.2.26)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
Lexmark S600 Series
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 3 - VWD Express 2010 Tools Update (Version: 3.0.20406.0)
Microsoft ASP.NET MVC 3 (Version: 3.0.20105.0)
Microsoft ASP.NET MVC 4 - VWD Express 2010 Tools (Version: 4.0.20710.0)
Microsoft ASP.NET MVC 4 (Version: 4.0.20714.0)
Microsoft ASP.NET MVC 4 Runtime (Version: 4.0.20710.0)
Microsoft ASP.NET Visual Studio 2010 Finalizer (Version: 4.0.20710.0)
Microsoft ASP.NET Visual Studio 2010 Uninstall Finalizer (Version: 4.0.20710.0)
Microsoft ASP.NET Web Pages - VWD Express 2010 Tools (Version: 1.0.20105.0)
Microsoft ASP.NET Web Pages (Version: 1.0.20105.0)
Microsoft ASP.NET Web Pages 2 - VWD Express 2010 Tools (Version: 2.0.20710.0)
Microsoft ASP.NET Web Pages 2 (Version: 2.0.20715.0)
Microsoft ASP.NET Web Pages 2 Runtime (Version: 2.0.20715.0)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)
Microsoft NuGet for Visual Studio 2010 (Version: 2.0.30625.9003)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Live Meeting 2007 (Version: 8.0.6362.202)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK (Version: 4.0.50826.0)
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.50.1600.1)
Microsoft SQL Server 2008 Setup Support Files  (Version: 10.1.2731.0)
Microsoft SQL Server 2012 Data-Tier App Framework  (Version: 11.1.2807.0)
Microsoft SQL Server 2012 Express LocalDB  (Version: 11.0.2318.0)
Microsoft SQL Server 2012 Management Objects  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Native Client  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (Version: 11.0.2100.60)
Microsoft SQL Server Browser (Version: 10.50.1600.1)
Microsoft SQL Server Compact 4.0 SP1 ENU CTP1 (Version: 4.0.8854.1)
Microsoft SQL Server Database Publishing Wizard 1.4 (Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (Version: 10.50.1750.9)
Microsoft SQL Server VSS Writer (Version: 10.50.1600.1)
Microsoft System CLR Types for SQL Server 2012 (Version: 11.0.2100.60)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40308)
Microsoft Visual Web Developer 2010 Express - ENU (Version: 10.0.40219)
Microsoft Web Deploy 3.0 (Version: 3.1236.1631)
Microsoft Web Platform Installer 4.0 (Version: 4.0.1692)
Microsoft Web Publish - Visual Web Developer Express 2010 (Version: 1.0.30810.0)
Mozilla Firefox 18.0.1 (x86 en-US) (Version: 18.0.1)
Mozilla Maintenance Service (Version: 18.0.1)
Norton Internet Security (Version: 20.3.0.36)
OLYMPUS CAMEDIA Master 4.1
Picasa 3 (Version: 3.8)
QuickTime (Version: 7.73.80.64)
Saba Client
SelectionLinks (Version: 1.0)
Skype Click to Call (Version: 6.6.11664)
Skype™ 6.0 (Version: 6.0.126)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
TurboTax 2010
TurboTax 2010 WinPerFedFormset (Version: 010.000.5821)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0501)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0222)
TurboTax 2010 wnjiper (Version: 010.000.1431)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.3268)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0496)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0222)
TurboTax 2011 wnjiper (Version: 011.000.1627)
TurboTax 2011 wrapper (Version: 011.000.0121)
TurboTax 2012
TurboTax 2012 WinPerFedFormset (Version: 012.000.1925)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0433)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0179)
TurboTax 2012 wnjiper (Version: 012.000.1331)
TurboTax 2012 wrapper (Version: 012.000.0127)
Uninstall AOL Emergency Connect Utility 1.0
Update 4.0.2 for Microsoft .NET Framework 4 Client Profile (KB2544514) (Version: 1)
Update 4.0.2 for Microsoft .NET Framework 4 Extended (KB2544514) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VirtualCloneDrive
Visual Studio 2010 SP1 Tools for SQL Server Compact 4.0 ENU (Version: 4.0.8482.1)
VoiceOver Kit (Version: 1.42.128.0)
WCF RIA Services V1.0 SP1 (Version: 4.1.60114.0)
WD Anywhere Backup
WD Drive Manager (x86) (Version: 2.107)
Web Deployment Tool (Version: 1.1.0618)
WebEx
Windows Azure Authoring Tools - June 2012 Release (Version: 1.7.30602.1703)
Windows Azure Emulator - June 2012 Release (Version: 1.7.30602.1703)
Windows Azure Libraries for .NET 1.7 – June 2012 (Version: 1.7)
Windows Azure Tools for Microsoft Visual Studio 2010 - June 2012 SP1 (Version: 1.7.50717.1601)
Windows Azure Tools for Microsoft Visual Studio 2010 Core (Version: 1.7.50717.1601)

========================= Memory info: ===================================

Percentage of memory in use: 73%
Total physical RAM: 3325.61 MB
Available physical RAM: 884.86 MB
Total Pagefile: 6649.51 MB
Available Pagefile: 3948.35 MB
Total Virtual: 2047.88 MB
Available Virtual: 1940.88 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.73 GB) (Free:143.28 GB) NTFS
5 Drive g: (My Passport) (Fixed) (Total:465.64 GB) (Free:75.71 GB) FAT32



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:49 PM

Posted 23 March 2013 - 09:02 PM

OK it looks good....
Note when installing applications UN check any boxes for items like this..
 
 
Yes, install Chrome as my default browser and Google Toolbar for Internet Explorer optional.
 
 
 
 
Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit). 64-bit OS users, should read: Which Java download should I choose for my 64-bit Windows operating system?
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to StartBtn.gif > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7/8 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u17-windows-i586.exe (or jre-7u17-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7/8 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java. -- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version. Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary. To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.
  • Also update to  Adobe Reader XI

Edited by boopme, 23 March 2013 - 09:03 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 Theresa R

Theresa R
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 23 March 2013 - 09:10 PM

Thank you for all your help.

 

I am usually very careful not to click on any links ... However this one came from my mom so I never even suspected the Yahoo email virus. Only after I encountered the strange page from clicking on the link did I realize her yahoo email account was hijacked and the link was bogus.  I will update my JAVA.  Once again - Thanks and have a nice night!!!!



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:49 PM

Posted 23 March 2013 - 09:17 PM

Your welcome. Perhaps she needs  an AV that scans her emails..
 
If all is good then ...
Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.
The easiest and safest way to do this is:
  • Go to StartBtn.gif > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
to remove all but the most recently created Restore Point.
  • Go to StartBtn.gif > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
  • Vista and Windows 7 users can refer to these links:
  • Disk Cleanup in Vista
  • Disk Cleanup in Windows 7

Edited by boopme, 23 March 2013 - 09:17 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 Theresa R

Theresa R
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 23 March 2013 - 09:26 PM

One last question.  I verified that I am running 32 bit O/S.

Is the version with Windows x86 offline the one I should select?

 

 

 

Windows x86 Online 0.86 MB   Windows x86 Offline 30.06 MB   Windows x86 39.77 MB  

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:49 PM

Posted 23 March 2013 - 09:32 PM

Yes, 4th up from bottom

 

 Windows x86 Offline 30.06 MB   115899.gif jre-7u17-windows-i586.exe
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users