Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blue Screen of Death - PROCESS_HAS_LOCKED_PAGES


  • Please log in to reply
21 replies to this topic

#1 claytonian82

claytonian82

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 21 July 2013 - 06:55 PM

Hi,

 

My aunt has given me her computer, HP Pavalion laptop running Windows Vista 64 bit, to make it work again.  My understanding is that files are backed up already

 

Initially the problem was that anytime she tried viewing PDFs or tried attaching PDFs in an email, the computer would crash.    Although I don't see any current obvious signs of malware, I suspect the computer might be infected with something.

 

Steps I've completed

 

1) Uninstalled avery ask.com toolbars

2) Updating the HP Updater

3) Uninstalled Adobe Reader

4) Reinstalled Adobe Reader

5) Downloaded and installed free version of Malware Bytes

6) Run a quick scan and had it remove whatever it found

7) Tried opening up adobe reader only to receive the BSOD PROCESS_HAS_LOCKED_PAGES

 

Any help on the next step to getting the computer to a stable point is much appreciated.

 

Thanks,

Clay



BC AdBot (Login to Remove)

 


#2 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:17 PM

Posted 22 July 2013 - 03:59 AM

 Download BlueScreenViewhttp://www.nirsoft.net/utils/blue_screen_view.html

  • Double-click BlueScreenView.exe file.
  • When autoscan is done (screen comes up), click Edit/Select All...then File/Save Selected Items.
  • Save the report as BSOD.txt.
  • Open BSOD.txt in Notepad, copy all content and paste it into your next reply

 

 

:step1:  Running TDSSKiller to obtain log

 

Note: Don't cure or delete a threat, but choose skip for all instead.

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters

tds2.jpg

  • In the Additional options: Check Detect TDLFS file system
  • Click Start Scan and allow the scan process to run

tds4-1.jpg

  • Choose for all threats to Skip for all of them.
  • Click Continue
  • Please post the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)

===================================================

 

:step2: Publish a snapshot with Speccy:

http://www.bleepingcomputer.com/forums/t/323892/publish-a-snapshot-using-speccy/#entry1797792

 

:step3:  Please download MiniToolBox , save it to your desktop and run it.

 

Checkmark the following checkboxes:

  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and paste the content into your next post.

 

:step4: ESET Online Scanner

==================

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and » UNCHECK "Remove found threats" <== Important
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. (If no malware was found you will not be presented with a log).
  • Click the Back button.
  • Click the Finish button.

===================================================


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#3 claytonian82

claytonian82
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 22 July 2013 - 06:30 PM

==================================================
Dump File         : Mini072213-01.dmp
Crash Time        : 7/22/2013 5:59:52 PM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`14ea73f0
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini072213-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 7/22/2013 6:02:25 PM
==================================================
 
==================================================
Dump File         : Mini072113-03.dmp
Crash Time        : 7/21/2013 6:37:42 PM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`0d3adc10
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini072113-03.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 7/21/2013 6:39:50 PM
==================================================
 
==================================================
Dump File         : Mini072113-02.dmp
Crash Time        : 7/21/2013 12:21:29 PM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`0ba09040
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini072113-02.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 7/21/2013 12:23:26 PM
==================================================
 
==================================================
Dump File         : Mini072113-01.dmp
Crash Time        : 7/21/2013 10:55:53 AM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`06915100
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini072113-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 7/21/2013 10:58:49 AM
==================================================
 
==================================================
Dump File         : Mini071813-03.dmp
Crash Time        : 7/18/2013 1:30:20 PM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`0beceb50
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini071813-03.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 7/18/2013 1:34:49 PM
==================================================
 
==================================================
Dump File         : Mini071813-02.dmp
Crash Time        : 7/18/2013 12:33:38 PM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`0a90bc10
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini071813-02.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 7/18/2013 12:36:38 PM
==================================================
 
==================================================
Dump File         : Mini071813-01.dmp
Crash Time        : 7/18/2013 9:48:30 AM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`2374e7a0
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini071813-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 7/18/2013 9:50:47 AM
==================================================
 
==================================================
Dump File         : Mini071513-01.dmp
Crash Time        : 7/15/2013 5:30:21 PM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`127117c0
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini071513-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 7/15/2013 5:33:22 PM
==================================================
 
==================================================
Dump File         : Mini060713-01.dmp
Crash Time        : 6/7/2013 10:50:31 AM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`0acfc810
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini060713-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 6/7/2013 10:53:46 AM
==================================================
 
==================================================
Dump File         : Mini060313-02.dmp
Crash Time        : 6/3/2013 3:01:26 PM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`078c9040
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini060313-02.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 6/3/2013 3:03:10 PM
==================================================
 
==================================================
Dump File         : Mini060313-01.dmp
Crash Time        : 6/3/2013 12:56:13 PM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`0b50fc10
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini060313-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 6/3/2013 12:58:59 PM
==================================================
 
==================================================
Dump File         : Mini052713-01.dmp
Crash Time        : 5/27/2013 5:38:12 PM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`2f3c5040
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini052713-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 5/27/2013 5:40:17 PM
==================================================
 
==================================================
Dump File         : Mini050913-01.dmp
Crash Time        : 5/9/2013 2:38:15 PM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`1f607810
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini050913-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 5/9/2013 2:40:10 PM
==================================================
 
==================================================
Dump File         : Mini050113-01.dmp
Crash Time        : 5/1/2013 2:18:59 PM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`16bb1040
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini050113-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 5/1/2013 2:22:06 PM
==================================================
 
==================================================
Dump File         : Mini042913-01.dmp
Crash Time        : 4/29/2013 1:37:46 PM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`23c5ec10
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini042913-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 4/29/2013 1:41:25 PM
==================================================
 
==================================================
Dump File         : Mini042213-04.dmp
Crash Time        : 4/22/2013 12:00:08 PM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`0760f040
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini042213-04.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 4/22/2013 12:02:29 PM
==================================================
 
==================================================
Dump File         : Mini042213-03.dmp
Crash Time        : 4/22/2013 11:13:00 AM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`07dfc040
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini042213-03.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 4/22/2013 11:15:55 AM
==================================================
 
==================================================
Dump File         : Mini042213-02.dmp
Crash Time        : 4/22/2013 10:55:14 AM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`073557b0
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini042213-02.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 4/22/2013 10:58:10 AM
==================================================
 
==================================================
Dump File         : Mini042213-01.dmp
Crash Time        : 4/22/2013 10:39:39 AM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`105a4810
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini042213-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 4/22/2013 10:42:27 AM
==================================================
 
==================================================
Dump File         : Mini030813-01.dmp
Crash Time        : 3/8/2013 3:40:13 PM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`0b0e4410
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini030813-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 3/8/2013 3:42:21 PM
==================================================
 
==================================================
Dump File         : Mini030113-01.dmp
Crash Time        : 3/1/2013 2:19:56 PM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`081fcc10
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini030113-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 3/1/2013 2:22:39 PM
==================================================
 
==================================================
Dump File         : Mini022013-01.dmp
Crash Time        : 2/20/2013 2:45:52 PM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`0bdd2c10
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57150
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57150
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini022013-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 2/20/2013 2:49:07 PM
==================================================
 
==================================================
Dump File         : Mini012313-02.dmp
Crash Time        : 1/23/2013 4:48:52 PM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`0c0c3040
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57ad0
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57ad0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini012313-02.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 1/23/2013 4:51:43 PM
==================================================
 
==================================================
Dump File         : Mini012313-01.dmp
Crash Time        : 1/23/2013 9:18:10 AM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`07399c10
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57ad0
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57ad0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini012313-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 1/23/2013 9:20:23 AM
==================================================
 
==================================================
Dump File         : Mini010413-01.dmp
Crash Time        : 1/4/2013 11:51:09 AM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`06af8040
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57ad0
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57ad0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini010413-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 1/4/2013 11:52:53 AM
==================================================
 
==================================================
Dump File         : Mini010313-01.dmp
Crash Time        : 1/3/2013 2:39:23 PM
Bug Check String  : PROCESS_HAS_LOCKED_PAGES
Bug Check Code    : 0x00000076
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`092b6040
Parameter 3       : 00000000`00000001
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+57ad0
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18805 (vistasp2_gdr.130308-1436)
Processor         : x64
Crash Address     : ntoskrnl.exe+57ad0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\Mini010313-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 274,288
Dump File Time    : 1/3/2013 2:41:11 PM
==================================================
 
18:19:41.0584 5576  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:19:42.0282 5576  ============================================================
18:19:42.0282 5576  Current date / time: 2013/07/22 18:19:42.0282
18:19:42.0282 5576  SystemInfo:
18:19:42.0282 5576  
18:19:42.0282 5576  OS Version: 6.0.6002 ServicePack: 2.0
18:19:42.0282 5576  Product type: Workstation
18:19:42.0282 5576  ComputerName: USER-PC
18:19:42.0282 5576  UserName: user
18:19:42.0282 5576  Windows directory: C:\Windows
18:19:42.0282 5576  System windows directory: C:\Windows
18:19:42.0282 5576  Running under WOW64
18:19:42.0282 5576  Processor architecture: Intel x64
18:19:42.0282 5576  Number of processors: 2
18:19:42.0282 5576  Page size: 0x1000
18:19:42.0283 5576  Boot type: Normal boot
18:19:42.0283 5576  ============================================================
18:19:47.0519 5576  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:19:47.0527 5576  ============================================================
18:19:47.0528 5576  \Device\Harddisk0\DR0:
18:19:47.0528 5576  MBR partitions:
18:19:47.0528 5576  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x38A5DFC1
18:19:47.0528 5576  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38A5E000, BlocksNum 0x1926800
18:19:47.0528 5576  ============================================================
18:19:47.0561 5576  C: <-> \Device\Harddisk0\DR0\Partition1
18:19:47.0774 5576  D: <-> \Device\Harddisk0\DR0\Partition2
18:19:47.0774 5576  ============================================================
18:19:47.0775 5576  Initialize success
18:19:47.0775 5576  ============================================================
18:20:20.0838 5260  ============================================================
18:20:20.0838 5260  Scan started
18:20:20.0838 5260  Mode: Manual; TDLFS; 
18:20:20.0838 5260  ============================================================
18:20:22.0412 5260  ================ Scan system memory ========================
18:20:22.0412 5260  System memory - ok
18:20:22.0413 5260  ================ Scan services =============================
18:20:22.0750 5260  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
18:20:22.0751 5260  Accelerometer - ok
18:20:22.0809 5260  [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI            C:\Windows\system32\drivers\acpi.sys
18:20:22.0812 5260  ACPI - ok
18:20:23.0054 5260  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:20:23.0055 5260  AdobeARMservice - ok
18:20:23.0332 5260  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:20:23.0367 5260  AdobeFlashPlayerUpdateSvc - ok
18:20:23.0419 5260  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:20:23.0423 5260  adp94xx - ok
18:20:23.0446 5260  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:20:23.0449 5260  adpahci - ok
18:20:23.0463 5260  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
18:20:23.0465 5260  adpu160m - ok
18:20:23.0511 5260  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:20:23.0513 5260  adpu320 - ok
18:20:23.0633 5260  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:20:23.0634 5260  AeLookupSvc - ok
18:20:23.0868 5260  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe
18:20:23.0869 5260  AESTFilters - ok
18:20:23.0990 5260  [ C4F6CE6087760AD70960C9EB130E7943 ] AFD             C:\Windows\system32\drivers\afd.sys
18:20:23.0994 5260  AFD - ok
18:20:24.0020 5260  [ 8FE65709982F2CB7D291F6C9B2C60805 ] AgereModemAudio C:\Windows\system32\agr64svc.exe
18:20:24.0021 5260  AgereModemAudio - ok
18:20:24.0132 5260  [ 70E15CDA25E151DFC60636EF73F5A7BE ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
18:20:24.0139 5260  AgereSoftModem - ok
18:20:24.0192 5260  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:20:24.0193 5260  agp440 - ok
18:20:24.0265 5260  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
18:20:24.0266 5260  aic78xx - ok
18:20:24.0373 5260  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe
18:20:24.0772 5260  ALG - ok
18:20:24.0904 5260  [ E0CA5BB8E6C79533DC6B1DA7361A201E ] aliide          C:\Windows\system32\drivers\aliide.sys
18:20:24.0904 5260  aliide - ok
18:20:24.0983 5260  [ 7034F8D1B9703D711D3F92C95DEB377D ] amdide          C:\Windows\system32\drivers\amdide.sys
18:20:24.0983 5260  amdide - ok
18:20:25.0230 5260  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:20:25.0231 5260  AmdK8 - ok
18:20:25.0400 5260  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll
18:20:25.0401 5260  Appinfo - ok
18:20:25.0599 5260  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys
18:20:25.0600 5260  arc - ok
18:20:25.0678 5260  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:20:25.0679 5260  arcsas - ok
18:20:25.0895 5260  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:20:25.0897 5260  aspnet_state - ok
18:20:25.0959 5260  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:20:25.0960 5260  AsyncMac - ok
18:20:26.0017 5260  [ E68D9B3A3905619732F7FE039466A623 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:20:26.0018 5260  atapi - ok
18:20:26.0165 5260  [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:20:26.0170 5260  AudioEndpointBuilder - ok
18:20:26.0431 5260  [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:20:26.0434 5260  AudioSrv - ok
18:20:26.0477 5260  [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE             C:\Windows\System32\bfe.dll
18:20:26.0480 5260  BFE - ok
18:20:26.0771 5260  [ 6E10DB69DB1AA96207F4B14B18FF12F8 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130715.001\BHDrvx64.sys
18:20:26.0781 5260  BHDrvx64 - ok
18:20:27.0218 5260  [ 6D316F4859634071CC25C4FD4589AD2C ] BITS            C:\Windows\System32\qmgr.dll
18:20:27.0226 5260  BITS - ok
18:20:27.0255 5260  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
18:20:27.0256 5260  blbdrive - ok
18:20:27.0318 5260  [ 2348447A80920B2493A9B582A23E81E1 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:20:27.0319 5260  bowser - ok
18:20:27.0372 5260  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
18:20:27.0373 5260  BrFiltLo - ok
18:20:27.0423 5260  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
18:20:27.0424 5260  BrFiltUp - ok
18:20:27.0446 5260  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll
18:20:27.0447 5260  Browser - ok
18:20:27.0474 5260  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys
18:20:27.0475 5260  Brserid - ok
18:20:27.0506 5260  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
18:20:27.0507 5260  BrSerWdm - ok
18:20:27.0540 5260  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
18:20:27.0541 5260  BrUsbMdm - ok
18:20:27.0565 5260  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
18:20:27.0566 5260  BrUsbSer - ok
18:20:27.0587 5260  [ 471FF09330A53177BBE9FD6DDF8A8259 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
18:20:27.0588 5260  BthEnum - ok
18:20:27.0618 5260  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:20:27.0619 5260  BTHMODEM - ok
18:20:27.0659 5260  [ BEFC5311736B475AC5B60C14FF7C775A ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
18:20:27.0660 5260  BthPan - ok
18:20:27.0797 5260  [ 7D104F22C04A76F0D2F96F789AC07FCB ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
18:20:27.0801 5260  BTHPORT - ok
18:20:27.0853 5260  [ 22E65FFD640F16968F855F5B3528D366 ] BthServ         C:\Windows\System32\bthserv.dll
18:20:27.0854 5260  BthServ - ok
18:20:27.0876 5260  [ D9324F0C142267961CE900BFC3798BB1 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
18:20:27.0877 5260  BTHUSB - ok
18:20:27.0996 5260  [ 56685951208AC81CF923B9B08BEDF3B7 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys
18:20:27.0998 5260  ccSet_NIS - ok
18:20:28.0041 5260  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:20:28.0042 5260  cdfs - ok
18:20:28.0092 5260  [ 3B2FB35363423ED60C8FBF15FC8680BD ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:20:28.0093 5260  cdrom - ok
18:20:28.0129 5260  [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:20:28.0130 5260  CertPropSvc - ok
18:20:28.0185 5260  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:20:28.0186 5260  circlass - ok
18:20:28.0221 5260  [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS            C:\Windows\system32\CLFS.sys
18:20:28.0226 5260  CLFS - ok
18:20:28.0342 5260  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:20:28.0345 5260  clr_optimization_v2.0.50727_32 - ok
18:20:28.0440 5260  [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:20:28.0444 5260  clr_optimization_v2.0.50727_64 - ok
18:20:28.0569 5260  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:20:28.0570 5260  clr_optimization_v4.0.30319_32 - ok
18:20:28.0602 5260  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:20:28.0604 5260  clr_optimization_v4.0.30319_64 - ok
18:20:28.0807 5260  [ 934F4153380EDB6809EB9231C6B5F2A9 ] CltMngSvc       C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
18:20:28.0807 5260  CltMngSvc - ok
18:20:28.0869 5260  [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:20:28.0869 5260  CmBatt - ok
18:20:28.0878 5260  [ 8C6AA24C1D7273A02284588426AB8CE3 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:20:28.0879 5260  cmdide - ok
18:20:28.0966 5260  [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx       C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
18:20:28.0968 5260  Com4QLBEx - ok
18:20:29.0001 5260  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:20:29.0001 5260  Compbatt - ok
18:20:29.0006 5260  COMSysApp - ok
18:20:29.0021 5260  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:20:29.0021 5260  crcdisk - ok
18:20:29.0093 5260  [ 1B22BC0B71F65001479DAB792C3F626C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:20:29.0095 5260  CryptSvc - ok
18:20:29.0596 5260  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:20:29.0606 5260  DcomLaunch - ok
18:20:29.0809 5260  [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:20:29.0810 5260  DfsC - ok
18:20:29.0921 5260  [ C647F468F7DE343DF8C143655C5557D4 ] DFSR            C:\Windows\system32\DFSR.exe
18:20:29.0997 5260  DFSR - ok
18:20:30.0065 5260  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
18:20:30.0068 5260  Dhcp - ok
18:20:30.0125 5260  [ B0107E40ECDB5FA692EBF832F295D905 ] disk            C:\Windows\system32\drivers\disk.sys
18:20:30.0126 5260  disk - ok
18:20:30.0165 5260  [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:20:30.0166 5260  Dnscache - ok
18:20:30.0243 5260  [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:20:30.0247 5260  dot3svc - ok
18:20:30.0303 5260  [ 74C02B1717740C3B8039539E23E4B53F ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
18:20:30.0305 5260  Dot4 - ok
18:20:30.0359 5260  [ 08321D1860235BF42CF2854234337AEA ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:20:30.0359 5260  Dot4Print - ok
18:20:30.0415 5260  [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
18:20:30.0415 5260  dot4usb - ok
18:20:30.0445 5260  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll
18:20:30.0447 5260  DPS - ok
18:20:30.0477 5260  [ 97DC2A789C1BE458976507846A1A8CED ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:20:30.0478 5260  drmkaud - ok
18:20:30.0919 5260  [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:20:30.0925 5260  DXGKrnl - ok
18:20:31.0018 5260  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
18:20:31.0020 5260  E1G60 - ok
18:20:31.0050 5260  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll
18:20:31.0051 5260  EapHost - ok
18:20:31.0290 5260  [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache          C:\Windows\system32\drivers\ecache.sys
18:20:31.0292 5260  Ecache - ok
18:20:31.0483 5260  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:20:31.0487 5260  eeCtrl - ok
18:20:31.0593 5260  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:20:31.0598 5260  ehRecvr - ok
18:20:31.0624 5260  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe
18:20:31.0627 5260  ehSched - ok
18:20:31.0642 5260  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll
18:20:31.0643 5260  ehstart - ok
18:20:32.0039 5260  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:20:32.0042 5260  elxstor - ok
18:20:32.0078 5260  [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
18:20:32.0083 5260  EMDMgmt - ok
18:20:32.0121 5260  [ F218A3A27ED6592C0E22EC3595554447 ] enecir          C:\Windows\system32\DRIVERS\enecir.sys
18:20:32.0121 5260  enecir - ok
18:20:32.0195 5260  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:20:32.0196 5260  EraserUtilRebootDrv - ok
18:20:32.0271 5260  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:20:32.0272 5260  ErrDev - ok
18:20:32.0377 5260  [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem     C:\Windows\system32\es.dll
18:20:32.0380 5260  EventSystem - ok
18:20:32.0463 5260  [ 486844F47B6636044A42454614ED4523 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:20:32.0464 5260  exfat - ok
18:20:32.0505 5260  [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:20:32.0506 5260  fastfat - ok
18:20:32.0540 5260  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:20:32.0541 5260  fdc - ok
18:20:32.0566 5260  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll
18:20:32.0567 5260  fdPHost - ok
18:20:32.0592 5260  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll
18:20:32.0593 5260  FDResPub - ok
18:20:32.0633 5260  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:20:32.0635 5260  FileInfo - ok
18:20:32.0661 5260  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:20:32.0661 5260  Filetrace - ok
18:20:32.0686 5260  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:20:32.0686 5260  flpydisk - ok
18:20:32.0767 5260  [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:20:32.0769 5260  FltMgr - ok
18:20:32.0916 5260  [ F20A97F51C104DD0A163251325460747 ] FontCache       C:\Windows\system32\FntCache.dll
18:20:32.0924 5260  FontCache - ok
18:20:33.0008 5260  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:20:33.0009 5260  FontCache3.0.0.0 - ok
18:20:33.0050 5260  [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
18:20:33.0050 5260  fssfltr - ok
18:20:33.0661 5260  [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:20:33.0684 5260  fsssvc - ok
18:20:33.0732 5260  [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:20:33.0733 5260  Fs_Rec - ok
18:20:33.0780 5260  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:20:33.0781 5260  gagp30kx - ok
18:20:33.0891 5260  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
18:20:33.0896 5260  GamesAppService - ok
18:20:33.0967 5260  [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
18:20:33.0967 5260  GoogleDesktopManager-051210-111108 - ok
18:20:34.0313 5260  [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:20:34.0318 5260  gpsvc - ok
18:20:34.0378 5260  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:20:34.0380 5260  gupdate - ok
18:20:34.0385 5260  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:20:34.0386 5260  gupdatem - ok
18:20:34.0478 5260  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:20:34.0480 5260  gusvc - ok
18:20:34.0558 5260  [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:20:34.0560 5260  HdAudAddService - ok
18:20:34.0602 5260  [ 0C0D0F8A3FF09ECC81963D09EC6A0A84 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:20:34.0603 5260  HDAudBus - ok
18:20:34.0640 5260  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:20:34.0641 5260  HidBth - ok
18:20:34.0669 5260  [ 1D4E03E5C5BA4C3679C38CB6B4C60D5F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:20:34.0670 5260  HidIr - ok
18:20:34.0755 5260  [ 59361D38A297755D46A540E450202B2A ] hidserv         C:\Windows\system32\hidserv.dll
18:20:34.0756 5260  hidserv - ok
18:20:34.0781 5260  [ D02C82CB3A20F391C8AEFF94E8E0BAA1 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:20:34.0782 5260  HidUsb - ok
18:20:34.0807 5260  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:20:34.0809 5260  hkmsvc - ok
18:20:35.0027 5260  [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
18:20:35.0028 5260  HP Health Check Service - ok
18:20:35.0072 5260  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
18:20:35.0073 5260  HpCISSs - ok
18:20:35.0102 5260  [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
18:20:35.0103 5260  hpdskflt - ok
18:20:35.0323 5260  [ B14328CFEEB6B736BE44C2C9DB3B162C ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
18:20:35.0325 5260  hpqcxs08 - ok
18:20:35.0411 5260  [ DF446BA625CC441617843E87798CE048 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
18:20:35.0413 5260  hpqddsvc - ok
18:20:35.0494 5260  [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
18:20:35.0495 5260  HpqKbFiltr - ok
18:20:35.0614 5260  [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
18:20:35.0616 5260  hpqwmiex - ok
18:20:35.0870 5260  [ 969F2F6571B915BADA4FA68228C2CBBC ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
18:20:36.0106 5260  HPSLPSVC - ok
18:20:36.0214 5260  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv           C:\Windows\system32\Hpservice.exe
18:20:36.0215 5260  hpsrv - ok
18:20:36.0659 5260  [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:20:36.0663 5260  HTTP - ok
18:20:36.0700 5260  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
18:20:36.0701 5260  i2omp - ok
18:20:36.0718 5260  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:20:36.0719 5260  i8042prt - ok
18:20:36.0746 5260  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
18:20:36.0749 5260  iaStorV - ok
18:20:36.0811 5260  [ DAF66902F08796F9C694901660E5A64A ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
18:20:36.0814 5260  IDriverT - ok
18:20:36.0916 5260  [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:20:36.0937 5260  idsvc - ok
18:20:37.0058 5260  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130720.001\IDSvia64.sys
18:20:37.0062 5260  IDSVia64 - ok
18:20:37.0475 5260  [ 7B0A679638E9380C0D8D42C7D43F8169 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:20:37.0523 5260  igfx - ok
18:20:37.0587 5260  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:20:37.0587 5260  iirsp - ok
18:20:37.0629 5260  [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT          C:\Windows\System32\ikeext.dll
18:20:37.0633 5260  IKEEXT - ok
18:20:37.0669 5260  [ BE1CB000C655396C9DEF09AEE3EA2D67 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
18:20:37.0671 5260  IntcHdmiAddService - ok
18:20:37.0701 5260  [ 475490CAF376E55E6E8B37BBDFEB2E81 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:20:37.0702 5260  intelide - ok
18:20:37.0727 5260  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:20:37.0728 5260  intelppm - ok
18:20:37.0771 5260  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:20:37.0774 5260  IPBusEnum - ok
18:20:37.0817 5260  [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:20:37.0817 5260  IpFilterDriver - ok
18:20:37.0874 5260  [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:20:37.0877 5260  iphlpsvc - ok
18:20:37.0881 5260  IpInIp - ok
18:20:37.0909 5260  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
18:20:37.0910 5260  IPMIDRV - ok
18:20:37.0937 5260  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
18:20:37.0938 5260  IPNAT - ok
18:20:37.0973 5260  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:20:37.0973 5260  IRENUM - ok
18:20:37.0993 5260  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:20:37.0994 5260  isapnp - ok
18:20:38.0040 5260  [ 49E4CCBF74783FCE5D2CC1FF6480E1F4 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
18:20:38.0042 5260  iScsiPrt - ok
18:20:38.0063 5260  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
18:20:38.0065 5260  iteatapi - ok
18:20:38.0076 5260  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
18:20:38.0077 5260  iteraid - ok
18:20:38.0087 5260  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:20:38.0088 5260  kbdclass - ok
18:20:38.0103 5260  [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:20:38.0104 5260  kbdhid - ok
18:20:38.0131 5260  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso          C:\Windows\system32\lsass.exe
18:20:38.0133 5260  KeyIso - ok
18:20:38.0242 5260  [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:20:38.0247 5260  KSecDD - ok
18:20:38.0290 5260  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:20:38.0291 5260  ksthunk - ok
18:20:38.0336 5260  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:20:38.0344 5260  KtmRm - ok
18:20:38.0425 5260  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:20:38.0432 5260  LanmanServer - ok
18:20:38.0521 5260  [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:20:38.0524 5260  LanmanWorkstation - ok
18:20:38.0933 5260  [ ABF90FC5A127F481219B873C1B8DFC1C ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
18:20:38.0934 5260  LightScribeService - ok
18:20:38.0949 5260  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:20:38.0950 5260  lltdio - ok
18:20:39.0034 5260  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:20:39.0041 5260  lltdsvc - ok
18:20:39.0074 5260  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:20:39.0076 5260  lmhosts - ok
18:20:39.0125 5260  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:20:39.0126 5260  LSI_FC - ok
18:20:39.0140 5260  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:20:39.0141 5260  LSI_SAS - ok
18:20:39.0149 5260  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:20:39.0150 5260  LSI_SCSI - ok
18:20:39.0180 5260  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:20:39.0181 5260  luafv - ok
18:20:39.0259 5260  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:20:39.0263 5260  Mcx2Svc - ok
18:20:39.0291 5260  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys
18:20:39.0292 5260  megasas - ok
18:20:39.0320 5260  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
18:20:39.0323 5260  MegaSR - ok
18:20:39.0412 5260  [ 9547F37D0E899FD71B52B2AFD4437C79 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
18:20:39.0413 5260  MemeoBackgroundService - ok
18:20:39.0465 5260  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll
18:20:39.0466 5260  MMCSS - ok
18:20:39.0481 5260  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys
18:20:39.0482 5260  Modem - ok
18:20:39.0521 5260  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:20:39.0521 5260  monitor - ok
18:20:39.0531 5260  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:20:39.0532 5260  mouclass - ok
18:20:39.0550 5260  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:20:39.0551 5260  mouhid - ok
18:20:39.0583 5260  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
18:20:39.0585 5260  MountMgr - ok
18:20:39.0591 5260  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:20:39.0593 5260  mpio - ok
18:20:39.0613 5260  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:20:39.0614 5260  mpsdrv - ok
18:20:39.0668 5260  [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:20:39.0674 5260  MpsSvc - ok
18:20:39.0739 5260  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
18:20:39.0740 5260  Mraid35x - ok
18:20:39.0797 5260  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:20:39.0799 5260  MRxDAV - ok
18:20:39.0841 5260  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:20:39.0842 5260  mrxsmb - ok
18:20:39.0879 5260  [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:20:39.0881 5260  mrxsmb10 - ok
18:20:39.0905 5260  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:20:39.0906 5260  mrxsmb20 - ok
18:20:39.0957 5260  [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:20:39.0957 5260  msahci - ok
18:20:40.0021 5260  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:20:40.0022 5260  msdsm - ok
18:20:40.0042 5260  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe
18:20:40.0047 5260  MSDTC - ok
18:20:40.0074 5260  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:20:40.0075 5260  Msfs - ok
18:20:40.0083 5260  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:20:40.0084 5260  msisadrv - ok
18:20:40.0170 5260  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:20:40.0174 5260  MSiSCSI - ok
18:20:40.0178 5260  msiserver - ok
18:20:40.0200 5260  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:20:40.0201 5260  MSKSSRV - ok
18:20:40.0218 5260  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:20:40.0218 5260  MSPCLOCK - ok
18:20:40.0235 5260  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:20:40.0235 5260  MSPQM - ok
18:20:40.0276 5260  [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:20:40.0278 5260  MsRPC - ok
18:20:40.0303 5260  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:20:40.0304 5260  mssmbios - ok
18:20:40.0340 5260  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:20:40.0341 5260  MSTEE - ok
18:20:40.0375 5260  [ 0CC49F78D8ACA0877D885F149084E543 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:20:40.0376 5260  Mup - ok
18:20:40.0489 5260  [ 48D50D679D28E5C4BF5A67664CC56B41 ] MyWebSearchService C:\PROGRA~2\MYWEBS~1\bar\2.bin\mwssvc.exe
18:20:40.0490 5260  MyWebSearchService - ok
18:20:40.0575 5260  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent        C:\Windows\system32\qagentRT.dll
18:20:40.0580 5260  napagent - ok
18:20:40.0614 5260  [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:20:40.0616 5260  NativeWifiP - ok
18:20:40.0803 5260  [ 56540E526B46E379A476FB5BC381B290 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130722.003\ENG64.SYS
18:20:40.0804 5260  NAVENG - ok
18:20:41.0376 5260  [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130722.003\EX64.SYS
18:20:41.0389 5260  NAVEX15 - ok
18:20:41.0774 5260  [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:20:41.0780 5260  NDIS - ok
18:20:41.0922 5260  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:20:41.0922 5260  NdisTapi - ok
18:20:41.0954 5260  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:20:41.0955 5260  Ndisuio - ok
18:20:42.0013 5260  [ F8158771905260982CE724076419EF19 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:20:42.0014 5260  NdisWan - ok
18:20:42.0029 5260  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:20:42.0030 5260  NDProxy - ok
18:20:42.0069 5260  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:20:42.0070 5260  Net Driver HPZ12 - ok
18:20:42.0097 5260  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:20:42.0098 5260  NetBIOS - ok
18:20:42.0141 5260  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
18:20:42.0143 5260  netbt - ok
18:20:42.0176 5260  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon        C:\Windows\system32\lsass.exe
18:20:42.0177 5260  Netlogon - ok
18:20:42.0201 5260  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll
18:20:42.0204 5260  Netman - ok
18:20:42.0278 5260  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:20:42.0283 5260  NetMsmqActivator - ok
18:20:42.0293 5260  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:20:42.0294 5260  NetPipeActivator - ok
18:20:42.0358 5260  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll
18:20:42.0361 5260  netprofm - ok
18:20:42.0372 5260  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:20:42.0373 5260  NetTcpActivator - ok
18:20:42.0380 5260  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:20:42.0381 5260  NetTcpPortSharing - ok
18:20:43.0333 5260  [ C86984AEE87900C1EEB6942EDE3BF4B6 ] NETw3v64        C:\Windows\system32\DRIVERS\NETw3v64.sys
18:20:43.0353 5260  NETw3v64 - ok
18:20:44.0235 5260  [ 2BDCB7B7917380794C9D87AC2153CE33 ] NETw5v64        C:\Windows\system32\DRIVERS\NETw5v64.sys
18:20:44.0268 5260  NETw5v64 - ok
18:20:44.0354 5260  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:20:44.0355 5260  nfrd960 - ok
18:20:45.0022 5260  [ 1BF9D6476061B31CD7FC2BF848529A56 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
18:20:45.0023 5260  NIS - ok
18:20:45.0087 5260  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:20:45.0090 5260  NlaSvc - ok
18:20:45.0213 5260  [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:20:45.0214 5260  Npfs - ok
18:20:45.0256 5260  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll
18:20:45.0258 5260  nsi - ok
18:20:45.0290 5260  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:20:45.0291 5260  nsiproxy - ok
18:20:45.0510 5260  [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:20:45.0521 5260  Ntfs - ok
18:20:45.0693 5260  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys
18:20:45.0694 5260  Null - ok
18:20:45.0769 5260  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:20:45.0770 5260  nvraid - ok
18:20:45.0776 5260  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:20:45.0777 5260  nvstor - ok
18:20:45.0910 5260  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:20:45.0911 5260  nv_agp - ok
18:20:45.0916 5260  NwlnkFlt - ok
18:20:45.0922 5260  NwlnkFwd - ok
18:20:46.0458 5260  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:20:46.0466 5260  odserv - ok
18:20:46.0523 5260  [ 1B30103FDE512915A9214B108B6E7A9C ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
18:20:46.0525 5260  ohci1394 - ok
18:20:46.0591 5260  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:20:46.0595 5260  ose - ok
18:20:46.0751 5260  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc        C:\Windows\system32\p2psvc.dll
18:20:46.0770 5260  p2pimsvc - ok
18:20:46.0788 5260  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc          C:\Windows\system32\p2psvc.dll
18:20:46.0795 5260  p2psvc - ok
18:20:46.0934 5260  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys
18:20:46.0936 5260  Parport - ok
18:20:47.0101 5260  [ B43751085E2ABE389DA466BC62A4B987 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:20:47.0102 5260  partmgr - ok
18:20:47.0127 5260  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:20:47.0129 5260  PcaSvc - ok
18:20:47.0148 5260  [ 2A5B2A51559066EA84742909B5B2CD69 ] pci             C:\Windows\system32\drivers\pci.sys
18:20:47.0150 5260  pci - ok
18:20:47.0175 5260  [ 15E5C3F89A3452EFBDA3B39816DBC4EE ] pciide          C:\Windows\system32\drivers\pciide.sys
18:20:47.0175 5260  pciide - ok
18:20:47.0215 5260  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:20:47.0217 5260  pcmcia - ok
18:20:47.0261 5260  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:20:47.0266 5260  PEAUTH - ok
18:20:47.0395 5260  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:20:47.0397 5260  PerfHost - ok
18:20:47.0521 5260  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll
18:20:47.0554 5260  pla - ok
18:20:47.0634 5260  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:20:47.0639 5260  PlugPlay - ok
18:20:47.0674 5260  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:20:47.0676 5260  Pml Driver HPZ12 - ok
18:20:47.0706 5260  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
18:20:47.0714 5260  PNRPAutoReg - ok
18:20:47.0808 5260  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc         C:\Windows\system32\p2psvc.dll
18:20:47.0815 5260  PNRPsvc - ok
18:20:47.0900 5260  [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:20:47.0905 5260  PolicyAgent - ok
18:20:47.0947 5260  [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:20:47.0948 5260  PptpMiniport - ok
18:20:47.0977 5260  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\drivers\processr.sys
18:20:47.0978 5260  Processor - ok
18:20:48.0008 5260  [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc         C:\Windows\system32\profsvc.dll
18:20:48.0012 5260  ProfSvc - ok
18:20:48.0031 5260  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
18:20:48.0033 5260  ProtectedStorage - ok
18:20:48.0069 5260  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
18:20:48.0071 5260  PSched - ok
18:20:48.0126 5260  [ C8DA4746D1C87FE3E5DCC3CE86218B62 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
18:20:48.0127 5260  QBCFMonitorService - ok
18:20:48.0244 5260  [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService     C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
18:20:48.0248 5260  QBFCService - ok
18:20:48.0651 5260  [ 25FC19BADF78B7FB1D835AAC4B0B91A5 ] QBVSS           C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
18:20:48.0661 5260  QBVSS - ok
18:20:48.0712 5260  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:20:48.0739 5260  ql2300 - ok
18:20:48.0756 5260  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:20:48.0757 5260  ql40xx - ok
18:20:48.0821 5260  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll
18:20:48.0827 5260  QWAVE - ok
18:20:48.0838 5260  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:20:48.0839 5260  QWAVEdrv - ok
18:20:48.0879 5260  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:20:48.0879 5260  RasAcd - ok
18:20:48.0917 5260  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll
18:20:48.0920 5260  RasAuto - ok
18:20:48.0965 5260  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:20:48.0966 5260  Rasl2tp - ok
18:20:49.0023 5260  [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan          C:\Windows\System32\rasmans.dll
18:20:49.0027 5260  RasMan - ok
18:20:49.0059 5260  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:20:49.0060 5260  RasPppoe - ok
18:20:49.0144 5260  [ C6A593B51F34C33E5474539544072527 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:20:49.0145 5260  RasSstp - ok
18:20:49.0181 5260  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:20:49.0183 5260  rdbss - ok
18:20:49.0215 5260  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:20:49.0216 5260  RDPCDD - ok
18:20:49.0285 5260  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
18:20:49.0288 5260  rdpdr - ok
18:20:49.0293 5260  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:20:49.0294 5260  RDPENCDD - ok
18:20:49.0338 5260  [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:20:49.0340 5260  RDPWD - ok
18:20:49.0414 5260  [ BC0A4D47472B042537F4E57B950415FA ] Recovery Service for Windows C:\Program Files (x86)\SMINST\BLService.exe
18:20:49.0416 5260  Recovery Service for Windows - ok
18:20:49.0479 5260  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:20:49.0482 5260  RemoteAccess - ok
18:20:49.0519 5260  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:20:49.0523 5260  RemoteRegistry - ok
18:20:49.0607 5260  [ 72C35598BA591ABDDC37FCE7D26FE1C4 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
18:20:49.0608 5260  RFCOMM - ok
18:20:49.0720 5260  [ 805AE1F90C64758D19AAA001CF8CBA12 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
18:20:49.0722 5260  RichVideo - ok
18:20:49.0762 5260  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe
18:20:49.0764 5260  RpcLocator - ok
18:20:49.0881 5260  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs           C:\Windows\system32\rpcss.dll
18:20:49.0887 5260  RpcSs - ok
18:20:49.0926 5260  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:20:49.0927 5260  rspndr - ok
18:20:50.0019 5260  [ 390482953C63E81BAE52F20386394421 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh64.sys
18:20:50.0021 5260  RTL8169 - ok
18:20:50.0063 5260  [ AA3987386CF7D9005C42BC974634BD56 ] RTSTOR          C:\Windows\system32\drivers\RTSTOR64.SYS
18:20:50.0064 5260  RTSTOR - ok
18:20:50.0076 5260  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs           C:\Windows\system32\lsass.exe
18:20:50.0077 5260  SamSs - ok
18:20:50.0097 5260  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:20:50.0098 5260  sbp2port - ok
18:20:50.0169 5260  [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:20:50.0173 5260  SCardSvr - ok
18:20:50.0228 5260  [ 0F838C811AD295D2A4489B9993096C63 ] Schedule        C:\Windows\system32\schedsvc.dll
18:20:50.0248 5260  Schedule - ok
18:20:50.0284 5260  [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:20:50.0286 5260  SCPolicySvc - ok
18:20:50.0329 5260  [ B42EE50F7D24F837F925332EB349ECA5 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
18:20:50.0330 5260  sdbus - ok
18:20:50.0370 5260  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:20:50.0374 5260  SDRSVC - ok
18:20:50.0442 5260  [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
18:20:50.0443 5260  SeagateDashboardService - ok
18:20:50.0536 5260  [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort         C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
18:20:50.0537 5260  SeaPort - ok
18:20:50.0562 5260  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:20:50.0563 5260  secdrv - ok
18:20:50.0602 5260  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll
18:20:50.0603 5260  seclogon - ok
18:20:50.0619 5260  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\System32\sens.dll
18:20:50.0621 5260  SENS - ok
18:20:50.0648 5260  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum         C:\Windows\system32\drivers\serenum.sys
18:20:50.0649 5260  Serenum - ok
18:20:51.0040 5260  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys
18:20:51.0041 5260  Serial - ok
18:20:51.0080 5260  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:20:51.0081 5260  sermouse - ok
18:20:51.0275 5260  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:20:51.0278 5260  SessionEnv - ok
18:20:51.0290 5260  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:20:51.0291 5260  sffdisk - ok
18:20:51.0320 5260  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:20:51.0320 5260  sffp_mmc - ok
18:20:51.0338 5260  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:20:51.0339 5260  sffp_sd - ok
18:20:51.0604 5260  [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:20:51.0605 5260  sfloppy - ok
18:20:51.0701 5260  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:20:51.0708 5260  SharedAccess - ok
18:20:51.0784 5260  [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:20:51.0788 5260  ShellHWDetection - ok
18:20:51.0849 5260  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
18:20:51.0850 5260  SiSRaid2 - ok
18:20:51.0856 5260  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:20:51.0857 5260  SiSRaid4 - ok
18:20:51.0939 5260  [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc           C:\Windows\system32\SLsvc.exe
18:20:51.0976 5260  slsvc - ok
18:20:52.0154 5260  [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify      C:\Windows\system32\SLUINotify.dll
18:20:52.0225 5260  SLUINotify - ok
18:20:52.0296 5260  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:20:52.0297 5260  Smb - ok
18:20:52.0445 5260  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:20:52.0543 5260  SNMPTRAP - ok
18:20:52.0586 5260  [ 386C3C63F00A7040C7EC5E384217E89D ] spldr           C:\Windows\system32\drivers\spldr.sys
18:20:52.0587 5260  spldr - ok
18:20:52.0624 5260  [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler         C:\Windows\System32\spoolsv.exe
18:20:52.0628 5260  Spooler - ok
18:20:52.0776 5260  [ 2FD9346F9D76CB4192D37329CFA47A82 ] SRTSP           C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS
18:20:52.0783 5260  SRTSP - ok
18:20:52.0826 5260  [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX          C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS
18:20:52.0828 5260  SRTSPX - ok
18:20:52.0895 5260  [ 880A57FCCB571EBD063D4DD50E93E46D ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:20:52.0899 5260  srv - ok
18:20:52.0940 5260  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:20:52.0942 5260  srv2 - ok
18:20:53.0002 5260  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:20:53.0003 5260  srvnet - ok
18:20:53.0406 5260  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:20:53.0409 5260  SSDPSRV - ok
18:20:53.0430 5260  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:20:53.0432 5260  SstpSvc - ok
18:20:53.0761 5260  [ 72EB6157E892A674E47E08732BB5CCE3 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe
18:20:53.0763 5260  STacSV - ok
18:20:53.0827 5260  [ 0C7BDA7E9A329A071C080EB5210FE019 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
18:20:53.0831 5260  STHDA - ok
18:20:53.0892 5260  [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc          C:\Windows\System32\wiaservc.dll
18:20:53.0899 5260  stisvc - ok
18:20:53.0943 5260  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:20:53.0944 5260  swenum - ok
18:20:54.0012 5260  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv           C:\Windows\System32\swprv.dll
18:20:54.0029 5260  swprv - ok
18:20:54.0065 5260  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
18:20:54.0066 5260  Symc8xx - ok
18:20:54.0077 5260  SYMDNS - ok
18:20:54.0120 5260  [ 52DC0048D667757A8A2E4C87182890AC ] SymDS           C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS
18:20:54.0131 5260  SymDS - ok
18:20:54.0170 5260  [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA          C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS
18:20:54.0200 5260  SymEFA - ok
18:20:54.0248 5260  [ F19E5E37ED8134B9E5F6287F2D3A75D7 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
18:20:54.0250 5260  SymEvent - ok
18:20:54.0259 5260  SYMFW - ok
18:20:54.0342 5260  [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON         C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS
18:20:54.0344 5260  SymIRON - ok
18:20:54.0352 5260  SYMNDISV - ok
18:20:54.0357 5260  SYMREDRV - ok
18:20:54.0392 5260  [ CF495F354585A1EB46753FC98608D1DA ] SYMTDIv         C:\Windows\System32\Drivers\NISx64\1404000.028\SYMTDIV.SYS
18:20:54.0396 5260  SYMTDIv - ok
18:20:54.0419 5260  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
18:20:54.0420 5260  Sym_hi - ok
18:20:54.0449 5260  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
18:20:54.0449 5260  Sym_u3 - ok
18:20:54.0660 5260  [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:20:54.0663 5260  SynTP - ok
18:20:54.0730 5260  [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain         C:\Windows\system32\sysmain.dll
18:20:54.0744 5260  SysMain - ok
18:20:54.0813 5260  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:20:54.0816 5260  TabletInputService - ok
18:20:54.0865 5260  [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:20:54.0869 5260  TapiSrv - ok
18:20:54.0889 5260  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll
18:20:54.0892 5260  TBS - ok
18:20:55.0030 5260  [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:20:55.0039 5260  Tcpip - ok
18:20:55.0119 5260  [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
18:20:55.0128 5260  Tcpip6 - ok
18:20:55.0192 5260  [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:20:55.0192 5260  tcpipreg - ok
18:20:55.0227 5260  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:20:55.0228 5260  TDPIPE - ok
18:20:55.0265 5260  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:20:55.0266 5260  TDTCP - ok
18:20:55.0347 5260  [ 458919C8C42E398DC4802178D5FFEE27 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:20:55.0348 5260  tdx - ok
18:20:55.0372 5260  [ 3F0EBF6EE609F2A276C0D5FAF244EC90 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:20:55.0373 5260  TermDD - ok
18:20:55.0742 5260  [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService     C:\Windows\System32\termsrv.dll
18:20:55.0747 5260  TermService - ok
18:20:55.0867 5260  [ 56793271ECDEDD350C5ADD305603E963 ] Themes          C:\Windows\system32\shsvcs.dll
18:20:55.0871 5260  Themes - ok
18:20:55.0898 5260  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:20:55.0899 5260  THREADORDER - ok
18:20:55.0928 5260  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll
18:20:55.0931 5260  TrkWks - ok
18:20:55.0995 5260  [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:20:55.0997 5260  TrustedInstaller - ok
18:20:56.0034 5260  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:20:56.0034 5260  tssecsrv - ok
18:20:56.0084 5260  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
18:20:56.0085 5260  tunmp - ok
18:20:56.0120 5260  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:20:56.0120 5260  tunnel - ok
18:20:56.0142 5260  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:20:56.0144 5260  uagp35 - ok
18:20:56.0186 5260  [ FAF2640A2A76ED03D449E443194C4C34 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:20:56.0189 5260  udfs - ok
18:20:56.0271 5260  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:20:56.0274 5260  UI0Detect - ok
18:20:56.0307 5260  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:20:56.0309 5260  uliagpkx - ok
18:20:56.0368 5260  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
18:20:56.0370 5260  uliahci - ok
18:20:56.0393 5260  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
18:20:56.0395 5260  UlSata - ok
18:20:56.0412 5260  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
18:20:56.0414 5260  ulsata2 - ok
18:20:56.0449 5260  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:20:56.0450 5260  umbus - ok
18:20:56.0479 5260  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll
18:20:56.0483 5260  upnphost - ok
18:20:56.0512 5260  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:20:56.0513 5260  usbccgp - ok
18:20:56.0539 5260  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:20:56.0540 5260  usbcir - ok
18:20:56.0558 5260  [ DA6D8D8ED0A53C63AC6F4BD40FE83FBE ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:20:56.0559 5260  usbehci - ok
18:20:56.0578 5260  [ 99045369AE3216216573D0775FD7ED56 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:20:56.0581 5260  usbhub - ok
18:20:56.0594 5260  [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:20:56.0595 5260  usbohci - ok
18:20:56.0647 5260  [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:20:56.0648 5260  usbprint - ok
18:20:56.0684 5260  [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:20:56.0685 5260  usbscan - ok
18:20:56.0730 5260  [ 586D9876A4945779C8EEA926C0D16889 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:20:56.0731 5260  USBSTOR - ok
18:20:56.0755 5260  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:20:56.0756 5260  usbuhci - ok
18:20:56.0776 5260  [ FC33099877790D51B0927B7039059855 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
18:20:56.0777 5260  usbvideo - ok
18:20:56.0832 5260  [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms           C:\Windows\System32\uxsms.dll
18:20:56.0834 5260  UxSms - ok
18:20:56.0885 5260  [ 294945381DFA7CE58CECF0A9896AF327 ] vds             C:\Windows\System32\vds.exe
18:20:56.0893 5260  vds - ok
18:20:56.0932 5260  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:20:56.0933 5260  vga - ok
18:20:56.0951 5260  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:20:56.0951 5260  VgaSave - ok
18:20:56.0967 5260  [ 4F964E6828156F0EF3FA8D3A9A7895DE ] viaide          C:\Windows\system32\drivers\viaide.sys
18:20:56.0968 5260  viaide - ok
18:20:57.0000 5260  [ 622FCF264119F7DF127BE353F796B319 ] VideoDownloadConverter_4zService C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
18:20:57.0001 5260  VideoDownloadConverter_4zService - ok
18:20:57.0033 5260  [ 793D9B32A1C462C91F6F70358283AC97 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:20:57.0034 5260  volmgr - ok
18:20:57.0069 5260  [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:20:57.0072 5260  volmgrx - ok
18:20:57.0093 5260  [ DE4307412D98050239026E56A7DFF3C0 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:20:57.0097 5260  volsnap - ok
18:20:57.0115 5260  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:20:57.0117 5260  vsmraid - ok
18:20:57.0208 5260  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS             C:\Windows\system32\vssvc.exe
18:20:57.0238 5260  VSS - ok
18:20:57.0307 5260  [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time         C:\Windows\system32\w32time.dll
18:20:57.0312 5260  W32Time - ok
18:20:57.0330 5260  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:20:57.0331 5260  WacomPen - ok
18:20:57.0361 5260  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
18:20:57.0362 5260  Wanarp - ok
18:20:57.0367 5260  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:20:57.0368 5260  Wanarpv6 - ok
18:20:57.0409 5260  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:20:57.0421 5260  wcncsvc - ok
18:20:57.0440 5260  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:20:57.0443 5260  WcsPlugInService - ok
18:20:57.0479 5260  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys
18:20:57.0479 5260  Wd - ok
18:20:58.0086 5260  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:20:58.0091 5260  Wdf01000 - ok
18:20:58.0175 5260  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:20:58.0177 5260  WdiServiceHost - ok
18:20:58.0236 5260  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:20:58.0239 5260  WdiSystemHost - ok
18:20:58.0348 5260  [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient       C:\Windows\System32\webclnt.dll
18:20:58.0351 5260  WebClient - ok
18:20:58.0399 5260  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:20:58.0405 5260  Wecsvc - ok
18:20:58.0436 5260  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:20:58.0439 5260  wercplsupport - ok
18:20:58.0453 5260  [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc          C:\Windows\System32\WerSvc.dll
18:20:58.0456 5260  WerSvc - ok
18:20:58.0479 5260  WinDefend - ok
18:20:58.0488 5260  WinHttpAutoProxySvc - ok
18:20:58.0597 5260  [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:20:58.0599 5260  Winmgmt - ok
18:20:58.0694 5260  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:20:58.0734 5260  WinRM - ok
18:20:58.0816 5260  [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:20:58.0822 5260  Wlansvc - ok
18:20:59.0089 5260  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:20:59.0123 5260  wlidsvc - ok
18:20:59.0189 5260  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
18:20:59.0190 5260  WmiAcpi - ok
18:20:59.0226 5260  [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:20:59.0230 5260  wmiApSrv - ok
18:20:59.0350 5260  WMPNetworkSvc - ok
18:20:59.0412 5260  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:20:59.0418 5260  WPCSvc - ok
18:20:59.0501 5260  [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:20:59.0503 5260  WPDBusEnum - ok
18:20:59.0554 5260  [ 6329D1990DB931073B86AB5946D8E317 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
18:20:59.0555 5260  WpdUsb - ok
18:21:01.0115 5260  [ 8E344C1B4FE7EDE0E9055405B9987862 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:21:01.0134 5260  WPFFontCache_v0400 - ok
18:21:01.0254 5260  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:21:01.0255 5260  ws2ifsl - ok
18:21:01.0659 5260  [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc          C:\Windows\System32\wscsvc.dll
18:21:01.0662 5260  wscsvc - ok
18:21:01.0669 5260  WSearch - ok
18:21:03.0266 5260  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:21:03.0632 5260  wuauserv - ok
18:21:03.0713 5260  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:21:03.0714 5260  WudfPf - ok
18:21:03.0806 5260  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:21:03.0807 5260  WUDFRd - ok
18:21:03.0877 5260  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:21:03.0879 5260  wudfsvc - ok
18:21:04.0014 5260  [ 07F7285220307AAFB755D890295F0F9A ] yukonx64        C:\Windows\system32\DRIVERS\yk60x64.sys
18:21:04.0016 5260  yukonx64 - ok
18:21:04.0131 5260  [ 1CACFEF9E5DD866C5B79A135EE729E18 ] {55662437-DA8C-40c0-AADA-2C816A897A49} C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
18:21:04.0133 5260  {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
18:21:04.0138 5260  ================ Scan global ===============================
18:21:04.0281 5260  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
18:21:04.0367 5260  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
18:21:04.0383 5260  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
18:21:04.0435 5260  [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
18:21:04.0440 5260  [Global] - ok
18:21:04.0440 5260  ================ Scan MBR ==================================
18:21:04.0453 5260  [ 588AE8F0C685C02BA11F30D9CD7E61A0 ] \Device\Harddisk0\DR0
18:21:07.0596 5260  \Device\Harddisk0\DR0 - ok
18:21:07.0596 5260  ================ Scan VBR ==================================
18:21:07.0600 5260  [ 067CFC6A7A2D9ED19D81831F593A005D ] \Device\Harddisk0\DR0\Partition1
18:21:07.0603 5260  \Device\Harddisk0\DR0\Partition1 - ok
18:21:07.0624 5260  [ 0BF8A4EBB4404E3634CEDAE86AD6143F ] \Device\Harddisk0\DR0\Partition2
18:21:07.0627 5260  \Device\Harddisk0\DR0\Partition2 - ok
18:21:07.0633 5260  ============================================================
18:21:07.0633 5260  Scan finished
18:21:07.0633 5260  ============================================================
18:21:07.0657 4220  Detected object count: 0
18:21:07.0657 4220  Actual detected object count: 0
18:21:48.0032 6108  Deinitialize success


#4 claytonian82

claytonian82
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 22 July 2013 - 06:34 PM

http://speccy.piriform.com/results/t6HPbNwwDMwjxtzQbqjXyh7



#5 claytonian82

claytonian82
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 22 July 2013 - 06:46 PM

MiniToolBox by Farbar  Version: 13-07-2013
Ran by user (administrator) on 22-07-2013 at 18:44:08
Running from "C:\Users\user\Downloads"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/22/2013 06:37:23 PM) (Source: CltMngSvc) (User: )
Description: CltMngSvcServiceInstall: Fail to Start serviceSearch Protect by Conduit Updater (Error: 1056)
 
Error: (07/22/2013 06:28:50 PM) (Source: Perflib) (User: )
Description: PolicyAgent
 
Error: (07/22/2013 06:28:50 PM) (Source: Perflib) (User: )
Description: OpenIPSecPerformanceDataC:\Windows\System32\ipsecsvc.dllPolicyAgent8
 
Error: (07/22/2013 06:28:47 PM) (Source: Perflib) (User: )
Description: Outlook
 
Error: (07/22/2013 06:28:47 PM) (Source: Perflib) (User: )
Description: Outlook8
 
Error: (07/22/2013 06:28:44 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll8
 
Error: (07/22/2013 06:28:44 PM) (Source: Perflib) (User: )
Description: ASP.NET_2.0.50727
 
Error: (07/22/2013 06:28:43 PM) (Source: Perflib) (User: )
Description: ASP.NET_2.0.507278
 
Error: (07/22/2013 06:10:20 PM) (Source: Application Error) (User: )
Description: Faulting application IntuitDataProtect.exe, version 1.54.21.4002, time stamp 0x509d9ec9, faulting module dblib11.dll_unloaded, version 0.0.0.0, time stamp 0x4d967692, exception code 0xc0000005, fault offset 0x6516a1d0,
process id 0x11e4, application start time 0xIntuitDataProtect.exe0.
 
Error: (07/22/2013 06:08:22 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
 
 
System errors:
=============
Error: (07/22/2013 06:10:45 PM) (Source: Service Control Manager) (User: )
Description: KtmRm for Distributed Transaction Coordinator
 
Error: (07/22/2013 06:04:51 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service
 
Error: (07/22/2013 06:03:07 PM) (Source: netbt) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.3.
The computer with the IP address 192.168.1.158 did not allow the name to be claimed by
this computer.
 
Error: (07/22/2013 06:02:52 PM) (Source: Print) (User: NT AUTHORITY)
Description: The attempt to install printer Microsoft XPS Document Writer 6.0.6002.18005 into an offline operating system image failed with Win32 error code 3016 (0xbc8). This can occur if the printer driver requires user input or displays a user interface (UI) during installation.
 
Error: (07/22/2013 06:02:28 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 5:58:58 PM on 7/22/2013 was unexpected.
 
Error: (07/21/2013 06:42:47 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service
 
Error: (07/21/2013 06:40:28 PM) (Source: netbt) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.3.
The computer with the IP address 192.168.1.158 did not allow the name to be claimed by
this computer.
 
Error: (07/21/2013 06:40:18 PM) (Source: Print) (User: NT AUTHORITY)
Description: The attempt to install printer Microsoft XPS Document Writer 6.0.6002.18005 into an offline operating system image failed with Win32 error code 3016 (0xbc8). This can occur if the printer driver requires user input or displays a user interface (UI) during installation.
 
Error: (07/21/2013 06:39:51 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:37:10 PM on 7/21/2013 was unexpected.
 
Error: (07/21/2013 06:15:06 PM) (Source: Service Control Manager) (User: )
Description: Windows Update
 
 
Microsoft Office Sessions:
=========================
Error: (02/09/2013 01:53:31 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (10/04/2010 04:27:06 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 0 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (09/24/2010 09:42:18 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4588 seconds with 360 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-07-21 20:54:49.647
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-07-21 20:54:49.351
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-07-21 20:54:49.132
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-07-21 20:54:48.883
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-07-21 20:54:48.383
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-07-21 20:54:48.149
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-07-21 20:54:47.869
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-07-21 20:54:47.635
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-07-21 20:54:47.432
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-07-21 20:54:47.245
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Agere Systems HDA Modem
Google Chrome (Version: 28.0.1500.72)
HP Customer Participation Program 10.0 (Version: 10.0)
HP Document Manager 1.0 (Version: 1.0)
HP Imaging Device Functions 10.0 (Version: 10.0)
HP MediaSmart SmartMenu (Version: 2.1.7)
HP Officejet All-In-One Series (Version: 1.0)
HP Photosmart Essential 2.5 (Version: 2.5)
HP Smart Web Printing (Version: 3.5)
HP Solution Center 10.0 (Version: 10.0)
IB Updater Service (Version: 3.0.5.3)
Intel® Graphics Media Accelerator Driver
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
NetDeviceManager64 (Version: 100.0.170.000)
OCR Software by I.R.I.S. 10.0 (Version: 10.0)
ProtectSmart Hard Drive Protection (Version: 3.10.1.7)
Shop for HP Supplies (Version: 10.0)
Speccy (Version: 1.22)
Synaptics Pointing Device Driver (Version: 15.3.29.0)
Windows Driver Package - ENE (enecir) HIDClass  (09/04/2008 2.6.0.0) (Version: 09/04/2008 2.6.0.0)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 51%
Total physical RAM: 6046.25 MB
Available physical RAM: 2917.01 MB
Total Pagefile: 12209.51 MB
Available Pagefile: 8933.63 MB
Total Virtual: 4095.88 MB
Available Virtual: 3989.27 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:453.18 GB) (Free:311.55 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:12.58 GB) (Free:1.68 GB) NTFS
3 Drive e: (OJ_J46X0) (CDROM) (Total:0.41 GB) (Free:0 GB) CDFS
 
========================= Users: ========================================
 
User accounts for \\USER-PC
 
Administrator            Guest                    user                     
 
 
**** End of log ****


#6 claytonian82

claytonian82
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 22 July 2013 - 06:52 PM

I am running the scan now and will post the results once complete.



#7 claytonian82

claytonian82
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 23 July 2013 - 10:49 PM

C:\Program Files\DomaIQ Uninstaller\DomaIQUninstall.exe probably a variant of MSIL/DomaIQ.A application
C:\Program Files (x86)\Driver Pro\DPSmartScan.exe Win32/Adware.SpeedingUpMyPC.C application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3CJPEG.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3DTACTL.DLL Win32/FunWeb application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3HISTSW.DLL Win32/FunWeb application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3HKSTUB.DLL Win32/Toolbar.MyWebSearch.G application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3HTMLMU.DLL Win32/Toolbar.MyWebSearch.B application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3HTTPCT.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3IMSTUB.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3POPSWT.DLL Win32/FunWeb application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3PSSAVR.SCR Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3REGHK.DLL Win32/Toolbar.MyWebSearch.G application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3REPROX.DLL Win32/Toolbar.MyWebSearch.D application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3RESTUB.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3SCHMON.EXE Win32/FunWeb application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3SCRCTR.DLL Win32/Toolbar.MyWebSearch.P application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3WPHOOK.DLL Win32/FunWeb application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3AUXSTB.DLL Win32/Toolbar.MyWebSearch.H application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3DLGHK.DLL a variant of Win32/Toolbar.MyWebSearch.I application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3HTML.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3IDLE.DLL Win32/Toolbar.MyWebSearch.P application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3IMPIPE.EXE Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3MSG.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3OUTLCN.DLL Win32/Toolbar.MyWebSearch.J application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3PLUGIN.DLL a variant of Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3SKIN.DLL Win32/Toolbar.MyWebSearch.P application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3SKPLAY.EXE Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3SLSRCH.EXE Win32/Toolbar.MyWebSearch.J application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3SRCHMN.EXE Win32/Toolbar.MyWebSearch.I application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3TPINST.DLL a variant of Win32/Toolbar.MyWebSearch.I application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3UNPAT.DLL a variant of Win32/Toolbar.MyWebSearch.I application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSMLBTN.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSOEMON.EXE Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSOEPLG.DLL Win32/Toolbar.MyWebSearch.J application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSOESTB.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSVC.EXE Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSUABTN.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMYWEBS.DLL Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\SearchProtect\bin\ChromeModule.dll a variant of Win32/Conduit.SearchProtect.C application
C:\Program Files (x86)\SearchProtect\bin\cltmng.exe a variant of Win32/Conduit.SearchProtect.B application
C:\Program Files (x86)\SearchProtect\bin\FirefoxModule.dll a variant of Win32/Conduit.SearchProtect.C application
C:\Program Files (x86)\SearchProtect\bin\InternetExplorerModule.dll a variant of Win32/Conduit.SearchProtect.C application
C:\Program Files (x86)\SearchProtect\bin\SPHook32.dll probably a variant of Win32/Conduit.SearchProtect.C application
C:\Program Files (x86)\SearchProtect\ffprotect\application.js Win32/Conduit.SearchProtect.A application
C:\Program Files (x86)\SearchProtect\ffprotect\nsprotector.js Win32/Conduit.SearchProtect.A application
C:\Program Files (x86)\Supreme Savings\Supreme Savings.dll a variant of Win32/Toolbar.CrossRider.A application
C:\Program Files (x86)\Supreme Savings\Uninstall.exe multiple threats
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zdatact.dll a variant of Win32/Toolbar.MyWebSearch.A application
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zhtmlmu.dll probably a variant of Win32/Toolbar.MyWebSearch.B application
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zieovr.dll probably a variant of Win32/Toolbar.MyWebSearch.P application
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zPlugin.dll probably a variant of Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zskin.dll a variant of Win32/Toolbar.MyWebSearch.P application
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\T8HTML.DLL probably a variant of Win32/Toolbar.MyWebSearch.F application
C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\4zEIPlug.dll Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\4zEZSETP.dll a variant of Win32/Toolbar.MyWebSearch.Q application
C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISb.dll Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\Windows Live\Messenger\msimg32.dll Win32/Toolbar.MyWebSearch application
C:\Program Files (x86)\Windows Live\Messenger\riched20.dll Win32/Toolbar.MyWebSearch application
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\Users\All Users\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\Users\user\AppData\Local\getsavin\ie\getsavin_1374535801.dll a variant of Win32/Adware.CouponAmazing.A application
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G6XZET9X\installer-silent[1].exe a variant of Win32/Adware.CouponAmazing.A application
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1GPI0IA\SPSetup[1].exe multiple threats
C:\Users\user\AppData\Local\Temp\hsbing_717_active.exe multiple threats
C:\Users\user\AppData\Local\Temp\SecondStepInstaller.exe multiple threats
C:\Users\user\AppData\Local\Temp\Shortcut_SweetIPacks.exe probably a variant of Win32/SweetIM.C application
C:\Users\user\AppData\Local\Temp\DIQ\FlashPlayer_187\OfferBrokerage_14003.exe a variant of Win32/InstallIQ.A application
C:\Users\user\AppData\Local\Temp\DIQ\FlashPlayer_187\setup__120.exe a variant of Win32/Amonetize.D application
C:\Users\user\AppData\Local\Temp\DIQ\FlashPlayer_187\software\FlashPlayer.exe Win32/DomaIQ.M application
C:\Users\user\AppData\Local\Temp\DIQ\FlashPlayer_187\software\Setup__120_i9253105.exe a variant of Win32/Amonetize.D application
C:\Users\user\AppData\Local\Temp\DM\nYiz1z1caJ61m42\OfferBrokerage_14003.exe a variant of Win32/InstallIQ.A application
C:\Users\user\AppData\Local\Temp\DM\nYiz1z1caJ61m42\setup__120.exe a variant of Win32/Amonetize.D application
C:\Users\user\AppData\Local\Temp\DM\nYiz1z1caJ61m42\software\FlashPlayer.exe Win32/DomaIQ.M application
C:\Users\user\AppData\Local\Temp\DM\nYiz1z1caJ61m42\software\Mixi Dj.exe Win32/OutBrowse.C application
C:\Users\user\AppData\Local\Temp\DM\nYiz1z1caJ61m42\software\speedupmypc.exe Win32/SpeedUpMyPC application
C:\Users\user\AppData\Local\Temp\Doma\FlashPlayer_151\OfferBrokerage_14003.exe a variant of Win32/InstallIQ.A application
C:\Users\user\AppData\Local\Temp\Doma\FlashPlayer_151\setup__120.exe a variant of Win32/Amonetize.D application
C:\Users\user\AppData\Local\Temp\Doma\FlashPlayer_151\setup__1473.exe Win32/Amonetize.A.Gen application
C:\Users\user\AppData\Local\Temp\Doma\FlashPlayer_151\software\OptimizerPro.exe a variant of Win32/SpeedingUpMyPC.B application
C:\Users\user\AppData\Local\Temp\Doma\FlashPlayer_151\software\Strongvault.exe a variant of MSIL/Adware.StrongVault.A application
C:\Users\user\AppData\Local\Temp\Doma\FlashPlayer_151\software\SweetIPacks.exe probably a variant of Win32/SweetIM.C application
C:\Users\user\AppData\Local\Updater19962\Updater19962.exe a variant of Win32/Toolbar.CrossRider.C application
C:\Users\user\AppData\LocalLow\VideoDownloadConverter_4zEI\Installr\Cache\0FA439F5.exe a variant of Win32/Toolbar.MyWebSearch.O application
C:\Users\user\AppData\Roaming\SearchProtect\bin\ChromeModule.dll a variant of Win32/Conduit.SearchProtect.C application
C:\Users\user\AppData\Roaming\SearchProtect\bin\cltmng.exe a variant of Win32/Conduit.SearchProtect.B application
C:\Users\user\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll a variant of Win32/Conduit.SearchProtect.C application
C:\Users\user\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll a variant of Win32/Conduit.SearchProtect.C application
C:\Users\user\AppData\Roaming\SearchProtect\bin\SPHook32.dll probably a variant of Win32/Conduit.SearchProtect.C application
C:\Users\user\AppData\Roaming\SearchProtect\ffprotect\application.js Win32/Conduit.SearchProtect.A application
C:\Users\user\AppData\Roaming\SearchProtect\ffprotect\nsprotector.js Win32/Conduit.SearchProtect.A application
C:\Users\user\Downloads\Avery Wizard 4.0.0.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Users\user\Downloads\Avery Wizard 4.01 - US 20111209 (1).exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Users\user\Downloads\Avery Wizard 4.01 - US 20111209.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Users\user\Downloads\setup.exe a variant of Win32/Adware.iBryte.G application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M5M8VNOQ\update[1] multiple threats
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHXXFROW\update[1] multiple threats
C:\Windows\System32\jmdp\SweetNT.crx Win32/SweetIM.E application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M5M8VNOQ\update[1] multiple threats
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHXXFROW\update[1] multiple threats
C:\Windows\SysWOW64\jmdp\SweetNT.crx Win32/SweetIM.E application
C:\Windows\Temp\DriverPro.exe Win32/Adware.SpeedingUpMyPC.C application
C:\Windows\Temp\Optimizer_Pro.exe multiple threats
C:\Windows\Temp\INJ001\ExtensionUpdate.exe multiple threats
C:\Windows\Temp\INJ002\ExtensionUpdate.exe multiple threats
Operating memory multiple threats


#8 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:17 PM

Posted 24 July 2013 - 03:31 AM

:idea: So many things were found.
 
:step1: Go to Start > Control panel > Add/remove programs
 
Remove the following software:
 
MyWebSearch
Driver Pro
SearchProtect
Windows Live (Messenger) <== If you don't use it anymore
 
:step2: Go to
 
C:\Users\user\Downloads\
 
And remove these by deleting them:
 
C:\Users\user\Downloads\Avery Wizard 4.0.0.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Users\user\Downloads\Avery Wizard 4.01 - US 20111209 (1).exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Users\user\Downloads\Avery Wizard 4.01 - US 20111209.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Users\user\Downloads\setup.exe a variant of Win32/Adware.iBryte.G application
 
:step3: Download TFC from the download link above and save the file on your desktop.
 
Note 1: Depending on how much data is currently stored in the Temp folders, this process can take quite a while to remove all of the files, so please be patient.
 
Note 2: This program will not delete your Cookies or Browser History.
 
  • Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
  • Double-click on the TFC icon.
  • When the program starts, click on the Start button.  TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
  • When done, press OK to reboot your computer and finish the cleanup.

 

The program normally force a reboot.

 

:step4: Install and run MBAM then update MBAM.
 

     
     Post the log of MBAM in your next reply.


Edited by GodfatherKing, 24 July 2013 - 03:33 AM.

If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#9 claytonian82

claytonian82
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 24 July 2013 - 06:03 PM

When attempting to uninstall MyWebSearch I received the following error: "Error loading c:\progra~2\MYWEBS~1\bar\2.bin\mwsbar.ddll The specified module could not be found."  I successfully uninstalled the other programs and deleted the files you specified.  I have not moved onto step 3 and will wait further instruction.



#10 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:17 PM

Posted 25 July 2013 - 04:01 AM

You may proceed, we'll deal later with the MyWebSearch.


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#11 claytonian82

claytonian82
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 26 July 2013 - 07:09 AM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.21.07

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
user :: USER-PC [administrator]

7/25/2013 8:30:01 PM
mbam-log-2013-07-25 (20-30-01).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 428491
Time elapsed: 2 hour(s), 27 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



#12 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:17 PM

Posted 26 July 2013 - 07:15 AM

That's looking all good.  :thumbup2:

 

Now let's deal with MyWebSearch and Adobe Reader issue.

 

:step1: Install RevoUninstaller

Note: If Adobe Reader doesn't like to be removed, try from Safe mode.


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#13 claytonian82

claytonian82
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 26 July 2013 - 07:46 AM

I still received the same error about Error loading c:\progra~2\MYWEBS~1\bar\2.bin\mwsbar.ddll The specified module could not be found.



#14 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:17 PM

Posted 26 July 2013 - 07:53 AM

Did you try to remove it with RevoUninstaller and that doesn't succeed? 

 

Open cmd (Go to start into the searchbox enter cmd, but run it as Administrator) 

 

In the commandprompt enter:

 

cd c:\progra~2\MYWEBS~1\bar\2.bin\

dir > info.txt

start info.txt

 

If that doesn't work, repeat the commands but replace cd c:\progra~2\MYWEBS~1\bar\2.bin\ with  cd c:\progra~2\MYWEBS~1\

 

Notepad will open with content, post the content.


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#15 claytonian82

claytonian82
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 26 July 2013 - 08:12 AM

Also, when I went to redownload adobe reader, pretty certain it is being hijacked.  some unknown setup.exe was being downloaded instead.  I downloaded a copy from a mac and got the non hijacked version installed but I haven't tested it yet.  Off to work now






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users