Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't access user Accounts after Windows 7 Security Virus


  • Please log in to reply
15 replies to this topic

#1 Mystic4

Mystic4

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 17 April 2013 - 07:41 PM

I fell for the Windows 7 Security Virus, but immediately checked it out once I was able to access the Internet and realized what I had done.  I downloaded and ran SpyHunter 4 which seemed to remove it from my admin account, but my other user accounts aren't working.  I have since run a full system scan with Microsoft Security Essentials and SpyHunter, but no virus or malware is showing.

 

I can actually log on to the accounts, but all I get is the spinning circle.  I am not able to open any programs, shut down, restart, etc.  The only thing I'm able to do is click on Switch User and when I do the monitor goes right to sleep and I can't wake it up.  The only way I'm able to get back to my account is to do a manual shut down and then restart.  I also created a new user account and the same thing happens.  The new user account is an admin account and the others are standard accounts.

 

The only account I'm able to access without any problem is my admin account.  Do I still have the virus or did it change something?  Appreciate your help!



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:19 AM

Posted 24 April 2013 - 08:08 PM

Let's try this..

Reboot into Safe Mode with Networking
How to start Windows 7 in Safe Mode

It is possible that the infection you are trying to remove will not allow you to download files on the infected computer. If this is the case, then you will need to download the files requested in this guide on another computer and then transfer them to the infected computer. You can transfer the files via a CD/DVD, external drive, or USB flash drive.


Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:

Link 1
Link 2
Link 3
Link 4

•In order for Rkill to run properly you must disable your anti-malware software. Please refer to this page if you are not sure how.
•Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)?Note: You may have to run Rkill a few times before it is successful. You may also have to download Rkill from a different link which will save it as a different file name.

•A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
•An Rkill.log will appear. Please copy and paste the contents in your reply (file also located at c:\rkill.log)
•Do not reboot your computer after running Rkill as the malware programs will start again. If your computer reboots, run Rkill again before continuing on to the next step.
•If nothing happens or if the tool does not run, please let me know in your next reply.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions
  • for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Mystic4

Mystic4
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 25 April 2013 - 07:31 PM

Results of Rkill:

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 04/25/2013 03:49:00 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
 C:\Users\Laurie\Desktop\rkill\rkill-04-25-2013-03-49-10.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Automatic

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic (Delayed Start)

 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Automatic (Delayed Start)

 * FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 04/25/2013 03:49:17 PM
Execution time: 0 hours(s), 0 minute(s), and 17 seconds(s)

 

Results of TDSSkiller:

 

15:52:27.0648 0604  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:52:28.0256 0604  ============================================================
15:52:28.0256 0604  Current date / time: 2013/04/25 15:52:28.0256
15:52:28.0256 0604  SystemInfo:
15:52:28.0256 0604 
15:52:28.0256 0604  OS Version: 6.1.7601 ServicePack: 1.0
15:52:28.0256 0604  Product type: Workstation
15:52:28.0256 0604  ComputerName: LAURIE-HP
15:52:28.0256 0604  UserName: Laurie
15:52:28.0256 0604  Windows directory: C:\Windows
15:52:28.0256 0604  System windows directory: C:\Windows
15:52:28.0256 0604  Running under WOW64
15:52:28.0256 0604  Processor architecture: Intel x64
15:52:28.0256 0604  Number of processors: 4
15:52:28.0256 0604  Page size: 0x1000
15:52:28.0256 0604  Boot type: Safe boot with network
15:52:28.0256 0604  ============================================================
15:52:29.0224 0604  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:52:29.0239 0604  ============================================================
15:52:29.0239 0604  \Device\Harddisk0\DR0:
15:52:29.0239 0604  MBR partitions:
15:52:29.0239 0604  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:52:29.0239 0604  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72EAB000
15:52:29.0239 0604  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72EDD800, BlocksNum 0x1828800
15:52:29.0239 0604  ============================================================
15:52:29.0255 0604  C: <-> \Device\Harddisk0\DR0\Partition2
15:52:29.0286 0604  D: <-> \Device\Harddisk0\DR0\Partition3
15:52:29.0286 0604  ============================================================
15:52:29.0286 0604  Initialize success
15:52:29.0286 0604  ============================================================
15:53:15.0509 0700  ============================================================
15:53:15.0509 0700  Scan started
15:53:15.0509 0700  Mode: Manual; TDLFS;
15:53:15.0509 0700  ============================================================
15:53:16.0538 0700  ================ Scan system memory ========================
15:53:16.0538 0700  System memory - ok
15:53:16.0538 0700  ================ Scan services =============================
15:53:16.0726 0700  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:53:16.0726 0700  1394ohci - ok
15:53:16.0819 0700  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:53:16.0819 0700  ACDaemon - ok
15:53:16.0835 0700  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:53:16.0835 0700  ACPI - ok
15:53:16.0850 0700  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:53:16.0850 0700  AcpiPmi - ok
15:53:16.0928 0700  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:53:16.0928 0700  AdobeARMservice - ok
15:53:17.0006 0700  [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:53:17.0006 0700  AdobeFlashPlayerUpdateSvc - ok
15:53:17.0038 0700  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:53:17.0038 0700  adp94xx - ok
15:53:17.0053 0700  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:53:17.0053 0700  adpahci - ok
15:53:17.0069 0700  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:53:17.0069 0700  adpu320 - ok
15:53:17.0084 0700  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:53:17.0084 0700  AeLookupSvc - ok
15:53:17.0116 0700  [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc             C:\Windows\syswow64\drivers\Afc.sys
15:53:17.0116 0700  Afc - ok
15:53:17.0147 0700  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
15:53:17.0147 0700  AFD - ok
15:53:17.0178 0700  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:53:17.0178 0700  agp440 - ok
15:53:17.0194 0700  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
15:53:17.0194 0700  ALG - ok
15:53:17.0225 0700  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:53:17.0225 0700  aliide - ok
15:53:17.0256 0700  [ 2FDCB3E855076CE97CCB58E2CF8F2A09 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:53:17.0272 0700  AMD External Events Utility - ok
15:53:17.0287 0700  AMD FUEL Service - ok
15:53:17.0303 0700  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:53:17.0303 0700  amdide - ok
15:53:17.0318 0700  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
15:53:17.0318 0700  amdiox64 - ok
15:53:17.0334 0700  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:53:17.0350 0700  AmdK8 - ok
15:53:17.0506 0700  [ 9920704BF815A5B42DA5264F013AAEB7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:53:17.0630 0700  amdkmdag - ok
15:53:17.0662 0700  [ 0D1055A47A8F5DC1CAA2701831293EBB ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:53:17.0662 0700  amdkmdap - ok
15:53:17.0708 0700  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:53:17.0708 0700  AmdPPM - ok
15:53:17.0724 0700  [ F747497A0EE5498F79B207F215B3D2D8 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
15:53:17.0724 0700  amdsata - ok
15:53:17.0755 0700  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:53:17.0771 0700  amdsbs - ok
15:53:17.0802 0700  [ 2946D695E158615BAAA16248E63C7ADB ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
15:53:17.0802 0700  amdxata - ok
15:53:17.0818 0700  [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.0    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
15:53:17.0818 0700  AODDriver4.0 - ok
15:53:17.0818 0700  [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.01   C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
15:53:17.0818 0700  AODDriver4.01 - ok
15:53:17.0818 0700  [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
15:53:17.0818 0700  AODDriver4.1 - ok
15:53:17.0849 0700  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
15:53:17.0849 0700  AppID - ok
15:53:17.0880 0700  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:53:17.0880 0700  AppIDSvc - ok
15:53:17.0911 0700  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
15:53:17.0911 0700  Appinfo - ok
15:53:17.0974 0700  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:53:17.0989 0700  Apple Mobile Device - ok
15:53:18.0005 0700  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:53:18.0005 0700  arc - ok
15:53:18.0005 0700  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:53:18.0005 0700  arcsas - ok
15:53:18.0005 0700  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:53:18.0005 0700  AsyncMac - ok
15:53:18.0036 0700  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
15:53:18.0036 0700  atapi - ok
15:53:18.0052 0700  [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:53:18.0052 0700  AtiHDAudioService - ok
15:53:18.0083 0700  [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie64.sys
15:53:18.0083 0700  AtiPcie - ok
15:53:18.0130 0700  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:53:18.0130 0700  AudioEndpointBuilder - ok
15:53:18.0145 0700  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:53:18.0145 0700  AudioSrv - ok
15:53:18.0161 0700  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:53:18.0161 0700  AxInstSV - ok
15:53:18.0192 0700  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:53:18.0192 0700  b06bdrv - ok
15:53:18.0208 0700  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:53:18.0208 0700  b57nd60a - ok
15:53:18.0270 0700  [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
15:53:18.0270 0700  BBSvc - ok
15:53:18.0286 0700  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:53:18.0286 0700  BDESVC - ok
15:53:18.0301 0700  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:53:18.0301 0700  Beep - ok
15:53:18.0332 0700  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
15:53:18.0348 0700  BFE - ok
15:53:18.0364 0700  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
15:53:18.0395 0700  BITS - ok
15:53:18.0395 0700  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:53:18.0395 0700  blbdrive - ok
15:53:18.0442 0700  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:53:18.0442 0700  Bonjour Service - ok
15:53:18.0473 0700  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:53:18.0473 0700  bowser - ok
15:53:18.0488 0700  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:53:18.0488 0700  BrFiltLo - ok
15:53:18.0504 0700  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:53:18.0504 0700  BrFiltUp - ok
15:53:18.0535 0700  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
15:53:18.0535 0700  Browser - ok
15:53:18.0551 0700  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:53:18.0551 0700  Brserid - ok
15:53:18.0566 0700  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:53:18.0566 0700  BrSerWdm - ok
15:53:18.0582 0700  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:53:18.0582 0700  BrUsbMdm - ok
15:53:18.0598 0700  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:53:18.0598 0700  BrUsbSer - ok
15:53:18.0644 0700  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:53:18.0644 0700  BTHMODEM - ok
15:53:18.0644 0700  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
15:53:18.0644 0700  bthserv - ok
15:53:18.0769 0700  [ 5B183E26AFE185DE1436479D217154B3 ] CarboniteService C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
15:53:18.0878 0700  CarboniteService - ok
15:53:18.0878 0700  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:53:18.0878 0700  cdfs - ok
15:53:18.0910 0700  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
15:53:18.0910 0700  cdrom - ok
15:53:18.0941 0700  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:53:18.0941 0700  CertPropSvc - ok
15:53:18.0972 0700  [ EA3333DB9AB03106EEC0D6D9D487ED01 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
15:53:18.0972 0700  CinemaNow Service - ok
15:53:18.0988 0700  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:53:18.0988 0700  circlass - ok
15:53:19.0003 0700  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:53:19.0003 0700  CLFS - ok
15:53:19.0050 0700  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:53:19.0050 0700  clr_optimization_v2.0.50727_32 - ok
15:53:19.0097 0700  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:53:19.0097 0700  clr_optimization_v2.0.50727_64 - ok
15:53:19.0128 0700  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:53:19.0159 0700  clr_optimization_v4.0.30319_32 - ok
15:53:19.0190 0700  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:53:19.0190 0700  clr_optimization_v4.0.30319_64 - ok
15:53:19.0190 0700  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:53:19.0190 0700  CmBatt - ok
15:53:19.0206 0700  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:53:19.0206 0700  cmdide - ok
15:53:19.0237 0700  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
15:53:19.0253 0700  CNG - ok
15:53:19.0268 0700  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:53:19.0268 0700  Compbatt - ok
15:53:19.0315 0700  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:53:19.0315 0700  CompositeBus - ok
15:53:19.0315 0700  COMSysApp - ok
15:53:19.0331 0700  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:53:19.0331 0700  crcdisk - ok
15:53:19.0362 0700  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:53:19.0362 0700  CryptSvc - ok
15:53:19.0378 0700  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:53:19.0393 0700  DcomLaunch - ok
15:53:19.0440 0700  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
15:53:19.0440 0700  defragsvc - ok
15:53:19.0471 0700  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:53:19.0471 0700  DfsC - ok
15:53:19.0487 0700  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:53:19.0487 0700  Dhcp - ok
15:53:19.0502 0700  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:53:19.0502 0700  discache - ok
15:53:19.0518 0700  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:53:19.0518 0700  Disk - ok
15:53:19.0549 0700  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:53:19.0549 0700  Dnscache - ok
15:53:19.0580 0700  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:53:19.0580 0700  dot3svc - ok
15:53:19.0612 0700  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
15:53:19.0612 0700  DPS - ok
15:53:19.0627 0700  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:53:19.0627 0700  drmkaud - ok
15:53:19.0658 0700  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:53:19.0658 0700  DXGKrnl - ok
15:53:19.0674 0700  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
15:53:19.0674 0700  EapHost - ok
15:53:19.0736 0700  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:53:19.0799 0700  ebdrv - ok
15:53:19.0830 0700  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
15:53:19.0830 0700  EFS - ok
15:53:19.0861 0700  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:53:19.0861 0700  ehRecvr - ok
15:53:19.0892 0700  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
15:53:19.0892 0700  ehSched - ok
15:53:19.0924 0700  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:53:19.0924 0700  elxstor - ok
15:53:19.0955 0700  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:53:19.0955 0700  ErrDev - ok
15:53:20.0002 0700  [ DF96C3CD6AE15F6D0A6BCB70F9C1E88D ] esgiguard       C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
15:53:20.0002 0700  esgiguard - ok
15:53:20.0033 0700  [ 3B32CAA07D672F8A2E0DF5CB3A873F45 ] EsgScanner      C:\Windows\system32\DRIVERS\EsgScanner.sys
15:53:20.0033 0700  EsgScanner - ok
15:53:20.0064 0700  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
15:53:20.0080 0700  EventSystem - ok
15:53:20.0095 0700  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
15:53:20.0095 0700  exfat - ok
15:53:20.0126 0700  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:53:20.0126 0700  fastfat - ok
15:53:20.0158 0700  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
15:53:20.0158 0700  Fax - ok
15:53:20.0173 0700  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:53:20.0173 0700  fdc - ok
15:53:20.0189 0700  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:53:20.0189 0700  fdPHost - ok
15:53:20.0220 0700  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:53:20.0220 0700  FDResPub - ok
15:53:20.0236 0700  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:53:20.0236 0700  FileInfo - ok
15:53:20.0251 0700  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:53:20.0251 0700  Filetrace - ok
15:53:20.0251 0700  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:53:20.0251 0700  flpydisk - ok
15:53:20.0267 0700  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:53:20.0267 0700  FltMgr - ok
15:53:20.0314 0700  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
15:53:20.0329 0700  FontCache - ok
15:53:20.0376 0700  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:53:20.0392 0700  FontCache3.0.0.0 - ok
15:53:20.0392 0700  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:53:20.0392 0700  FsDepends - ok
15:53:20.0407 0700  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:53:20.0407 0700  Fs_Rec - ok
15:53:20.0438 0700  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:53:20.0438 0700  fvevol - ok
15:53:20.0454 0700  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:53:20.0454 0700  gagp30kx - ok
15:53:20.0501 0700  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
15:53:20.0501 0700  GamesAppService - ok
15:53:20.0516 0700  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:53:20.0516 0700  GEARAspiWDM - ok
15:53:20.0548 0700  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
15:53:20.0563 0700  gpsvc - ok
15:53:20.0610 0700  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:53:20.0610 0700  gupdate - ok
15:53:20.0626 0700  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:53:20.0626 0700  gupdatem - ok
15:53:20.0626 0700  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:53:20.0641 0700  hcw85cir - ok
15:53:20.0672 0700  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:53:20.0672 0700  HdAudAddService - ok
15:53:20.0688 0700  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:53:20.0688 0700  HDAudBus - ok
15:53:20.0704 0700  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:53:20.0704 0700  HidBatt - ok
15:53:20.0719 0700  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:53:20.0719 0700  HidBth - ok
15:53:20.0719 0700  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:53:20.0719 0700  HidIr - ok
15:53:20.0750 0700  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
15:53:20.0766 0700  hidserv - ok
15:53:20.0782 0700  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:53:20.0782 0700  HidUsb - ok
15:53:20.0797 0700  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:53:20.0813 0700  hkmsvc - ok
15:53:20.0828 0700  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:53:20.0828 0700  HomeGroupListener - ok
15:53:20.0844 0700  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:53:20.0844 0700  HomeGroupProvider - ok
15:53:20.0906 0700  [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
15:53:20.0906 0700  HP Support Assistant Service - ok
15:53:20.0969 0700  [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
15:53:20.0984 0700  hpqwmiex - ok
15:53:21.0031 0700  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:53:21.0031 0700  HpSAMD - ok
15:53:21.0094 0700  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:53:21.0094 0700  HTTP - ok
15:53:21.0125 0700  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:53:21.0125 0700  hwpolicy - ok
15:53:21.0156 0700  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:53:21.0156 0700  i8042prt - ok
15:53:21.0187 0700  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:53:21.0187 0700  iaStorV - ok
15:53:21.0218 0700  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:53:21.0218 0700  idsvc - ok
15:53:21.0234 0700  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:53:21.0234 0700  iirsp - ok
15:53:21.0265 0700  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:53:21.0265 0700  IKEEXT - ok
15:53:21.0328 0700  [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:53:21.0390 0700  IntcAzAudAddService - ok
15:53:21.0406 0700  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:53:21.0406 0700  intelide - ok
15:53:21.0437 0700  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:53:21.0437 0700  intelppm - ok
15:53:21.0468 0700  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:53:21.0468 0700  IPBusEnum - ok
15:53:21.0499 0700  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:53:21.0499 0700  IpFilterDriver - ok
15:53:21.0515 0700  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:53:21.0530 0700  iphlpsvc - ok
15:53:21.0546 0700  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:53:21.0546 0700  IPMIDRV - ok
15:53:21.0562 0700  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:53:21.0562 0700  IPNAT - ok
15:53:21.0624 0700  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:53:21.0624 0700  iPod Service - ok
15:53:21.0640 0700  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:53:21.0640 0700  IRENUM - ok
15:53:21.0686 0700  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:53:21.0686 0700  isapnp - ok
15:53:21.0702 0700  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:53:21.0718 0700  iScsiPrt - ok
15:53:21.0733 0700  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:53:21.0733 0700  kbdclass - ok
15:53:21.0749 0700  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:53:21.0749 0700  kbdhid - ok
15:53:21.0780 0700  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:53:21.0780 0700  KeyIso - ok
15:53:21.0796 0700  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:53:21.0796 0700  KSecDD - ok
15:53:21.0827 0700  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:53:21.0827 0700  KSecPkg - ok
15:53:21.0842 0700  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:53:21.0842 0700  ksthunk - ok
15:53:21.0858 0700  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:53:21.0874 0700  KtmRm - ok
15:53:21.0905 0700  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:53:21.0905 0700  LanmanServer - ok
15:53:21.0920 0700  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:53:21.0920 0700  LanmanWorkstation - ok
15:53:21.0952 0700  [ 7550D101BF49FDB1F92666A233EE36C4 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:53:21.0952 0700  LightScribeService - ok
15:53:21.0967 0700  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:53:21.0967 0700  lltdio - ok
15:53:21.0983 0700  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:53:21.0983 0700  lltdsvc - ok
15:53:21.0998 0700  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:53:21.0998 0700  lmhosts - ok
15:53:22.0014 0700  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:53:22.0030 0700  LSI_FC - ok
15:53:22.0030 0700  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:53:22.0030 0700  LSI_SAS - ok
15:53:22.0045 0700  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:53:22.0045 0700  LSI_SAS2 - ok
15:53:22.0061 0700  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:53:22.0076 0700  LSI_SCSI - ok
15:53:22.0092 0700  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:53:22.0092 0700  luafv - ok
15:53:22.0108 0700  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:53:22.0108 0700  Mcx2Svc - ok
15:53:22.0123 0700  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:53:22.0123 0700  megasas - ok
15:53:22.0139 0700  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:53:22.0154 0700  MegaSR - ok
15:53:22.0186 0700  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
15:53:22.0201 0700  MMCSS - ok
15:53:22.0201 0700  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
15:53:22.0201 0700  Modem - ok
15:53:22.0248 0700  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:53:22.0248 0700  monitor - ok
15:53:22.0264 0700  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:53:22.0264 0700  mouclass - ok
15:53:22.0279 0700  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:53:22.0279 0700  mouhid - ok
15:53:22.0295 0700  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:53:22.0295 0700  mountmgr - ok
15:53:22.0326 0700  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:53:22.0326 0700  MpFilter - ok
15:53:22.0342 0700  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:53:22.0342 0700  mpio - ok
15:53:22.0373 0700  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:53:22.0373 0700  mpsdrv - ok
15:53:22.0420 0700  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:53:22.0435 0700  MpsSvc - ok
15:53:22.0466 0700  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:53:22.0466 0700  MRxDAV - ok
15:53:22.0482 0700  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:53:22.0482 0700  mrxsmb - ok
15:53:22.0513 0700  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:53:22.0513 0700  mrxsmb10 - ok
15:53:22.0544 0700  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:53:22.0544 0700  mrxsmb20 - ok
15:53:22.0560 0700  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:53:22.0560 0700  msahci - ok
15:53:22.0591 0700  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:53:22.0591 0700  msdsm - ok
15:53:22.0622 0700  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
15:53:22.0638 0700  MSDTC - ok
15:53:22.0638 0700  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:53:22.0638 0700  Msfs - ok
15:53:22.0654 0700  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:53:22.0654 0700  mshidkmdf - ok
15:53:22.0669 0700  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:53:22.0669 0700  msisadrv - ok
15:53:22.0700 0700  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:53:22.0700 0700  MSiSCSI - ok
15:53:22.0700 0700  msiserver - ok
15:53:22.0716 0700  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:53:22.0716 0700  MSKSSRV - ok
15:53:22.0763 0700  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:53:22.0763 0700  MsMpSvc - ok
15:53:22.0778 0700  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:53:22.0778 0700  MSPCLOCK - ok
15:53:22.0778 0700  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:53:22.0778 0700  MSPQM - ok
15:53:22.0841 0700  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:53:22.0841 0700  MsRPC - ok
15:53:22.0872 0700  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:53:22.0872 0700  mssmbios - ok
15:53:22.0872 0700  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:53:22.0872 0700  MSTEE - ok
15:53:22.0888 0700  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:53:22.0888 0700  MTConfig - ok
15:53:22.0888 0700  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:53:22.0888 0700  Mup - ok
15:53:22.0903 0700  MyFunCards_5mService - ok
15:53:22.0934 0700  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:53:22.0934 0700  napagent - ok
15:53:22.0966 0700  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:53:22.0966 0700  NativeWifiP - ok
15:53:23.0012 0700  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:53:23.0012 0700  NDIS - ok
15:53:23.0028 0700  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:53:23.0028 0700  NdisCap - ok
15:53:23.0044 0700  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:53:23.0044 0700  NdisTapi - ok
15:53:23.0075 0700  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:53:23.0075 0700  Ndisuio - ok
15:53:23.0122 0700  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:53:23.0122 0700  NdisWan - ok
15:53:23.0153 0700  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:53:23.0153 0700  NDProxy - ok
15:53:23.0153 0700  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:53:23.0153 0700  NetBIOS - ok
15:53:23.0184 0700  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:53:23.0184 0700  NetBT - ok
15:53:23.0200 0700  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:53:23.0200 0700  Netlogon - ok
15:53:23.0215 0700  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:53:23.0215 0700  Netman - ok
15:53:23.0231 0700  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:53:23.0246 0700  netprofm - ok
15:53:23.0278 0700  [ 1982B291DF9833FB3ADC397EBD310A18 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
15:53:23.0293 0700  netr28x - ok
15:53:23.0324 0700  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:53:23.0324 0700  NetTcpPortSharing - ok
15:53:23.0340 0700  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:53:23.0340 0700  nfrd960 - ok
15:53:23.0387 0700  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:53:23.0402 0700  NisDrv - ok
15:53:23.0418 0700  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
15:53:23.0434 0700  NisSrv - ok
15:53:23.0449 0700  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:53:23.0449 0700  NlaSvc - ok
15:53:23.0512 0700  [ 5839A8027D6D324A7CD494051A96628C ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
15:53:23.0558 0700  NOBU - ok
15:53:23.0574 0700  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:53:23.0574 0700  Npfs - ok
15:53:23.0605 0700  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
15:53:23.0605 0700  nsi - ok
15:53:23.0621 0700  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:53:23.0621 0700  nsiproxy - ok
15:53:23.0652 0700  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:53:23.0668 0700  Ntfs - ok
15:53:23.0699 0700  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:53:23.0699 0700  Null - ok
15:53:23.0746 0700  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:53:23.0746 0700  nvraid - ok
15:53:23.0761 0700  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:53:23.0761 0700  nvstor - ok
15:53:23.0777 0700  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:53:23.0777 0700  nv_agp - ok
15:53:23.0855 0700  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:53:23.0855 0700  odserv - ok
15:53:23.0870 0700  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:53:23.0870 0700  ohci1394 - ok
15:53:23.0902 0700  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:53:23.0902 0700  ose - ok
15:53:23.0917 0700  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:53:23.0917 0700  p2pimsvc - ok
15:53:23.0948 0700  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:53:23.0948 0700  p2psvc - ok
15:53:23.0964 0700  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:53:23.0964 0700  Parport - ok
15:53:23.0995 0700  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:53:23.0995 0700  partmgr - ok
15:53:23.0995 0700  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:53:24.0011 0700  PcaSvc - ok
15:53:24.0011 0700  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
15:53:24.0011 0700  pci - ok
15:53:24.0042 0700  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:53:24.0042 0700  pciide - ok
15:53:24.0058 0700  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:53:24.0058 0700  pcmcia - ok
15:53:24.0073 0700  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:53:24.0073 0700  pcw - ok
15:53:24.0073 0700  pdfcDispatcher - ok
15:53:24.0104 0700  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:53:24.0104 0700  PEAUTH - ok
15:53:24.0245 0700  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:53:24.0276 0700  PerfHost - ok
15:53:24.0307 0700  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
15:53:24.0338 0700  pla - ok
15:53:24.0354 0700  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:53:24.0370 0700  PlugPlay - ok
15:53:24.0370 0700  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:53:24.0370 0700  PNRPAutoReg - ok
15:53:24.0416 0700  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:53:24.0416 0700  PNRPsvc - ok
15:53:24.0448 0700  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:53:24.0448 0700  PolicyAgent - ok
15:53:24.0463 0700  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
15:53:24.0479 0700  Power - ok
15:53:24.0510 0700  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:53:24.0510 0700  PptpMiniport - ok
15:53:24.0526 0700  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:53:24.0526 0700  Processor - ok
15:53:24.0557 0700  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:53:24.0557 0700  ProfSvc - ok
15:53:24.0572 0700  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:53:24.0572 0700  ProtectedStorage - ok
15:53:24.0588 0700  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:53:24.0588 0700  Psched - ok
15:53:24.0635 0700  [ F6EA2DCE39F1ACCB2C6C38D61FC79075 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
15:53:24.0650 0700  QBCFMonitorService - ok
15:53:24.0697 0700  [ BAB30D2799754F6EA22F0B9076311793 ] QBFCService     C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
15:53:24.0697 0700  QBFCService - ok
15:53:24.0728 0700  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:53:24.0760 0700  ql2300 - ok
15:53:24.0775 0700  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:53:24.0775 0700  ql40xx - ok
15:53:24.0806 0700  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
15:53:24.0806 0700  QWAVE - ok
15:53:24.0806 0700  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:53:24.0822 0700  QWAVEdrv - ok
15:53:24.0822 0700  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:53:24.0822 0700  RasAcd - ok
15:53:24.0838 0700  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:53:24.0838 0700  RasAgileVpn - ok
15:53:24.0838 0700  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
15:53:24.0838 0700  RasAuto - ok
15:53:24.0884 0700  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:53:24.0884 0700  Rasl2tp - ok
15:53:24.0916 0700  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:53:24.0916 0700  RasMan - ok
15:53:24.0931 0700  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:53:24.0931 0700  RasPppoe - ok
15:53:24.0947 0700  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:53:24.0947 0700  RasSstp - ok
15:53:24.0978 0700  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:53:24.0978 0700  rdbss - ok
15:53:24.0994 0700  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:53:24.0994 0700  rdpbus - ok
15:53:25.0009 0700  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:53:25.0009 0700  RDPCDD - ok
15:53:25.0025 0700  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:53:25.0025 0700  RDPENCDD - ok
15:53:25.0040 0700  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:53:25.0040 0700  RDPREFMP - ok
15:53:25.0103 0700  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:53:25.0103 0700  RdpVideoMiniport - ok
15:53:25.0118 0700  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:53:25.0118 0700  RDPWD - ok
15:53:25.0150 0700  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:53:25.0150 0700  rdyboost - ok
15:53:25.0196 0700  [ 89525CC2DBAD44F7199B9CC188B3F9C5 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
15:53:25.0212 0700  RealNetworks Downloader Resolver Service - ok
15:53:25.0228 0700  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:53:25.0228 0700  RemoteAccess - ok
15:53:25.0259 0700  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:53:25.0259 0700  RemoteRegistry - ok
15:53:25.0290 0700  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:53:25.0290 0700  RpcEptMapper - ok
15:53:25.0306 0700  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:53:25.0321 0700  RpcLocator - ok
15:53:25.0321 0700  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
15:53:25.0337 0700  RpcSs - ok
15:53:25.0337 0700  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:53:25.0337 0700  rspndr - ok
15:53:25.0368 0700  [ F4C374B1C46DE294B573BB43723AC3F6 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:53:25.0368 0700  RTL8167 - ok
15:53:25.0384 0700  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
15:53:25.0384 0700  SamSs - ok
15:53:25.0415 0700  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:53:25.0415 0700  sbp2port - ok
15:53:25.0430 0700  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:53:25.0430 0700  SCardSvr - ok
15:53:25.0477 0700  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:53:25.0477 0700  scfilter - ok
15:53:25.0524 0700  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:53:25.0524 0700  Schedule - ok
15:53:25.0555 0700  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:53:25.0555 0700  SCPolicySvc - ok
15:53:25.0571 0700  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:53:25.0571 0700  SDRSVC - ok
15:53:25.0633 0700  [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort         C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
15:53:25.0633 0700  SeaPort - ok
15:53:25.0633 0700  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:53:25.0633 0700  secdrv - ok
15:53:25.0649 0700  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:53:25.0649 0700  seclogon - ok
15:53:25.0664 0700  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
15:53:25.0664 0700  SENS - ok
15:53:25.0680 0700  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:53:25.0680 0700  SensrSvc - ok
15:53:25.0696 0700  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:53:25.0696 0700  Serenum - ok
15:53:25.0711 0700  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:53:25.0711 0700  Serial - ok
15:53:25.0742 0700  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:53:25.0742 0700  sermouse - ok
15:53:25.0774 0700  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:53:25.0774 0700  SessionEnv - ok
15:53:25.0789 0700  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:53:25.0789 0700  sffdisk - ok
15:53:25.0805 0700  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:53:25.0805 0700  sffp_mmc - ok
15:53:25.0805 0700  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:53:25.0805 0700  sffp_sd - ok
15:53:25.0820 0700  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:53:25.0820 0700  sfloppy - ok
15:53:25.0852 0700  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:53:25.0852 0700  SharedAccess - ok
15:53:25.0867 0700  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:53:25.0867 0700  ShellHWDetection - ok
15:53:25.0883 0700  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:53:25.0883 0700  SiSRaid2 - ok
15:53:25.0883 0700  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:53:25.0898 0700  SiSRaid4 - ok
15:53:25.0898 0700  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:53:25.0914 0700  Smb - ok
15:53:25.0930 0700  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:53:25.0945 0700  SNMPTRAP - ok
15:53:25.0945 0700  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:53:25.0945 0700  spldr - ok
15:53:25.0976 0700  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
15:53:25.0976 0700  Spooler - ok
15:53:26.0054 0700  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:53:26.0101 0700  sppsvc - ok
15:53:26.0117 0700  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:53:26.0117 0700  sppuinotify - ok
15:53:26.0179 0700  [ 385F416318EE00FED8777C05C7AC86D0 ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
15:53:26.0195 0700  SpyHunter 4 Service - ok
15:53:26.0226 0700  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:53:26.0226 0700  srv - ok
15:53:26.0257 0700  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:53:26.0273 0700  srv2 - ok
15:53:26.0288 0700  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:53:26.0288 0700  srvnet - ok
15:53:26.0320 0700  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:53:26.0320 0700  SSDPSRV - ok
15:53:26.0320 0700  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:53:26.0320 0700  SstpSvc - ok
15:53:26.0335 0700  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:53:26.0335 0700  stexstor - ok
15:53:26.0366 0700  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:53:26.0366 0700  stisvc - ok
15:53:26.0382 0700  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:53:26.0382 0700  swenum - ok
15:53:26.0398 0700  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
15:53:26.0413 0700  swprv - ok
15:53:26.0507 0700  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
15:53:26.0538 0700  SysMain - ok
15:53:26.0538 0700  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:53:26.0538 0700  TabletInputService - ok
15:53:26.0554 0700  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:53:26.0554 0700  TapiSrv - ok
15:53:26.0569 0700  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
15:53:26.0569 0700  TBS - ok
15:53:26.0600 0700  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:53:26.0616 0700  Tcpip - ok
15:53:26.0663 0700  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:53:26.0663 0700  TCPIP6 - ok
15:53:26.0694 0700  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:53:26.0694 0700  tcpipreg - ok
15:53:26.0710 0700  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:53:26.0710 0700  TDPIPE - ok
15:53:26.0741 0700  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:53:26.0741 0700  TDTCP - ok
15:53:26.0756 0700  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:53:26.0756 0700  tdx - ok
15:53:26.0772 0700  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:53:26.0772 0700  TermDD - ok
15:53:26.0803 0700  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
15:53:26.0819 0700  TermService - ok
15:53:26.0850 0700  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:53:26.0866 0700  Themes - ok
15:53:26.0866 0700  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
15:53:26.0866 0700  THREADORDER - ok
15:53:26.0881 0700  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:53:26.0881 0700  TrkWks - ok
15:53:26.0928 0700  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:53:26.0928 0700  TrustedInstaller - ok
15:53:26.0944 0700  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:53:26.0944 0700  tssecsrv - ok
15:53:26.0990 0700  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:53:26.0990 0700  TsUsbFlt - ok
15:53:27.0006 0700  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:53:27.0006 0700  tunnel - ok
15:53:27.0022 0700  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:53:27.0022 0700  uagp35 - ok
15:53:27.0037 0700  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:53:27.0037 0700  udfs - ok
15:53:27.0053 0700  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:53:27.0053 0700  UI0Detect - ok
15:53:27.0084 0700  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:53:27.0084 0700  uliagpkx - ok
15:53:27.0100 0700  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
15:53:27.0100 0700  umbus - ok
15:53:27.0115 0700  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:53:27.0115 0700  UmPass - ok
15:53:27.0162 0700  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:53:27.0162 0700  upnphost - ok
15:53:27.0193 0700  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:53:27.0193 0700  USBAAPL64 - ok
15:53:27.0209 0700  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:53:27.0209 0700  usbccgp - ok
15:53:27.0240 0700  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:53:27.0256 0700  usbcir - ok
15:53:27.0256 0700  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:53:27.0256 0700  usbehci - ok
15:53:27.0287 0700  [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
15:53:27.0287 0700  usbfilter - ok
15:53:27.0318 0700  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:53:27.0318 0700  usbhub - ok
15:53:27.0334 0700  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:53:27.0334 0700  usbohci - ok
15:53:27.0365 0700  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:53:27.0365 0700  usbprint - ok
15:53:27.0396 0700  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:53:27.0396 0700  usbscan - ok
15:53:27.0396 0700  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:53:27.0412 0700  USBSTOR - ok
15:53:27.0427 0700  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:53:27.0427 0700  usbuhci - ok
15:53:27.0458 0700  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
15:53:27.0458 0700  UxSms - ok
15:53:27.0490 0700  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:53:27.0490 0700  VaultSvc - ok
15:53:27.0490 0700  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:53:27.0505 0700  vdrvroot - ok
15:53:27.0505 0700  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
15:53:27.0521 0700  vds - ok
15:53:27.0536 0700  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:53:27.0536 0700  vga - ok
15:53:27.0552 0700  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:53:27.0552 0700  VgaSave - ok
15:53:27.0583 0700  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:53:27.0583 0700  vhdmp - ok
15:53:27.0599 0700  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:53:27.0599 0700  viaide - ok
15:53:27.0630 0700  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:53:27.0630 0700  volmgr - ok
15:53:27.0661 0700  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:53:27.0661 0700  volmgrx - ok
15:53:27.0677 0700  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:53:27.0677 0700  volsnap - ok
15:53:27.0708 0700  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:53:27.0708 0700  vsmraid - ok
15:53:27.0739 0700  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
15:53:27.0770 0700  VSS - ok
15:53:27.0786 0700  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:53:27.0786 0700  vwifibus - ok
15:53:27.0817 0700  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:53:27.0817 0700  vwififlt - ok
15:53:27.0833 0700  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:53:27.0833 0700  vwifimp - ok
15:53:27.0848 0700  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
15:53:27.0848 0700  W32Time - ok
15:53:27.0864 0700  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:53:27.0864 0700  WacomPen - ok
15:53:27.0895 0700  WajamUpdater - ok
15:53:27.0942 0700  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:53:27.0942 0700  WANARP - ok
15:53:27.0942 0700  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:53:27.0942 0700  Wanarpv6 - ok
15:53:27.0973 0700  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:53:27.0989 0700  WatAdminSvc - ok
15:53:28.0036 0700  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:53:28.0051 0700  wbengine - ok
15:53:28.0067 0700  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:53:28.0082 0700  WbioSrvc - ok
15:53:28.0082 0700  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:53:28.0098 0700  wcncsvc - ok
15:53:28.0114 0700  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:53:28.0114 0700  WcsPlugInService - ok
15:53:28.0129 0700  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:53:28.0129 0700  Wd - ok
15:53:28.0160 0700  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:53:28.0176 0700  Wdf01000 - ok
15:53:28.0176 0700  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:53:28.0176 0700  WdiServiceHost - ok
15:53:28.0176 0700  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:53:28.0176 0700  WdiSystemHost - ok
15:53:28.0207 0700  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
15:53:28.0207 0700  WebClient - ok
15:53:28.0223 0700  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:53:28.0223 0700  Wecsvc - ok
15:53:28.0238 0700  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:53:28.0254 0700  wercplsupport - ok
15:53:28.0363 0700  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:53:28.0363 0700  WerSvc - ok
15:53:28.0363 0700  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:53:28.0363 0700  WfpLwf - ok
15:53:28.0394 0700  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:53:28.0394 0700  WIMMount - ok
15:53:28.0394 0700  WinDefend - ok
15:53:28.0394 0700  WinHttpAutoProxySvc - ok
15:53:28.0457 0700  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:53:28.0457 0700  Winmgmt - ok
15:53:28.0504 0700  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
15:53:28.0550 0700  WinRM - ok
15:53:28.0582 0700  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:53:28.0582 0700  WinUsb - ok
15:53:28.0613 0700  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:53:28.0613 0700  Wlansvc - ok
15:53:28.0706 0700  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:53:28.0738 0700  wlidsvc - ok
15:53:28.0769 0700  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:53:28.0769 0700  WmiAcpi - ok
15:53:28.0800 0700  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:53:28.0800 0700  wmiApSrv - ok
15:53:28.0800 0700  WMPNetworkSvc - ok
15:53:28.0831 0700  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:53:28.0831 0700  WPCSvc - ok
15:53:28.0862 0700  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:53:28.0862 0700  WPDBusEnum - ok
15:53:28.0862 0700  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:53:28.0862 0700  ws2ifsl - ok
15:53:28.0878 0700  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
15:53:28.0878 0700  wscsvc - ok
15:53:28.0894 0700  WSearch - ok
15:53:28.0987 0700  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:53:29.0018 0700  wuauserv - ok
15:53:29.0034 0700  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:53:29.0050 0700  WudfPf - ok
15:53:29.0065 0700  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:53:29.0065 0700  WUDFRd - ok
15:53:29.0081 0700  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:53:29.0081 0700  wudfsvc - ok
15:53:29.0096 0700  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:53:29.0096 0700  WwanSvc - ok
15:53:29.0143 0700  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
15:53:29.0143 0700  YahooAUService - ok
15:53:29.0159 0700  ================ Scan global ===============================
15:53:29.0206 0700  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:53:29.0237 0700  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:53:29.0252 0700  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:53:29.0268 0700  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:53:29.0284 0700  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:53:29.0284 0700  [Global] - ok
15:53:29.0284 0700  ================ Scan MBR ==================================
15:53:29.0299 0700  [ 01C482CDE853F0F78151C0E03F9D41F1 ] \Device\Harddisk0\DR0
15:53:29.0455 0700  \Device\Harddisk0\DR0 - ok
15:53:29.0455 0700  ================ Scan VBR ==================================
15:53:29.0486 0700  [ 26A127916C18584950905030935C0B9B ] \Device\Harddisk0\DR0\Partition1
15:53:29.0486 0700  \Device\Harddisk0\DR0\Partition1 - ok
15:53:29.0486 0700  [ 8425F4ABBA4FBF77408A03DB15E17E4D ] \Device\Harddisk0\DR0\Partition2
15:53:29.0486 0700  \Device\Harddisk0\DR0\Partition2 - ok
15:53:29.0518 0700  [ E42CBB87F581F7713550DF79B572F32F ] \Device\Harddisk0\DR0\Partition3
15:53:29.0518 0700  \Device\Harddisk0\DR0\Partition3 - ok
15:53:29.0518 0700  ============================================================
15:53:29.0518 0700  Scan finished
15:53:29.0518 0700  ============================================================
15:53:29.0518 1472  Detected object count: 0
15:53:29.0518 1472  Actual detected object count: 0
 

Results of Malwarebytes.  **As you can see, I didn't delete the PUP Software Updater files as they weren't checked.  Should I go back and remove those also?  Actually things seem to be working at the moment, but I got it working once before and it reverted back.  Do you think I'm good to go now? Thanks!

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.04.25.08

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.7601.17514
Laurie :: LAURIE-HP [administrator]

4/25/2013 4:05:12 PM
mbam-log-2013-04-25 (16-05-12).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 554772
Time elapsed: 55 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 6
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> No action taken.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> No action taken.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> No action taken.
HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> No action taken.
HKCR\Updater.AmiUpd (PUP.Software.Updater) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Users\Laurie\AppData\Local\SwvUpdater\Updater.exe (PUP.Software.Updater) -> No action taken.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> No action taken.
C:\Users\Laurie\AppData\Local\Temp\D2M-Precheck.exe (Trojan.MSIL) -> Quarantined and deleted successfully.

(end)

 

 

 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:19 AM

Posted 25 April 2013 - 08:06 PM

Hello your MBAM log shows this" No action taken."

this may mean you did not select Remove selected, If so you need torero it.

 

I'd like to run 2 more and see how it is..

 

Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Mystic4

Mystic4
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 25 April 2013 - 11:20 PM

Here are the other two.  Thanks!

 

AdwCleaner:

 

# AdwCleaner v2.202 - Logfile created 04/25/2013 at 18:21:20
# Updated 23/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Laurie - LAURIE-HP
# Boot Mode : Normal
# Running from : C:\Users\Laurie\Desktop\AdwCleaner.exe
# Option [Delete]

***** [Services] *****

Stopped & Deleted : WajamUpdater

***** [Files / Folders] *****

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Folder Deleted : C:\Users\Donnie\AppData\LocalLow\MyFunCards_5m
Folder Deleted : C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Deleted : C:\Users\Laurie\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Laurie\AppData\Local\Wajam
Folder Deleted : C:\Users\Laurie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Deleted : C:\Users\RD\AppData\LocalLow\MyFunCards_5m

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C4B22C87-45EF-4F43-89F2-40DB2078864E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DA71FD14-5F7B-46AE-B8B1-44074A38F331}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4B22C87-45EF-4F43-89F2-40DB2078864E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DA71FD14-5F7B-46AE-B8B1-44074A38F331}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [9900 octets] - [25/04/2013 18:21:20]

########## EOF - C:\AdwCleaner[S1].txt - [9960 octets] ##########

 

Eset Online Scanner:

 

C:\Users\Laurie\AppData\Local\Temp\SolidSavings.exe multiple threats cleaned by deleting - quarantined
C:\Users\Laurie\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_data\stubinst_pkg_en-us.cab Win32/OpenCandy application deleted - quarantined



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:19 AM

Posted 26 April 2013 - 09:57 AM

How are the original issues now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Mystic4

Mystic4
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 26 April 2013 - 01:00 PM

Everything seems to be working fine.  Am I good to go?  Is there any of this I should do on a regular basis?  Thank you so much!



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:19 AM

Posted 27 April 2013 - 09:39 AM

OK great! Lets see one more quick log and I'll tell you what you need to do.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Mystic4

Mystic4
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 27 April 2013 - 10:10 AM

Here you go!  Thanks!

 

MiniToolBox by Farbar  Version:21-04-2013
Ran by Laurie (administrator) on 27-04-2013 at 08:07:33
Running from "C:\Users\Laurie\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

 

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)
802.11n Wireless LAN Card = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Laurie-HP
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 1C-65-9D-96-58-2A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 802.11n Wireless LAN Card
   Physical Address. . . . . . . . . : 1C-65-9D-96-58-2B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5160:6d0f:81e2:c207%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.101(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, April 25, 2013 6:23:31 PM
   Lease Expires . . . . . . . . . . : Sunday, April 28, 2013 6:16:07 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 236742045
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-36-8A-AF-64-31-50-24-DC-E1
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 64-31-50-24-DC-E1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f940:c321:f8b5:3594%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.161(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, April 25, 2013 6:23:26 PM
   Lease Expires . . . . . . . . . . : Sunday, April 28, 2013 6:16:13 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 265586020
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-36-8A-AF-64-31-50-24-DC-E1
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{BFFD885C-069F-4608-8CB0-6AC8F405D921}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{4F16E45F-0388-463A-9DBD-2D400F073A56}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.0.1

Name:    google.com
Addresses:  2001:4860:4001:803::1002
   74.125.239.130
   74.125.239.135
   74.125.239.129
   74.125.239.137
   74.125.239.133
   74.125.239.132
   74.125.239.131
   74.125.239.134
   74.125.239.128
   74.125.239.142
   74.125.239.136

Pinging google.com [74.125.224.105] with 32 bytes of data:
Reply from 74.125.224.105: bytes=32 time=22ms TTL=53
Reply from 74.125.224.105: bytes=32 time=22ms TTL=53

Ping statistics for 74.125.224.105:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 22ms, Maximum = 22ms, Average = 22ms
Server:  UnKnown
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  206.190.36.45
   98.138.253.109
   98.139.183.24

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=321ms TTL=46
Reply from 98.138.253.109: bytes=32 time=187ms TTL=46

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 187ms, Maximum = 321ms, Average = 254ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...1c 65 9d 96 58 2a ......Microsoft Virtual WiFi Miniport Adapter
 12...1c 65 9d 96 58 2b ......802.11n Wireless LAN Card
 11...64 31 50 24 dc e1 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 10...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.161     20
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.101     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.161    276
      192.168.0.0    255.255.255.0         On-link     192.168.0.101    281
    192.168.0.101  255.255.255.255         On-link     192.168.0.101    281
    192.168.0.161  255.255.255.255         On-link     192.168.0.161    276
    192.168.0.255  255.255.255.255         On-link     192.168.0.161    276
    192.168.0.255  255.255.255.255         On-link     192.168.0.101    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.161    276
        224.0.0.0        240.0.0.0         On-link     192.168.0.101    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.161    276
  255.255.255.255  255.255.255.255         On-link     192.168.0.101    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 fe80::/64                On-link
 12    281 fe80::/64                On-link
 12    281 fe80::5160:6d0f:81e2:c207/128
                                    On-link
 11    276 fe80::f940:c321:f8b5:3594/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/26/2013 05:42:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8080

Error: (04/26/2013 05:42:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8080

Error: (04/26/2013 05:42:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/26/2013 05:42:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7066

Error: (04/26/2013 05:42:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7066

Error: (04/26/2013 05:42:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/26/2013 05:42:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6068

Error: (04/26/2013 05:42:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6068

Error: (04/26/2013 05:42:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/26/2013 05:42:33 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5070

System errors:
=============
Error: (04/26/2013 03:52:48 PM) (Source: DCOM) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (04/25/2013 06:23:34 PM) (Source: Service Control Manager) (User: )
Description: The MyFunCardsService service failed to start due to the following error:
%%2

Error: (04/25/2013 06:23:28 PM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.1 service failed to start due to the following error:
%%2

Error: (04/25/2013 06:23:25 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:22:34 PM on ?4/?25/?2013 was unexpected.

Error: (04/25/2013 06:22:29 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (04/25/2013 06:19:59 PM) (Source: Service Control Manager) (User: )
Description: The WajamUpdater service failed to start due to the following error:
%%2

Error: (04/25/2013 06:19:56 PM) (Source: Service Control Manager) (User: )
Description: The MyFunCardsService service failed to start due to the following error:
%%2

Error: (04/25/2013 06:19:48 PM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.1 service failed to start due to the following error:
%%2

Error: (04/25/2013 06:18:58 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (04/25/2013 05:11:16 PM) (Source: Service Control Manager) (User: )
Description: The WajamUpdater service failed to start due to the following error:
%%2

Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
18 Wheels of Steel - American Long Haul (Version: 2.2.0.95)
18 Wheels of Steel Extreme Trucker (Version: 2.2.0.95)
2007 Microsoft Office system (Version: 12.0.6612.1000)
ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.4512)
Adobe AIR (Version: 3.7.0.1530)
Adobe CreatePDF Desktop Printer (Version: 3.1.1)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.169)
Adobe Reader X (10.1.6) (Version: 10.1.6)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
AMD Accelerated Video Transcoding (Version: 12.5.100.20704)
AMD APP SDK Runtime (Version: 10.0.937.2)
AMD Catalyst Install Manager (Version: 8.0.877.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0704.122.388)
AMD Media Foundation Decoders (Version: 1.0.70704.0230)
AMD Problem Report Wizard (Version: 3.0.851.0)
AMD VISION Engine Control Center (Version: 2012.0704.122.388)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ArcSoft MediaImpression
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 7.0.609.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blender (Version: 2.59-release)
Bonjour (Version: 3.0.0.10)
Build-a-lot 2 (Version: 2.2.0.95)
Carbonite (Version: 5.3.1 build 2232 (Aug-29-2012))
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0704.122.388)
Catalyst Control Center InstallProxy (Version: 2012.0704.122.388)
Catalyst Control Center Localization All (Version: 2012.0704.122.388)
CCC Help Chinese Standard (Version: 2012.0704.0121.388)
CCC Help Chinese Traditional (Version: 2012.0704.0121.388)
CCC Help Czech (Version: 2012.0704.0121.388)
CCC Help Danish (Version: 2012.0704.0121.388)
CCC Help Dutch (Version: 2012.0704.0121.388)
CCC Help English (Version: 2012.0704.0121.388)
CCC Help Finnish (Version: 2012.0704.0121.388)
CCC Help French (Version: 2012.0704.0121.388)
CCC Help German (Version: 2012.0704.0121.388)
CCC Help Greek (Version: 2012.0704.0121.388)
CCC Help Hungarian (Version: 2012.0704.0121.388)
CCC Help Italian (Version: 2012.0704.0121.388)
CCC Help Japanese (Version: 2012.0704.0121.388)
CCC Help Korean (Version: 2012.0704.0121.388)
CCC Help Norwegian (Version: 2012.0704.0121.388)
CCC Help Polish (Version: 2012.0704.0121.388)
CCC Help Portuguese (Version: 2011.0309.2205.39672)
CCC Help Portuguese (Version: 2012.0704.0121.388)
CCC Help Russian (Version: 2012.0704.0121.388)
CCC Help Spanish (Version: 2012.0704.0121.388)
CCC Help Swedish (Version: 2012.0704.0121.388)
CCC Help Thai (Version: 2012.0704.0121.388)
CCC Help Turkish (Version: 2012.0704.0121.388)
ccc-utility64 (Version: 2012.0704.122.388)
Chuzzle Deluxe (Version: 2.2.0.95)
CinemaNow Media Manager (Version: 1.9.1.105)
cleosviproom
Coupon Printer for Windows (Version: 5.0.0.1)
CyberLink DVD Suite Deluxe (Version: 7.0.2823)
D3DX10 (Version: 15.4.2368.0902)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's Carnival Adventure (Version: 2.2.0.95)
DVD Menu Pack for HP MediaSmart Video (Version: 4.1.4030)
Epson Copy Utility 3.5 (Version: 3.5.0.0)
Epson Event Manager (Version: 2.30.01)
EPSON Perfection V30/V300 Photo Scanner Driver Update
EPSON Scan
Escape Rosecliff Island (Version: 2.2.0.95)
ESET Online Scanner v3
FATE (Version: 2.2.0.95)
File Type Assistant
Final Drive Fury (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
FireShot for Internet Explorer
Google Chrome (Version: 26.0.1410.64)
Google Earth (Version: 7.0.3.8542)
Google Update Helper (Version: 1.3.21.135)
GoToMeeting 4.5.0.457
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Games (Version: 1.0.2.5)
HP MediaSmart CinemaNow 2.0 (Version: 2.0)
HP MediaSmart DVD (Version: 4.1.4229)
HP MediaSmart Music (Version: 4.1.4301)
HP MediaSmart Photo (Version: 4.1.4211)
HP MediaSmart SmartMenu (Version: 3.1.1.12)
HP MediaSmart Video (Version: 4.1.4214)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.3.0)
HP Odometer (Version: 2.10.0000)
HP Product Detection (Version: 11.14.0001)
HP Setup (Version: 8.1.4186.3400)
HP Support Assistant (Version: 7.0.39.15)
HP Support Information (Version: 10.1.0002)
HP Update (Version: 5.002.003.003)
HP Vision Hardware Diagnostics (Version: 2.1.2.27173)
Hulu Desktop (Version: 0.9.13)
HydraVision (Version: 4.2.218.0)
iCloud (Version: 2.1.2.8)
iTunes (Version: 11.0.2.26)
Java 7 Update 15 (Version: 7.0.150)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 31 (Version: 6.0.310)
JavaFX 2.1.0 (Version: 2.1.0)
Jewel Quest 3 (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
join.me (Version: 1.5.2.214)
Junk Mail filter update (Version: 15.4.3502.0922)
Kobo
LabelPrint (Version: 2.5.2823)
LightScribe System Software (Version: 1.18.15.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MobileMe Control Panel (Version: 3.1.5.0)
Movie Theme Pack for HP MediaSmart Video (Version: 4.1.4030)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Norton Online Backup (Version: 2.1.17869)
PDF Complete Special Edition (Version: 3.5.111)
Penguins! (Version: 2.2.0.95)
PhotoNow! (Version: 1.1.6904)
PictureMover (Version: 3.5.0.28)
Plants vs. Zombies (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
PokerStars.net
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4022)
PowerDirector (Version: 8.0.2906)
PressReader (Version: 5.10.621.0)
QuickBooks Pro 2008 (Version: 18.0.4010.606)
QuickTime (Version: 7.73.80.64)
RealDownloader (Version: 1.3.1)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6196)
RealUpgrade 1.1 (Version: 1.1.0)
Recovery Manager (Version: 5.5.2926)
RoboForm 7-8-8-5 (Version: 7-8-8-5)
Roxio CinemaNow 2.0 (Version: 1.0.284)
Safari (Version: 5.34.57.2)
Serif PhotoPlus X3 (Version: 13.0.2.012)
ShopAtHome.com Helper (Version: 7.0.1.0)
ShopAtHome.com Toolbar (Version: 7.0.1.0)
SpyHunter (Version: 4.12.13.4202)
SupportSoft Assisted Service (Version: 15)
swMSM (Version: 12.0.0.1)
Unity Web Player (Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
Virtual Families (Version: 2.2.0.95)
Virtual Villagers - The Secret City (Version: 2.2.0.95)
WebEx
Wheel of Fortune 2 (Version: 2.2.0.95)
WildTangent Games (Version: 1.0.3.0)
WildTangent Games App (HP Games) (Version: 4.0.10.5)
WildTangent Games App (Version: 4.0.9.7)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahoo! Software Update
Yahoo! Toolbar
YNAB 3 (Version: 3.6.0)
YNAB 3 (Version: 3.6.0.5)
Zinio Reader 4 (Version: 4.0.2811)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 5887.29 MB
Available physical RAM: 4434.72 MB
Total Pagefile: 11772.75 MB
Available Pagefile: 9394.37 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.09 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:919.33 GB) (Free:850.62 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:12.08 GB) (Free:1.48 GB) NTFS

========================= Users: ========================================

User accounts for \\LAURIE-HP

Admin Testing            Administrator            Donnie                  
Guest                    Laurie                   RD                      

**** End of log ****



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:19 AM

Posted 27 April 2013 - 07:01 PM

OK, Please remove these, older versions are exploitable.

 

Yahoo! Toolbar, unless you like and use it.

 

Java 7 Update 15 (Version: 7.0.150)
Java™ 6 Update 31 (Version: 6.0.310)

Reboot

 

Install Version 7 Update 21

 

Now update to Adobe Reader XI

 

 

I would keep and run MBAM every week after uodating.

I would also run ADWcleaner  weekly..This needs to be downloaded again to get the newest.

 

 

Should you remove the PUPs (means Potentially Unwanted Program)

\SwvUpdater belongs to http://www.amonetize.com/

Looks like spyware ... I'd dump it.

In fact the amiupda is also tied to it so remove them  all.

 

 

Now you should Create a New Restore Point (alternate method) to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:

  • Go to Start > All Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.

Then use Disk Cleanup to remove all but the newly created Restore Point.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Mystic4

Mystic4
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 27 April 2013 - 09:15 PM

Before I go any farther, I can't seem to delete the Yahoo toolbar.  I click on it under add/remove programs and click uninstall and nothing happens.  When I click uninstall again I get this message - "Please wait until the current program is finished uninstalling or being changed."  I can't seem to find it anywhere else.  It's not under View - Toolbars.  Is there somewhere else I can go to delete it or make sure it's removed?  I did try rebooting and didn't open any browsers and it still shows under installed programs, but it won't remove.

 

Also, I'm not really sure where to find out if these are still on my computer.  I did go back and run the malwares again after the first time you had me do it and deleted all the PUPs files.  I don't know what the amiupda is. 

 

Should you remove the PUPs (means Potentially Unwanted Program)

\SwvUpdater belongs to http://www.amonetize.com/

Looks like spyware ... I'd dump it.

In fact the amiupda is also tied to it so remove them  all.

 

Thank you!



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:19 AM

Posted 27 April 2013 - 10:19 PM

HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> No action taken.
 
AmiUpdate.net, working in partnership with Hyperion Entertainment CVBA
Again looks like adware..
You deleted them in the first scan then.
 
If using Firefox see  How do I remove Yahoo tool bar?
 
In Internet explore try
Revo Uninstaller:
1.Please download Revo Uninstaller
2.Extract the ZIP file to a folder and run revouninstaller.exe from there! (You can copy that folder to an USB Mass storage drive and use it without any installation required!)
3.There are two ways to uninstall programs with Revo Uninstaller:
Important: Please, try to close the application you want to uninstall first!
Select the application in the list of installed applications and press the Uninstall button in the toolbar.
Right-click the application and click the Uninstall command in the displayed menu. Follow the instructions.
 
 


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Mystic4

Mystic4
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 27 April 2013 - 11:12 PM

All done!  Everything seems to be working fine!  Am I good to go?  If so, I can't thank you enough! 



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:19 AM

Posted 27 April 2013 - 11:35 PM

If you created the new restore point .. then we're done.. Thanks for visiting us! :thumbup2:


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Mystic4

Mystic4
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 01 May 2013 - 10:58 PM

I'm back to where I was again!  Bummer!  Everything was working so well.  Do I repeat the above process or do I use the restore point that I created?  Thanks!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users