Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I have SOMETHING going on....help


  • Please log in to reply
11 replies to this topic

#1 kowgrl

kowgrl

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:05 PM

Posted 15 May 2013 - 08:36 AM

I have no idea what sort of virus this is...but it is making me crazy!  For about two weeks now, it sounds as if a "commercial" is playing thru my speakers even if the internet is not open on my screen.  There is never any pictures displayed, just the sound.  It has been audio about Credit Reports, and Insurance Companies.....it started off as snippets of bleed thru but now is the full sound. 

 

I have Norton 360 running and have also run Malwarebytes AntiMalware and SUPER AntiSpyware with no luck.  I will post the log from the SUPER AntiSpyware below.  I am currently re-running the Malwarebytes to see if it catches anything and will post the log after it finishes.  Anyone have any idea "what" I got???

 

 

 

 

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/14/2013 at 02:25 PM

Application Version : 5.6.1018

Core Rules Database Version : 10396
Trace Rules Database Version: 8208

Scan type       : Complete Scan
Total Scan Time : 01:41:57

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 586
Memory threats detected   : 0
Registry items scanned    : 71359
Registry threats detected : 0
File items scanned        : 151748
File threats detected     : 97

Adware.Tracking Cookie
    .invitemedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT\COOKIES.SQLITE ]
    .kontera.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT\COOKIES.SQLITE ]
    network.realmedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .pointroll.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .akamai.interclickproxy.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    dc.tremormedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .adxpose.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    d.gravityadnetwork.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    media.creativememories.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    stats-newyork1.bloxcms.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    stats-newyork1.bloxcms.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    stats-newyork1.bloxcms.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    stats-newyork1.bloxcms.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .clickbooth.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .mediaforge.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .mediaforge.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .lucidmedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    ads.saymedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    ads.saymedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .pointroll.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    account.norton.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    account.norton.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    account.norton.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .account.norton.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .account.norton.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .account.norton.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .mediaplex.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    statse.webtrendslive.com [ C:\USERS\KING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N3SHEAU3.DEFAULT - COPY\COOKIES.SQLITE ]
    cdn.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q846PN7Y ]
    cdn2.baronsmedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q846PN7Y ]
 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:05 PM

Posted 15 May 2013 - 09:14 AM

Welcome kowgrl

 

 lets run these and see how it is after.

 

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

 

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

 

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

 

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

 

>>>>>

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.

 

 

Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

NOTE:Sometimes if ESET finds no infections it will not create a log.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 kowgrl

kowgrl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:05 PM

Posted 16 May 2013 - 11:26 AM

Thanks...here is the result.txt from the minitoolbox

MiniToolBox by Farbar  Version:21-04-2013
Ran by King (administrator) on 16-05-2013 at 12:17:19
Running from "C:\Users\King\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : King-HP
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.pa.comcast.net.

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : hsd1.pa.comcast.net.
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 38-60-77-A8-5D-8F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b2:d3fe:1e8:66ed%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.105(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, May 14, 2013 8:21:49 AM
   Lease Expires . . . . . . . . . . : Friday, May 17, 2013 9:06:11 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 283142549
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-7A-A4-34-38-60-77-A8-5D-8F
   DNS Servers . . . . . . . . . . . : 75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.pa.comcast.net.:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.pa.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  75.75.75.75

Name:    google.com
Addresses:  2607:f8b0:4006:803::1001
      173.194.43.0
      173.194.43.3
      173.194.43.7
      173.194.43.4
      173.194.43.9
      173.194.43.14
      173.194.43.8
      173.194.43.1
      173.194.43.2
      173.194.43.6
      173.194.43.5


Pinging google.com [74.125.226.224] with 32 bytes of data:
Reply from 74.125.226.224: bytes=32 time=13ms TTL=55
Reply from 74.125.226.224: bytes=32 time=13ms TTL=55

Ping statistics for 74.125.226.224:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 13ms, Maximum = 13ms, Average = 13ms
Server:  cdns01.comcast.net
Address:  75.75.75.75

Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=858ms TTL=49
Reply from 206.190.36.45: bytes=32 time=884ms TTL=49

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 858ms, Maximum = 884ms, Average = 871ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...38 60 77 a8 5d 8f ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.105     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.105    276
    192.168.1.105  255.255.255.255         On-link     192.168.1.105    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.105    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.105    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.105    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 13    276 fe80::/64                On-link
 13    276 fe80::b2:d3fe:1e8:66ed/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/16/2013 05:11:04 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000016129
Faulting process id: 0xeb4
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (05/15/2013 05:25:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: Flash64_11_7_700_202.ocx, version: 11.7.700.202, time stamp: 0x51801ccd
Exception code: 0xc0000005
Fault offset: 0x000000000024e598
Faulting process id: 0x19d4
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (05/15/2013 09:13:16 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: MSHTML.dll, version: 10.0.9200.16540, time stamp: 0x5125e87b
Exception code: 0xc0000005
Fault offset: 0x00000000005fc381
Faulting process id: 0x1cc
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (05/14/2013 10:58:37 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13042

Error: (05/14/2013 10:58:37 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13042

Error: (05/14/2013 10:58:37 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/14/2013 10:58:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12044

Error: (05/14/2013 10:58:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12044

Error: (05/14/2013 10:58:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/14/2013 10:58:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11045


System errors:
=============
Error: (05/16/2013 00:11:27 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (05/16/2013 05:12:58 AM) (Source: Service Control Manager) (User: )
Description: The Windows Management Instrumentation service terminated unexpectedly.  It has done this 3 time(s).

Error: (05/16/2013 05:12:58 AM) (Source: Service Control Manager) (User: )
Description: The Themes service terminated unexpectedly.  It has done this 3 time(s).

Error: (05/16/2013 05:12:58 AM) (Source: Service Control Manager) (User: )
Description: The Shell Hardware Detection service terminated unexpectedly.  It has done this 3 time(s).

Error: (05/16/2013 05:12:58 AM) (Source: Service Control Manager) (User: )
Description: The System Event Notification Service service terminated unexpectedly.  It has done this 3 time(s).

Error: (05/16/2013 05:12:58 AM) (Source: Service Control Manager) (User: )
Description: The Task Scheduler service terminated unexpectedly.  It has done this 3 time(s).

Error: (05/16/2013 05:12:58 AM) (Source: Service Control Manager) (User: )
Description: The User Profile Service service terminated unexpectedly.  It has done this 3 time(s).

Error: (05/16/2013 05:12:58 AM) (Source: Service Control Manager) (User: )
Description: The Server service terminated unexpectedly.  It has done this 3 time(s).

Error: (05/16/2013 05:12:58 AM) (Source: Service Control Manager) (User: )
Description: The IP Helper service terminated unexpectedly.  It has done this 3 time(s).

Error: (05/16/2013 05:12:58 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly.  It has done this 3 time(s).


Microsoft Office Sessions:
=========================
Error: (05/16/2013 05:11:04 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1unknown0.0.0.000000000c00000050000000000016129eb401ce51b3015c6f05C:\Windows\system32\svchost.exeunknown886bd493-be08-11e2-b1d8-386077a85d8f

Error: (05/15/2013 05:25:17 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1Flash64_11_7_700_202.ocx11.7.700.20251801ccdc0000005000000000024e59819d401ce516eb4ac8429C:\Windows\system32\svchost.exeC:\Windows\system32\Macromed\Flash\Flash64_11_7_700_202.ocxefa88f84-bda5-11e2-b1d8-386077a85d8f

Error: (05/15/2013 09:13:16 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1MSHTML.dll10.0.9200.165405125e87bc000000500000000005fc3811cc01ce509d9a5a2164C:\Windows\system32\svchost.exeC:\Windows\system32\MSHTML.dll33bb29ad-bd61-11e2-b1d8-386077a85d8f

Error: (05/14/2013 10:58:37 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13042

Error: (05/14/2013 10:58:37 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13042

Error: (05/14/2013 10:58:37 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/14/2013 10:58:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12044

Error: (05/14/2013 10:58:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12044

Error: (05/14/2013 10:58:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/14/2013 10:58:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11045


CodeIntegrity Errors:
===================================
  Date: 2013-05-16 12:04:00.116
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-16 09:44:20.925
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-16 09:34:43.691
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-16 09:15:41.048
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-16 08:59:16.637
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-16 07:24:20.161
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-16 06:56:50.405
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-16 06:41:25.294
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-16 06:20:46.939
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-16 05:53:51.419
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Adobe AIR (Version: 2.6.0.19120)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Bejeweled 3 (Version: 2.2.0.97)
Bing Bar (Version: 7.1.391.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.97)
Blio (Version: 2.2.6699)
Bonjour (Version: 3.0.0.10)
Bounce Symphony (Version: 2.2.0.97)
Cake Mania (Version: 2.2.0.95)
Chronicles of Albian (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
Cradle of Rome 2 (Version: 2.2.0.95)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diablo III (Version: 1.0.7.15295)
Drivers Install For Linksys Easylink Advisor (Version: 2.0.9)
Epson Event Manager (Version: 2.40.0000)
EPSON NX125 NX127 Series Printer Uninstall
EPSON Scan
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.97)
Governor of Poker 2 Premium Edition (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Games (Version: 1.0.2.5)
HP LinkUp (Version: 2.01.028)
HP MovieStore (Version: 1.0.057)
HP MovieStore (Version: 2.0)
HP Odometer (Version: 2.10.0000)
HP Setup (Version: 8.7.4747.3786)
HP Setup Manager (Version: 1.1.13880.3792)
HP Support Assistant (Version: 7.0.39.15)
HP Support Information (Version: 10.1.1000)
HP Update (Version: 5.002.003.003)
HP Vision Hardware Diagnostics (Version: 2.9.0.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2291)
iTunes (Version: 11.0.2.26)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Jewel Quest: The Sleepless Star - Collector's Edition (Version: 2.2.0.95)
join.me (Version: 1.9.0.133)
Joint Operations: Escalation (Version: 1.00.0000)
Joint Operations: Typhoon Rising (Version: 1.00.0000)
Junk Mail filter update (Version: 15.4.3502.0922)
KeePass Password Safe 1.21 (Version: 1.21)
Kobo (Version: 1.6)
LabelPrint (Version: 2.5.3925)
Linksys EasyLink Advisor 1.6 (0032)
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mathematics (Version: 4.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 21.0 (x86 en-US) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery of Mortlake Mansion (Version: 2.2.0.97)
Namco All-Stars: PAC-MAN (Version: 2.2.0.95)
Norton 360 (Version: 20.3.1.22)
Norton Online Backup (Version: 2.1.17869)
PDF Complete Special Edition (Version: 4.0.54)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.5331)
PressReader (Version: 5.10.1217.0)
PunkBuster for Joint Operations: Typhoon Rising (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6378)
Recovery Manager (Version: 5.5.0.4320)
Remote Graphics Receiver (Version: 5.4.5)
RoxioNow Player (Version: 1.9.5.103)
Slingo Supreme (Version: 2.2.0.97)
SUPERAntiSpyware (Version: 5.6.1018)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Installer for WildTangent Games App
Vacation Quest - The Hawaiian Islands (Version: 2.2.0.97)
Virtual Villagers 5 - New Believers (Version: 2.2.0.97)
WildTangent Games App (HP Games) (Version: 4.0.10.5)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WModem Driver Installer (Version: 2.0.6.9)
Zinio Reader 4 (Version: 4.2.4164)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 73%
Total physical RAM: 4002.53 MB
Available physical RAM: 1045.92 MB
Total Pagefile: 8003.24 MB
Available Pagefile: 2063.48 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.18 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:919.91 GB) (Free:841.86 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.5 GB) (Free:1.41 GB) NTFS

========================= Users: ========================================

User accounts for \\KING-HP

Administrator            Guest                    King                     


**** End of log ****
 



#4 kowgrl

kowgrl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:05 PM

Posted 16 May 2013 - 11:38 AM

And here is the TDSS file

 

12:29:06.0995 13980  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:29:09.0023 13980  ============================================================
12:29:09.0023 13980  Current date / time: 2013/05/16 12:29:09.0023
12:29:09.0023 13980  SystemInfo:
12:29:09.0023 13980  
12:29:09.0023 13980  OS Version: 6.1.7601 ServicePack: 1.0
12:29:09.0023 13980  Product type: Workstation
12:29:09.0023 13980  ComputerName: KING-HP
12:29:09.0023 13980  UserName: King
12:29:09.0023 13980  Windows directory: C:\Windows
12:29:09.0023 13980  System windows directory: C:\Windows
12:29:09.0023 13980  Running under WOW64
12:29:09.0023 13980  Processor architecture: Intel x64
12:29:09.0023 13980  Number of processors: 2
12:29:09.0023 13980  Page size: 0x1000
12:29:09.0023 13980  Boot type: Normal boot
12:29:09.0023 13980  ============================================================
12:29:11.0800 13980  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:29:11.0847 13980  ============================================================
12:29:11.0847 13980  \Device\Harddisk0\DR0:
12:29:11.0847 13980  MBR partitions:
12:29:11.0847 13980  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:29:11.0847 13980  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72FD1000
12:29:11.0847 13980  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x73003800, BlocksNum 0x1702800
12:29:11.0847 13980  ============================================================
12:29:11.0878 13980  C: <-> \Device\Harddisk0\DR0\Partition2
12:29:12.0065 13980  D: <-> \Device\Harddisk0\DR0\Partition3
12:29:12.0096 13980  ============================================================
12:29:12.0096 13980  Initialize success
12:29:12.0096 13980  ============================================================
12:29:16.0745 11588  ============================================================
12:29:16.0745 11588  Scan started
12:29:16.0745 11588  Mode: Manual;
12:29:16.0745 11588  ============================================================
12:29:18.0570 11588  ================ Scan system memory ========================
12:29:18.0570 11588  System memory - ok
12:29:18.0586 11588  ================ Scan services =============================
12:29:18.0773 11588  [ B7603B1B3A188C79DE7E087F11E324FB ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
12:29:18.0773 11588  !SASCORE - ok
12:29:18.0992 11588  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:29:19.0007 11588  1394ohci - ok
12:29:19.0038 11588  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:29:19.0038 11588  ACPI - ok
12:29:19.0070 11588  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:29:19.0070 11588  AcpiPmi - ok
12:29:19.0179 11588  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:29:19.0413 11588  AdobeARMservice - ok
12:29:19.0538 11588  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:29:19.0740 11588  AdobeFlashPlayerUpdateSvc - ok
12:29:19.0787 11588  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:29:19.0787 11588  adp94xx - ok
12:29:19.0834 11588  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:29:19.0850 11588  adpahci - ok
12:29:19.0865 11588  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:29:19.0865 11588  adpu320 - ok
12:29:19.0896 11588  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:29:19.0912 11588  AeLookupSvc - ok
12:29:19.0974 11588  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
12:29:19.0974 11588  AFD - ok
12:29:20.0006 11588  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:29:20.0006 11588  agp440 - ok
12:29:20.0021 11588  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
12:29:20.0021 11588  ALG - ok
12:29:20.0052 11588  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:29:20.0052 11588  aliide - ok
12:29:20.0068 11588  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
12:29:20.0068 11588  amdide - ok
12:29:20.0115 11588  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:29:20.0115 11588  AmdK8 - ok
12:29:20.0130 11588  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
12:29:20.0130 11588  AmdPPM - ok
12:29:20.0162 11588  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:29:20.0162 11588  amdsata - ok
12:29:20.0193 11588  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:29:20.0193 11588  amdsbs - ok
12:29:20.0224 11588  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:29:20.0224 11588  amdxata - ok
12:29:20.0240 11588  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
12:29:20.0255 11588  AppID - ok
12:29:20.0271 11588  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:29:20.0271 11588  AppIDSvc - ok
12:29:20.0302 11588  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
12:29:20.0302 11588  Appinfo - ok
12:29:20.0364 11588  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:29:20.0380 11588  Apple Mobile Device - ok
12:29:20.0411 11588  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
12:29:20.0411 11588  arc - ok
12:29:20.0442 11588  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:29:20.0442 11588  arcsas - ok
12:29:20.0552 11588  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:29:20.0583 11588  aspnet_state - ok
12:29:20.0630 11588  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:29:20.0630 11588  AsyncMac - ok
12:29:20.0661 11588  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
12:29:20.0676 11588  atapi - ok
12:29:20.0723 11588  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:29:20.0739 11588  AudioEndpointBuilder - ok
12:29:20.0770 11588  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:29:20.0770 11588  AudioSrv - ok
12:29:20.0801 11588  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:29:20.0801 11588  AxInstSV - ok
12:29:20.0864 11588  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
12:29:20.0910 11588  b06bdrv - ok
12:29:20.0988 11588  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:29:20.0988 11588  b57nd60a - ok
12:29:21.0066 11588  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
12:29:21.0066 11588  BBSvc - ok
12:29:21.0098 11588  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
12:29:21.0098 11588  BBUpdate - ok
12:29:21.0129 11588  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:29:21.0129 11588  BDESVC - ok
12:29:21.0160 11588  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:29:21.0160 11588  Beep - ok
12:29:21.0207 11588  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
12:29:21.0222 11588  BFE - ok
12:29:21.0347 11588  [ 7B56A40EAAACF1867FF178501D3EA185 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130502.001\BHDrvx64.sys
12:29:21.0363 11588  BHDrvx64 - ok
12:29:21.0394 11588  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
12:29:21.0425 11588  BITS - ok
12:29:21.0441 11588  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
12:29:21.0456 11588  blbdrive - ok
12:29:21.0488 11588  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:29:21.0503 11588  Bonjour Service - ok
12:29:21.0519 11588  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:29:21.0534 11588  bowser - ok
12:29:21.0550 11588  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
12:29:21.0550 11588  BrFiltLo - ok
12:29:21.0566 11588  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
12:29:21.0566 11588  BrFiltUp - ok
12:29:21.0597 11588  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
12:29:21.0612 11588  Browser - ok
12:29:21.0644 11588  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:29:21.0644 11588  Brserid - ok
12:29:21.0675 11588  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:29:21.0690 11588  BrSerWdm - ok
12:29:21.0706 11588  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:29:21.0722 11588  BrUsbMdm - ok
12:29:21.0753 11588  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:29:21.0768 11588  BrUsbSer - ok
12:29:21.0784 11588  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:29:21.0784 11588  BTHMODEM - ok
12:29:21.0831 11588  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
12:29:21.0831 11588  bthserv - ok
12:29:21.0909 11588  [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360      C:\Windows\system32\drivers\N360x64\1403010.016\ccSetx64.sys
12:29:21.0924 11588  ccSet_N360 - ok
12:29:21.0940 11588  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:29:21.0940 11588  cdfs - ok
12:29:21.0987 11588  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:29:21.0987 11588  cdrom - ok
12:29:22.0018 11588  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
12:29:22.0018 11588  CertPropSvc - ok
12:29:22.0049 11588  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
12:29:22.0049 11588  circlass - ok
12:29:22.0096 11588  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
12:29:22.0112 11588  CLFS - ok
12:29:22.0174 11588  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:29:22.0174 11588  clr_optimization_v2.0.50727_32 - ok
12:29:22.0221 11588  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:29:22.0221 11588  clr_optimization_v2.0.50727_64 - ok
12:29:22.0283 11588  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:29:22.0361 11588  clr_optimization_v4.0.30319_32 - ok
12:29:22.0392 11588  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:29:22.0392 11588  clr_optimization_v4.0.30319_64 - ok
12:29:22.0439 11588  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
12:29:22.0455 11588  CmBatt - ok
12:29:22.0486 11588  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:29:22.0486 11588  cmdide - ok
12:29:22.0533 11588  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
12:29:22.0533 11588  CNG - ok
12:29:22.0580 11588  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
12:29:22.0580 11588  Compbatt - ok
12:29:22.0611 11588  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:29:22.0626 11588  CompositeBus - ok
12:29:22.0642 11588  COMSysApp - ok
12:29:22.0673 11588  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:29:22.0673 11588  crcdisk - ok
12:29:22.0704 11588  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:29:22.0720 11588  CryptSvc - ok
12:29:22.0782 11588  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:29:22.0798 11588  DcomLaunch - ok
12:29:22.0923 11588  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
12:29:22.0938 11588  defragsvc - ok
12:29:22.0970 11588  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:29:22.0970 11588  DfsC - ok
12:29:23.0016 11588  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:29:23.0032 11588  Dhcp - ok
12:29:23.0048 11588  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
12:29:23.0063 11588  discache - ok
12:29:23.0110 11588  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
12:29:23.0110 11588  Disk - ok
12:29:23.0157 11588  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:29:23.0172 11588  Dnscache - ok
12:29:23.0204 11588  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:29:23.0204 11588  dot3svc - ok
12:29:23.0235 11588  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
12:29:23.0250 11588  DPS - ok
12:29:23.0282 11588  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:29:23.0282 11588  drmkaud - ok
12:29:23.0328 11588  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:29:23.0344 11588  DXGKrnl - ok
12:29:23.0360 11588  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
12:29:23.0375 11588  EapHost - ok
12:29:23.0453 11588  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
12:29:23.0500 11588  ebdrv - ok
12:29:23.0562 11588  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
12:29:23.0578 11588  eeCtrl - ok
12:29:23.0609 11588  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
12:29:23.0609 11588  EFS - ok
12:29:23.0796 11588  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:29:23.0812 11588  ehRecvr - ok
12:29:23.0843 11588  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
12:29:23.0843 11588  ehSched - ok
12:29:23.0890 11588  [ 594F6168A9658B20FC89B02F897BBD25 ] elagopro        C:\Windows\system32\DRIVERS\elagop64.sys
12:29:23.0906 11588  elagopro - ok
12:29:23.0937 11588  [ 5D47A65314942C5125E603A3316E9B09 ] elaunidr        C:\Windows\system32\DRIVERS\elauni64.sys
12:29:23.0952 11588  elaunidr - ok
12:29:23.0999 11588  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:29:24.0015 11588  elxstor - ok
12:29:24.0062 11588  [ 7DB097F4F6786307168C0DDDEC43A565 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
12:29:24.0077 11588  EPSON_EB_RPCV4_04 - ok
12:29:24.0093 11588  [ 258AA65A0862E19B7DE6981FDA3758AD ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
12:29:24.0108 11588  EPSON_PM_RPCV4_04 - ok
12:29:24.0155 11588  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:29:24.0155 11588  EraserUtilRebootDrv - ok
12:29:24.0233 11588  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:29:24.0233 11588  ErrDev - ok
12:29:24.0296 11588  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
12:29:24.0311 11588  EventSystem - ok
12:29:24.0342 11588  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
12:29:24.0342 11588  exfat - ok
12:29:24.0374 11588  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:29:24.0389 11588  fastfat - ok
12:29:24.0436 11588  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
12:29:24.0452 11588  Fax - ok
12:29:24.0483 11588  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
12:29:24.0483 11588  fdc - ok
12:29:24.0514 11588  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
12:29:24.0514 11588  fdPHost - ok
12:29:24.0514 11588  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:29:24.0514 11588  FDResPub - ok
12:29:24.0530 11588  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:29:24.0530 11588  FileInfo - ok
12:29:24.0545 11588  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:29:24.0545 11588  Filetrace - ok
12:29:24.0561 11588  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
12:29:24.0561 11588  flpydisk - ok
12:29:24.0592 11588  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:29:24.0592 11588  FltMgr - ok
12:29:24.0639 11588  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
12:29:24.0654 11588  FontCache - ok
12:29:24.0732 11588  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:29:24.0732 11588  FontCache3.0.0.0 - ok
12:29:24.0888 11588  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:29:24.0888 11588  FsDepends - ok
12:29:24.0935 11588  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:29:24.0935 11588  Fs_Rec - ok
12:29:24.0982 11588  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:29:24.0982 11588  fvevol - ok
12:29:25.0044 11588  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:29:25.0044 11588  gagp30kx - ok
12:29:25.0091 11588  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
12:29:25.0091 11588  GamesAppService - ok
12:29:25.0154 11588  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:29:25.0154 11588  GEARAspiWDM - ok
12:29:25.0185 11588  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
12:29:25.0200 11588  gpsvc - ok
12:29:25.0263 11588  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:29:25.0278 11588  hcw85cir - ok
12:29:25.0310 11588  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:29:25.0325 11588  HdAudAddService - ok
12:29:25.0356 11588  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:29:25.0372 11588  HDAudBus - ok
12:29:25.0388 11588  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
12:29:25.0403 11588  HidBatt - ok
12:29:25.0419 11588  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:29:25.0434 11588  HidBth - ok
12:29:25.0466 11588  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:29:25.0466 11588  HidIr - ok
12:29:25.0497 11588  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
12:29:25.0497 11588  hidserv - ok
12:29:25.0528 11588  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:29:25.0544 11588  HidUsb - ok
12:29:25.0575 11588  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:29:25.0575 11588  hkmsvc - ok
12:29:25.0590 11588  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:29:25.0606 11588  HomeGroupListener - ok
12:29:25.0637 11588  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:29:25.0637 11588  HomeGroupProvider - ok
12:29:25.0840 11588  [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
12:29:25.0840 11588  HP Support Assistant Service - ok
12:29:25.0871 11588  [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
12:29:25.0887 11588  HPClientSvc - ok
12:29:25.0934 11588  [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
12:29:25.0949 11588  hpqwmiex - ok
12:29:25.0980 11588  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:29:25.0996 11588  HpSAMD - ok
12:29:26.0027 11588  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:29:26.0058 11588  HTTP - ok
12:29:26.0090 11588  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:29:26.0090 11588  hwpolicy - ok
12:29:26.0121 11588  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:29:26.0121 11588  i8042prt - ok
12:29:26.0152 11588  [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
12:29:26.0168 11588  iaStor - ok
12:29:26.0199 11588  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:29:26.0214 11588  iaStorV - ok
12:29:26.0277 11588  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:29:26.0292 11588  idsvc - ok
12:29:26.0355 11588  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130515.001\IDSvia64.sys
12:29:26.0370 11588  IDSVia64 - ok
12:29:26.0667 11588  [ EFE5A0AF39A8E179624117C521F1E012 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
12:29:26.0823 11588  igfx - ok
12:29:26.0885 11588  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:29:26.0885 11588  iirsp - ok
12:29:26.0948 11588  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
12:29:26.0963 11588  IKEEXT - ok
12:29:27.0057 11588  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\drivers\Impcd.sys
12:29:27.0057 11588  Impcd - ok
12:29:27.0150 11588  [ C7124DA48E557D8F88D0D7F1254557F4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:29:27.0197 11588  IntcAzAudAddService - ok
12:29:27.0228 11588  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
12:29:27.0228 11588  intelide - ok
12:29:27.0291 11588  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
12:29:27.0291 11588  intelppm - ok
12:29:27.0338 11588  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:29:27.0338 11588  IPBusEnum - ok
12:29:27.0384 11588  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:29:27.0384 11588  IpFilterDriver - ok
12:29:27.0431 11588  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:29:27.0447 11588  iphlpsvc - ok
12:29:27.0478 11588  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:29:27.0494 11588  IPMIDRV - ok
12:29:27.0525 11588  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:29:27.0525 11588  IPNAT - ok
12:29:27.0603 11588  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:29:27.0618 11588  iPod Service - ok
12:29:27.0681 11588  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:29:27.0681 11588  IRENUM - ok
12:29:27.0728 11588  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:29:27.0728 11588  isapnp - ok
12:29:27.0774 11588  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:29:27.0790 11588  iScsiPrt - ok
12:29:27.0821 11588  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:29:27.0837 11588  kbdclass - ok
12:29:27.0868 11588  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:29:27.0868 11588  kbdhid - ok
12:29:27.0899 11588  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
12:29:27.0915 11588  KeyIso - ok
12:29:27.0946 11588  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:29:27.0962 11588  KSecDD - ok
12:29:28.0008 11588  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:29:28.0008 11588  KSecPkg - ok
12:29:28.0055 11588  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:29:28.0055 11588  ksthunk - ok
12:29:28.0102 11588  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:29:28.0118 11588  KtmRm - ok
12:29:28.0164 11588  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:29:28.0180 11588  LanmanServer - ok
12:29:28.0227 11588  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:29:28.0227 11588  LanmanWorkstation - ok
12:29:28.0320 11588  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:29:28.0320 11588  lltdio - ok
12:29:28.0367 11588  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:29:28.0367 11588  lltdsvc - ok
12:29:28.0414 11588  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:29:28.0414 11588  lmhosts - ok
12:29:28.0508 11588  [ D75C4B4A8FE6D7FD74A7EECDBAEC729F ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:29:28.0523 11588  LMS - ok
12:29:28.0586 11588  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:29:28.0586 11588  LSI_FC - ok
12:29:28.0632 11588  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:29:28.0632 11588  LSI_SAS - ok
12:29:28.0664 11588  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:29:28.0679 11588  LSI_SAS2 - ok
12:29:28.0710 11588  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:29:28.0710 11588  LSI_SCSI - ok
12:29:28.0757 11588  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
12:29:28.0773 11588  luafv - ok
12:29:28.0788 11588  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:29:28.0804 11588  Mcx2Svc - ok
12:29:28.0851 11588  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:29:28.0866 11588  megasas - ok
12:29:28.0929 11588  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:29:28.0944 11588  MegaSR - ok
12:29:28.0976 11588  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
12:29:28.0991 11588  MEIx64 - ok
12:29:29.0038 11588  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
12:29:29.0038 11588  MMCSS - ok
12:29:29.0054 11588  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
12:29:29.0069 11588  Modem - ok
12:29:29.0085 11588  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:29:29.0085 11588  monitor - ok
12:29:29.0100 11588  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:29:29.0116 11588  mouclass - ok
12:29:29.0163 11588  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:29:29.0163 11588  mouhid - ok
12:29:29.0194 11588  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:29:29.0194 11588  mountmgr - ok
12:29:29.0288 11588  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:29:29.0288 11588  MozillaMaintenance - ok
12:29:29.0334 11588  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:29:29.0350 11588  mpio - ok
12:29:29.0381 11588  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:29:29.0381 11588  mpsdrv - ok
12:29:29.0444 11588  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:29:29.0459 11588  MpsSvc - ok
12:29:29.0475 11588  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:29:29.0475 11588  MRxDAV - ok
12:29:29.0506 11588  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:29:29.0522 11588  mrxsmb - ok
12:29:29.0537 11588  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:29:29.0553 11588  mrxsmb10 - ok
12:29:29.0568 11588  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:29:29.0600 11588  mrxsmb20 - ok
12:29:29.0615 11588  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:29:29.0615 11588  msahci - ok
12:29:29.0646 11588  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:29:29.0662 11588  msdsm - ok
12:29:29.0678 11588  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
12:29:29.0693 11588  MSDTC - ok
12:29:29.0724 11588  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:29:29.0724 11588  Msfs - ok
12:29:29.0756 11588  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:29:29.0771 11588  mshidkmdf - ok
12:29:29.0802 11588  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:29:29.0802 11588  msisadrv - ok
12:29:29.0834 11588  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:29:29.0849 11588  MSiSCSI - ok
12:29:29.0849 11588  msiserver - ok
12:29:29.0896 11588  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:29:29.0896 11588  MSKSSRV - ok
12:29:29.0912 11588  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:29:29.0927 11588  MSPCLOCK - ok
12:29:29.0943 11588  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:29:29.0958 11588  MSPQM - ok
12:29:29.0974 11588  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:29:29.0990 11588  MsRPC - ok
12:29:30.0021 11588  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:29:30.0021 11588  mssmbios - ok
12:29:30.0114 11588  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:29:30.0130 11588  MSTEE - ok
12:29:30.0146 11588  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
12:29:30.0161 11588  MTConfig - ok
12:29:30.0224 11588  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
12:29:30.0224 11588  Mup - ok
12:29:30.0317 11588  [ 241BD3019FB31E812A51B31B06906335 ] N360            C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe
12:29:30.0317 11588  N360 - ok
12:29:30.0364 11588  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
12:29:30.0380 11588  napagent - ok
12:29:30.0426 11588  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:29:30.0426 11588  NativeWifiP - ok
12:29:30.0505 11588  [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130515.023\ENG64.SYS
12:29:30.0567 11588  NAVENG - ok
12:29:30.0629 11588  [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130515.023\EX64.SYS
12:29:30.0661 11588  NAVEX15 - ok
12:29:30.0723 11588  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:29:30.0785 11588  NDIS - ok
12:29:30.0863 11588  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:29:30.0879 11588  NdisCap - ok
12:29:30.0910 11588  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:29:30.0910 11588  NdisTapi - ok
12:29:30.0941 11588  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:29:30.0941 11588  Ndisuio - ok
12:29:30.0957 11588  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:29:30.0973 11588  NdisWan - ok
12:29:30.0988 11588  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:29:30.0988 11588  NDProxy - ok
12:29:31.0019 11588  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:29:31.0019 11588  NetBIOS - ok
12:29:31.0051 11588  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:29:31.0051 11588  NetBT - ok
12:29:31.0082 11588  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
12:29:31.0082 11588  Netlogon - ok
12:29:31.0129 11588  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
12:29:31.0144 11588  Netman - ok
12:29:31.0175 11588  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:29:31.0175 11588  NetMsmqActivator - ok
12:29:31.0191 11588  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:29:31.0207 11588  NetPipeActivator - ok
12:29:31.0238 11588  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
12:29:31.0253 11588  netprofm - ok
12:29:31.0269 11588  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:29:31.0269 11588  NetTcpActivator - ok
12:29:31.0285 11588  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:29:31.0285 11588  NetTcpPortSharing - ok
12:29:31.0316 11588  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:29:31.0331 11588  nfrd960 - ok
12:29:31.0347 11588  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:29:31.0363 11588  NlaSvc - ok
12:29:31.0487 11588  [ 5839A8027D6D324A7CD494051A96628C ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
12:29:31.0519 11588  NOBU - ok
12:29:31.0597 11588  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:29:31.0612 11588  Npfs - ok
12:29:31.0659 11588  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
12:29:31.0659 11588  nsi - ok
12:29:31.0675 11588  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:29:31.0690 11588  nsiproxy - ok
12:29:31.0768 11588  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:29:31.0784 11588  Ntfs - ok
12:29:31.0815 11588  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
12:29:31.0815 11588  Null - ok
12:29:31.0846 11588  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:29:31.0846 11588  nvraid - ok
12:29:31.0893 11588  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:29:31.0893 11588  nvstor - ok
12:29:31.0940 11588  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:29:31.0955 11588  nv_agp - ok
12:29:31.0987 11588  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:29:31.0987 11588  ohci1394 - ok
12:29:32.0065 11588  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:29:32.0065 11588  ose - ok
12:29:32.0189 11588  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:29:32.0299 11588  osppsvc - ok
12:29:32.0345 11588  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:29:32.0345 11588  p2pimsvc - ok
12:29:32.0392 11588  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:29:32.0392 11588  p2psvc - ok
12:29:32.0439 11588  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
12:29:32.0455 11588  Parport - ok
12:29:32.0486 11588  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:29:32.0486 11588  partmgr - ok
12:29:32.0533 11588  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:29:32.0533 11588  PcaSvc - ok
12:29:32.0564 11588  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
12:29:32.0564 11588  pci - ok
12:29:32.0611 11588  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
12:29:32.0611 11588  pciide - ok
12:29:32.0642 11588  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:29:32.0642 11588  pcmcia - ok
12:29:32.0689 11588  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:29:32.0689 11588  pcw - ok
12:29:32.0735 11588  pdfcDispatcher - ok
12:29:32.0782 11588  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:29:32.0829 11588  PEAUTH - ok
12:29:32.0923 11588  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:29:32.0923 11588  PerfHost - ok
12:29:33.0032 11588  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
12:29:33.0047 11588  pla - ok
12:29:33.0079 11588  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:29:33.0094 11588  PlugPlay - ok
12:29:33.0125 11588  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:29:33.0141 11588  PNRPAutoReg - ok
12:29:33.0203 11588  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:29:33.0219 11588  PNRPsvc - ok
12:29:33.0266 11588  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:29:33.0281 11588  PolicyAgent - ok
12:29:33.0344 11588  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
12:29:33.0344 11588  Power - ok
12:29:33.0391 11588  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:29:33.0391 11588  PptpMiniport - ok
12:29:33.0422 11588  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
12:29:33.0437 11588  Processor - ok
12:29:33.0484 11588  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:29:33.0484 11588  ProfSvc - ok
12:29:33.0515 11588  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:29:33.0531 11588  ProtectedStorage - ok
12:29:33.0562 11588  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:29:33.0593 11588  Psched - ok
12:29:33.0652 11588  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:29:33.0721 11588  ql2300 - ok
12:29:33.0752 11588  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:29:33.0768 11588  ql40xx - ok
12:29:33.0815 11588  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
12:29:33.0830 11588  QWAVE - ok
12:29:33.0861 11588  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:29:33.0861 11588  QWAVEdrv - ok
12:29:33.0893 11588  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:29:33.0893 11588  RasAcd - ok
12:29:33.0924 11588  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:29:33.0924 11588  RasAgileVpn - ok
12:29:33.0971 11588  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
12:29:33.0971 11588  RasAuto - ok
12:29:34.0017 11588  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:29:34.0017 11588  Rasl2tp - ok
12:29:34.0049 11588  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
12:29:34.0095 11588  RasMan - ok
12:29:34.0142 11588  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:29:34.0142 11588  RasPppoe - ok
12:29:34.0189 11588  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:29:34.0189 11588  RasSstp - ok
12:29:34.0236 11588  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:29:34.0236 11588  rdbss - ok
12:29:34.0283 11588  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
12:29:34.0283 11588  rdpbus - ok
12:29:34.0314 11588  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:29:34.0329 11588  RDPCDD - ok
12:29:34.0376 11588  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:29:34.0376 11588  RDPENCDD - ok
12:29:34.0423 11588  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:29:34.0439 11588  RDPREFMP - ok
12:29:34.0470 11588  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:29:34.0501 11588  RDPWD - ok
12:29:34.0563 11588  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:29:34.0563 11588  rdyboost - ok
12:29:34.0610 11588  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:29:34.0626 11588  RemoteAccess - ok
12:29:34.0641 11588  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:29:34.0641 11588  RemoteRegistry - ok
12:29:34.0719 11588  [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
12:29:34.0719 11588  RoxioNow Service - ok
12:29:34.0766 11588  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:29:34.0797 11588  RpcEptMapper - ok
12:29:34.0844 11588  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
12:29:34.0860 11588  RpcLocator - ok
12:29:34.0891 11588  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
12:29:34.0907 11588  RpcSs - ok
12:29:34.0938 11588  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:29:34.0953 11588  rspndr - ok
12:29:35.0000 11588  [ F4C374B1C46DE294B573BB43723AC3F6 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:29:35.0000 11588  RTL8167 - ok
12:29:35.0031 11588  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
12:29:35.0031 11588  SamSs - ok
12:29:35.0094 11588  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
12:29:35.0094 11588  SASDIFSV - ok
12:29:35.0125 11588  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
12:29:35.0141 11588  SASKUTIL - ok
12:29:35.0172 11588  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:29:35.0172 11588  sbp2port - ok
12:29:35.0219 11588  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:29:35.0219 11588  SCardSvr - ok
12:29:35.0265 11588  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:29:35.0281 11588  scfilter - ok
12:29:35.0312 11588  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
12:29:35.0328 11588  Schedule - ok
12:29:35.0375 11588  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:29:35.0375 11588  SCPolicySvc - ok
12:29:35.0406 11588  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:29:35.0421 11588  SDRSVC - ok
12:29:35.0453 11588  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:29:35.0468 11588  secdrv - ok
12:29:35.0515 11588  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
12:29:35.0531 11588  seclogon - ok
12:29:35.0562 11588  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
12:29:35.0577 11588  SENS - ok
12:29:35.0609 11588  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:29:35.0609 11588  SensrSvc - ok
12:29:35.0655 11588  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
12:29:35.0687 11588  Serenum - ok
12:29:35.0702 11588  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
12:29:35.0718 11588  Serial - ok
12:29:35.0733 11588  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:29:35.0749 11588  sermouse - ok
12:29:35.0843 11588  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:29:35.0858 11588  SessionEnv - ok
12:29:35.0889 11588  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:29:35.0905 11588  sffdisk - ok
12:29:35.0921 11588  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:29:35.0921 11588  sffp_mmc - ok
12:29:35.0967 11588  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:29:35.0967 11588  sffp_sd - ok
12:29:35.0999 11588  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:29:35.0999 11588  sfloppy - ok
12:29:36.0061 11588  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:29:36.0077 11588  SharedAccess - ok
12:29:36.0123 11588  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:29:36.0139 11588  ShellHWDetection - ok
12:29:36.0186 11588  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:29:36.0186 11588  SiSRaid2 - ok
12:29:36.0233 11588  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:29:36.0233 11588  SiSRaid4 - ok
12:29:36.0264 11588  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:29:36.0279 11588  Smb - ok
12:29:36.0342 11588  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:29:36.0342 11588  SNMPTRAP - ok
12:29:36.0373 11588  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:29:36.0373 11588  spldr - ok
12:29:36.0498 11588  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
12:29:36.0498 11588  Spooler - ok
12:29:36.0591 11588  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
12:29:36.0638 11588  sppsvc - ok
12:29:36.0669 11588  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:29:36.0669 11588  sppuinotify - ok
12:29:36.0779 11588  [ 378A0748DE5ADF90BF9DB897DA8564E6 ] SRTSP           C:\Windows\System32\Drivers\N360x64\1403010.016\SRTSP64.SYS
12:29:36.0794 11588  SRTSP - ok
12:29:36.0825 11588  [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX          C:\Windows\system32\drivers\N360x64\1403010.016\SRTSPX64.SYS
12:29:36.0841 11588  SRTSPX - ok
12:29:36.0888 11588  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:29:36.0888 11588  srv - ok
12:29:36.0919 11588  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:29:36.0935 11588  srv2 - ok
12:29:36.0966 11588  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:29:36.0966 11588  srvnet - ok
12:29:37.0028 11588  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:29:37.0044 11588  SSDPSRV - ok
12:29:37.0091 11588  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:29:37.0091 11588  SstpSvc - ok
12:29:37.0122 11588  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:29:37.0137 11588  stexstor - ok
12:29:37.0169 11588  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
12:29:37.0184 11588  stisvc - ok
12:29:37.0231 11588  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:29:37.0231 11588  swenum - ok
12:29:37.0278 11588  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
12:29:37.0293 11588  swprv - ok
12:29:37.0371 11588  [ E174C8BC572E93AEEE1036DEDAC5F225 ] SymDS           C:\Windows\system32\drivers\N360x64\1403010.016\SYMDS64.SYS
12:29:37.0387 11588  SymDS - ok
12:29:37.0434 11588  [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA          C:\Windows\system32\drivers\N360x64\1403010.016\SYMEFA64.SYS
12:29:37.0449 11588  SymEFA - ok
12:29:37.0496 11588  [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
12:29:37.0496 11588  SymEvent - ok
12:29:37.0559 11588  [ BFD99DC6C7FEB2F8B20D488FDF3A9A55 ] SymIM           C:\Windows\system32\DRIVERS\SymIMv.sys
12:29:37.0559 11588  SymIM - ok
12:29:37.0605 11588  [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON         C:\Windows\system32\drivers\N360x64\1403010.016\Ironx64.SYS
12:29:37.0621 11588  SymIRON - ok
12:29:37.0668 11588  [ 1605EBD8CB86AFC4430116065995279A ] SymNetS         C:\Windows\System32\Drivers\N360x64\1403010.016\SYMNETS.SYS
12:29:37.0668 11588  SymNetS - ok
12:29:37.0730 11588  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
12:29:37.0746 11588  SysMain - ok
12:29:37.0777 11588  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:29:37.0793 11588  TabletInputService - ok
12:29:37.0824 11588  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:29:37.0839 11588  TapiSrv - ok
12:29:37.0855 11588  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
12:29:37.0855 11588  TBS - ok
12:29:37.0917 11588  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:29:37.0949 11588  Tcpip - ok
12:29:37.0995 11588  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:29:38.0011 11588  TCPIP6 - ok
12:29:38.0089 11588  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:29:38.0089 11588  tcpipreg - ok
12:29:38.0136 11588  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:29:38.0151 11588  TDPIPE - ok
12:29:38.0183 11588  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:29:38.0198 11588  TDTCP - ok
12:29:38.0229 11588  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:29:38.0229 11588  tdx - ok
12:29:38.0292 11588  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:29:38.0292 11588  TermDD - ok
12:29:38.0339 11588  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
12:29:38.0354 11588  TermService - ok
12:29:38.0370 11588  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
12:29:38.0370 11588  Themes - ok
12:29:38.0401 11588  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
12:29:38.0417 11588  THREADORDER - ok
12:29:38.0448 11588  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
12:29:38.0463 11588  TrkWks - ok
12:29:38.0510 11588  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:29:38.0526 11588  TrustedInstaller - ok
12:29:38.0557 11588  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:29:38.0557 11588  tssecsrv - ok
12:29:38.0604 11588  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:29:38.0604 11588  TsUsbFlt - ok
12:29:38.0635 11588  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
12:29:38.0635 11588  TsUsbGD - ok
12:29:38.0682 11588  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:29:38.0682 11588  tunnel - ok
12:29:38.0729 11588  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:29:38.0729 11588  uagp35 - ok
12:29:38.0775 11588  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:29:38.0775 11588  udfs - ok
12:29:38.0822 11588  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:29:38.0838 11588  UI0Detect - ok
12:29:38.0900 11588  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:29:38.0900 11588  uliagpkx - ok
12:29:38.0947 11588  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:29:38.0947 11588  umbus - ok
12:29:38.0994 11588  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
12:29:38.0994 11588  UmPass - ok
12:29:39.0103 11588  [ 758C2CE427C343F780A205E28555C98D ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:29:39.0150 11588  UNS - ok
12:29:39.0197 11588  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
12:29:39.0197 11588  upnphost - ok
12:29:39.0228 11588  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
12:29:39.0243 11588  USBAAPL64 - ok
12:29:39.0275 11588  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:29:39.0275 11588  usbccgp - ok
12:29:39.0317 11588  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:29:39.0321 11588  usbcir - ok
12:29:39.0347 11588  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
12:29:39.0351 11588  usbehci - ok
12:29:39.0411 11588  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:29:39.0426 11588  usbhub - ok
12:29:39.0458 11588  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:29:39.0458 11588  usbohci - ok
12:29:39.0504 11588  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:29:39.0520 11588  usbprint - ok
12:29:39.0551 11588  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:29:39.0567 11588  usbscan - ok
12:29:39.0614 11588  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:29:39.0614 11588  USBSTOR - ok
12:29:39.0660 11588  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:29:39.0660 11588  usbuhci - ok
12:29:39.0707 11588  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
12:29:39.0707 11588  UxSms - ok
12:29:39.0754 11588  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
12:29:39.0754 11588  VaultSvc - ok
12:29:39.0785 11588  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:29:39.0785 11588  vdrvroot - ok
12:29:39.0832 11588  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
12:29:39.0848 11588  vds - ok
12:29:39.0879 11588  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:29:39.0894 11588  vga - ok
12:29:39.0926 11588  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:29:39.0926 11588  VgaSave - ok
12:29:39.0972 11588  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:29:39.0972 11588  vhdmp - ok
12:29:40.0004 11588  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:29:40.0004 11588  viaide - ok
12:29:40.0035 11588  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:29:40.0050 11588  volmgr - ok
12:29:40.0082 11588  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:29:40.0097 11588  volmgrx - ok
12:29:40.0113 11588  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:29:40.0113 11588  volsnap - ok
12:29:40.0160 11588  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:29:40.0175 11588  vsmraid - ok
12:29:40.0238 11588  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
12:29:40.0269 11588  VSS - ok
12:29:40.0300 11588  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:29:40.0300 11588  vwifibus - ok
12:29:40.0331 11588  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
12:29:40.0347 11588  W32Time - ok
12:29:40.0394 11588  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:29:40.0394 11588  WacomPen - ok
12:29:40.0456 11588  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:29:40.0456 11588  WANARP - ok
12:29:40.0487 11588  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:29:40.0487 11588  Wanarpv6 - ok
12:29:40.0565 11588  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:29:40.0596 11588  WatAdminSvc - ok
12:29:40.0643 11588  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
12:29:40.0721 11588  wbengine - ok
12:29:40.0830 11588  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:29:40.0830 11588  WbioSrvc - ok
12:29:40.0877 11588  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:29:40.0877 11588  wcncsvc - ok
12:29:40.0924 11588  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:29:40.0924 11588  WcsPlugInService - ok
12:29:40.0971 11588  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
12:29:40.0971 11588  Wd - ok
12:29:41.0018 11588  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:29:41.0033 11588  Wdf01000 - ok
12:29:41.0064 11588  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:29:41.0080 11588  WdiServiceHost - ok
12:29:41.0096 11588  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:29:41.0096 11588  WdiSystemHost - ok
12:29:41.0189 11588  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
12:29:41.0220 11588  WebClient - ok
12:29:41.0252 11588  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:29:41.0252 11588  Wecsvc - ok
12:29:41.0283 11588  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:29:41.0298 11588  wercplsupport - ok
12:29:41.0345 11588  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:29:41.0345 11588  WerSvc - ok
12:29:41.0392 11588  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:29:41.0392 11588  WfpLwf - ok
12:29:41.0423 11588  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:29:41.0439 11588  WIMMount - ok
12:29:41.0470 11588  WinDefend - ok
12:29:41.0517 11588  WinHttpAutoProxySvc - ok
12:29:41.0579 11588  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:29:41.0579 11588  Winmgmt - ok
12:29:41.0657 11588  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
12:29:41.0688 11588  WinRM - ok
12:29:41.0751 11588  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:29:41.0766 11588  WinUsb - ok
12:29:41.0798 11588  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:29:41.0813 11588  Wlansvc - ok
12:29:41.0876 11588  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:29:41.0876 11588  wlcrasvc - ok
12:29:41.0954 11588  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:29:41.0985 11588  wlidsvc - ok
12:29:42.0016 11588  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:29:42.0016 11588  WmiAcpi - ok
12:29:42.0078 11588  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:29:42.0078 11588  wmiApSrv - ok
12:29:42.0125 11588  WMPNetworkSvc - ok
12:29:42.0156 11588  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:29:42.0172 11588  WPCSvc - ok
12:29:42.0203 11588  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:29:42.0203 11588  WPDBusEnum - ok
12:29:42.0250 11588  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:29:42.0250 11588  ws2ifsl - ok
12:29:42.0266 11588  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
12:29:42.0266 11588  wscsvc - ok
12:29:42.0297 11588  WSearch - ok
12:29:42.0390 11588  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:29:42.0422 11588  wuauserv - ok
12:29:42.0468 11588  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:29:42.0468 11588  WudfPf - ok
12:29:42.0515 11588  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:29:42.0515 11588  WUDFRd - ok
12:29:42.0546 11588  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:29:42.0546 11588  wudfsvc - ok
12:29:42.0593 11588  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:29:42.0609 11588  WwanSvc - ok
12:29:42.0656 11588  ================ Scan global ===============================
12:29:42.0687 11588  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:29:42.0718 11588  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
12:29:42.0734 11588  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
12:29:42.0765 11588  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:29:42.0796 11588  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:29:42.0796 11588  [Global] - ok
12:29:42.0812 11588  ================ Scan MBR ==================================
12:29:42.0827 11588  [ C3C93F1CA51BBACBABEA804D2CC62CA1 ] \Device\Harddisk0\DR0
12:29:42.0843 11588  Suspicious mbr (Forged): \Device\Harddisk0\DR0
12:29:42.0890 11588  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected
12:29:42.0890 11588  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a (0)
12:29:42.0905 11588  ================ Scan VBR ==================================
12:29:42.0905 11588  [ 331051BDC31E897281E0B675EB58838B ] \Device\Harddisk0\DR0\Partition1
12:29:42.0905 11588  \Device\Harddisk0\DR0\Partition1 - ok
12:29:42.0968 11588  [ 3FEC4CDD48EF0B4CFE3B47F021D805F0 ] \Device\Harddisk0\DR0\Partition2
12:29:42.0968 11588  \Device\Harddisk0\DR0\Partition2 - ok
12:29:43.0014 11588  [ 4B4BAD846310B2C153AEBDDEB11EA7A1 ] \Device\Harddisk0\DR0\Partition3
12:29:43.0030 11588  \Device\Harddisk0\DR0\Partition3 - ok
12:29:43.0030 11588  ============================================================
12:29:43.0030 11588  Scan finished
12:29:43.0030 11588  ============================================================
12:29:43.0061 17756  Detected object count: 1
12:29:43.0061 17756  Actual detected object count: 1
12:30:29.0865 17756  \Device\Harddisk0\DR0\# - copied to quarantine
12:30:29.0974 17756  \Device\Harddisk0\DR0 - copied to quarantine
12:30:30.0099 17756  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - will be cured on reboot
12:30:30.0146 17756  \Device\Harddisk0\DR0 - ok
12:30:30.0723 17756  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - User select action: Cure
12:30:34.0645 3104  Deinitialize success
 



#5 kowgrl

kowgrl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:05 PM

Posted 16 May 2013 - 11:42 AM

And the ADWcleaner

 

 

# AdwCleaner v2.300 - Logfile created 05/16/2013 at 12:39:37
# Updated 28/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : King - KING-HP
# Boot Mode : Normal
# Running from : C:\Users\King\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\n3sheau3.default\searchplugins\safesearch.xml
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\n3sheau3.default\Conduit

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD
Key Deleted : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Mozilla Firefox v21.0 (en-US)

File : C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\n3sheau3.default\prefs.js

C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\n3sheau3.default\user.js ... Deleted !

Deleted : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2438727.CTID", "CT2438727");
Deleted : user_pref("CT2438727.CurrentServerDate", "8-2-2011");
Deleted : user_pref("CT2438727.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2438727.DownloadReferralCookieData", "");
Deleted : user_pref("CT2438727.FirstServerDate", "8-2-2011");
Deleted : user_pref("CT2438727.FirstTime", true);
Deleted : user_pref("CT2438727.FirstTimeFF3", true);
Deleted : user_pref("CT2438727.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2438727.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2438727.Initialize", true);
Deleted : user_pref("CT2438727.InitializeCommonPrefs", true);
Deleted : user_pref("CT2438727.InstallationAndCookieDataSentCount", 1);
Deleted : user_pref("CT2438727.InstalledDate", "Mon Feb 07 2011 16:36:26 GMT-0500 (Eastern Standard Time)");
Deleted : user_pref("CT2438727.IsGrouping", false);
Deleted : user_pref("CT2438727.IsMulticommunity", false);
Deleted : user_pref("CT2438727.IsOpenThankYouPage", true);
Deleted : user_pref("CT2438727.IsOpenUninstallPage", true);
Deleted : user_pref("CT2438727.LanguagePackLastCheckTime", "Mon Feb 07 2011 16:36:26 GMT-0500 (Eastern Standar[...]
Deleted : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2438727.LastLogin_2.7.1.3", "Mon Feb 07 2011 16:36:31 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2438727.LatestVersion", "2.7.1.3");
Deleted : user_pref("CT2438727.Locale", "en");
Deleted : user_pref("CT2438727.LoginCache", 4);
Deleted : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Deleted : user_pref("CT2438727.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Mon Feb 07 2011 16:36:31 GMT-0500 (Eastern Stand[...]
Deleted : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2438727.SettingsLastCheckTime", "Mon Feb 07 2011 16:36:26 GMT-0500 (Eastern Standard Ti[...]
Deleted : user_pref("CT2438727.SettingsLastUpdate", "1296463749");
Deleted : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Mon Feb 07 2011 16:36:25 GMT-0500 (Eastern Sta[...]
Deleted : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT2438727.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Deleted : user_pref("CT2438727.UserID", "UN96461996155617751");
Deleted : user_pref("CT2438727.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2438727.alertChannelId", "832836");
Deleted : user_pref("CT2438727.backendstorage.currentgame", "706F6B6572");
Deleted : user_pref("CT2438727.clientLogIsEnabled", false);
Deleted : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2438727.myStuffEnabled", true);
Deleted : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://aolsearch.aol.com/aol/search?invo[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2438727");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727");
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Feb 07 2011 16:36:26 GMT-0500 (Easte[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Feb 07 2011 16:36:26 GMT-0500 (Eastern S[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "{be19140a-4f11-4e23-be90-e794f7e3f8fe}");
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://aolsearch.aol.com/aol/search?invocationType=c[...]
Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
Deleted : user_pref("extensions.toolbar.mindspark._5mMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]

File : C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\n3sheau3.default - Copy\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [8392 octets] - [16/05/2013 12:39:37]

########## EOF - C:\AdwCleaner[S1].txt - [8452 octets] ##########
 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:05 PM

Posted 16 May 2013 - 02:10 PM

Hello, we removed a serious Bootkit infection. How is it running now?
You need to change all passwords used n this PC..


Please download aswMBR ( 4.5MB ) to your desktop.

[list]
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.
  • [/LIST

Edited by boopme, 16 May 2013 - 02:12 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 kowgrl

kowgrl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:05 PM

Posted 16 May 2013 - 03:08 PM

And the ESET

 

 

C:\Users\King\AppData\LocalLow\F4D0.tmp    a variant of Win64/Olmarik.AY trojan    cleaned by deleting - quarantined
 

 



#8 kowgrl

kowgrl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:05 PM

Posted 16 May 2013 - 03:09 PM

THANK YOU so much!!  It is running so much better!! 

 

Any ideas of where these types of viruses come from so we know not to go there again???

 

And I have Norton 360 running currently....is there something else that I should be running instead of, or along with???  Or am I just going to get a virus over the programs that are out there??


Edited by kowgrl, 16 May 2013 - 03:25 PM.


#9 kowgrl

kowgrl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:05 PM

Posted 16 May 2013 - 03:24 PM

And the last one aswMBR

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-05-16 16:12:28
-----------------------------
16:12:28.009    OS Version: Windows x64 6.1.7601 Service Pack 1
16:12:28.009    Number of processors: 2 586 0x2A07
16:12:28.010    ComputerName: KING-HP  UserName: King
16:12:30.420    Initialize success
16:13:16.506    AVAST engine defs: 13051600
16:14:01.388    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:14:01.390    Disk 0 Vendor: Hitachi_ JP4O Size: 953869MB BusType: 3
16:14:01.480    Disk 0 MBR read successfully
16:14:01.483    Disk 0 MBR scan
16:14:01.488    Disk 0 Windows 7 default MBR code
16:14:01.492    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
16:14:01.500    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       941986 MB offset 206848
16:14:01.534    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        11781 MB offset 1929394176
16:14:01.586    Disk 0 scanning C:\Windows\system32\drivers
16:14:08.742    Service scanning
16:14:26.475    Modules scanning
16:14:26.483    Disk 0 trace - called modules:
16:14:26.496    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
16:14:26.827    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006e70730]
16:14:26.832    3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004776050]
16:14:29.941    AVAST engine scan C:\Windows
16:14:33.032    AVAST engine scan C:\Windows\system32
16:17:13.819    AVAST engine scan C:\Windows\system32\drivers
16:17:32.648    AVAST engine scan C:\Users\King
16:21:33.185    AVAST engine scan C:\ProgramData
16:22:53.202    Scan finished successfully
16:23:19.426    Disk 0 MBR has been saved successfully to "C:\Users\King\Desktop\MBR.dat"
16:23:19.426    The log file has been saved successfully to "C:\Users\King\Desktop\aswMBR.txt"

 



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:05 PM

Posted 16 May 2013 - 08:03 PM

Hello, be careful when you install Apps and games to look for and UN check things like....

Yes, install Chrome as my default browser and Google Toolbar for Internet Explorer – optional. (32.11 MB) Install Options

I usually select Advanced and not Recommended install so I can see what else is being added.

 

Have a look HERE


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 kowgrl

kowgrl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:05 PM

Posted 17 May 2013 - 11:07 AM

Thank you SO much for all of your help!  You have been a lifesaver!!



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:05 PM

Posted 17 May 2013 - 01:50 PM

You're welcome from the BC community !!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users