Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible virus/malware issue


  • Please log in to reply
23 replies to this topic

#1 Alfran

Alfran

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:23 AM

Posted 13 August 2013 - 09:39 AM

Hello,

I've been receiving help with my own personal computer in another forum here, and I'm doing this on behalf of a family member who is not very technologically inclined.  Their (this) computer has been running slowly; I come back from school for the summer and find the homepage set to Conduit, he has Babylon toolbar, Defaulttab, Lesstab, and all sorts of nonsense on there from not being careful when downloading/clicking.  So, I searched around and looked for some basic things I could do on this site for general scanning.  There is a 4 step process somewhere on here that involved getting a professional antivirus, using trendmicro/Drsomething scanner, Malwarebytes/superantispyware, and then posting DDS logs here.

 

I ran the installed, purchased copy of Norton our computers have, which found nothing as I expected (it usually doesn't).  I tried to run trendmicro; he came home and closed it after 3 hours.  I ran malwarebytest; malwaebytes found 156 entries, I had it delete them all.  On reboot, it stayed on BIOS screen for about 3-4 minutes, then shut off.  I restarted and ran superantispyware overnight, it found 500+ entries, and I had it delete them all.  I restarted with the same results at the BIOS screen.  Subsequent restarts led to immediate shutdown on BIOS screen.  I had a flash drive plugged in that I installed the scan software from, which also has an AVG preboot virus scan.  I quickly got into the BIOS setup and switched boot order to not boot from USB; the computer then shut off on its own.  I had to do it again and quickly save changes.  After that I got into windows, and it hung on the desktop during startup for 15 minutes so I restarted by power button.  I tried to run malwarebytes in safemode, and it shut down mid scan.  I had to run a system restore to prescan times to get it to boot properly.  Now, I'm here.

I don't know exactly what happened, but I know something is wrong.  The computer runs fairly slowly, not at a standstill but slower than it should be.  That was the initial problem.  Now, the problem is that I've tried to do some general scans which seem to worsen the problem, leading me to believe that there is something deeper than just some spyware.  Any assistance would be greatly appreciated.

Thank you,

Alfran


Edited by Alfran, 13 August 2013 - 11:33 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:23 AM

Posted 13 August 2013 - 02:16 PM

Hello Alfran
Let's see how it is after these.


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.



Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Alfran

Alfran
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:23 AM

Posted 13 August 2013 - 04:54 PM

Well, everything was fine until I got to AdwCleaner.  After the restart, the computer will not make it past the initial BIOS loading screen.  I would normally do a system restore as I did before unless you'd like me to do something else.  If not, let me know, and I'll do the restore, run ESET, and post the logs.



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:23 AM

Posted 13 August 2013 - 09:20 PM

Well,looks like the restore is needed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Alfran

Alfran
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:23 AM

Posted 13 August 2013 - 10:13 PM

Ok, ran system restore, running ESET, here's the logs:

  • MiniToolBox
MiniToolBox by Farbar  Version: 13-07-2013
Ran by Nick (administrator) on 13-08-2013 at 17:00:42
Running from "C:\Users\Nick\Desktop\Computer Tools"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
::1             localhost
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Atheros AR5B91 Wireless Network Adapter = Wireless Network Connection 2 (Connected)
Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0) = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Nick-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Atheros AR5B91 Wireless Network Adapter
   Physical Address. . . . . . . . . : 00-23-4E-7A-CB-D0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::cc17:6923:3078:59b5%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.13(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, August 13, 2013 10:13:47 AM
   Lease Expires . . . . . . . . . . : Tuesday, August 13, 2013 5:44:01 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 301998926
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-63-73-2C-00-1E-EC-D7-66-08
   DNS Servers . . . . . . . . . . . : 209.18.47.61
                                       209.18.47.62
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)
   Physical Address. . . . . . . . . : 00-1E-EC-D7-66-08
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 7:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{B3922EC2-3263-418E-A732-44CEBC455E44}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 13:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{C966F92B-F884-40CE-8096-7E5FAFC26918}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  209.18.47.61
 
Name:    google.com
Addresses:  2607:f8b0:4004:803::1005
 74.125.228.98
 74.125.228.99
 74.125.228.100
 74.125.228.101
 74.125.228.102
 74.125.228.103
 74.125.228.104
 74.125.228.105
 74.125.228.110
 74.125.228.96
 74.125.228.97
 
 
 
Pinging google.com [74.125.228.9] with 32 bytes of data:
 
Reply from 74.125.228.9: bytes=32 time=49ms TTL=50
 
Reply from 74.125.228.9: bytes=32 time=52ms TTL=50
 
 
 
Ping statistics for 74.125.228.9:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 49ms, Maximum = 52ms, Average = 50ms
 
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61
 
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
 
Reply from 206.190.36.45: bytes=32 time=106ms TTL=50
 
Reply from 206.190.36.45: bytes=32 time=102ms TTL=50
 
 
 
Ping statistics for 206.190.36.45:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 102ms, Maximum = 106ms, Average = 104ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
Reply from 127.0.0.1: bytes=32 time=27ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time=7ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 7ms, Maximum = 27ms, Average = 17ms
 
===========================================================================
Interface List
 11 ...00 23 4e 7a cb d0 ...... Atheros AR5B91 Wireless Network Adapter
 10 ...00 1e ec d7 66 08 ...... Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)
  1 ........................... Software Loopback Interface 1
 13 ...00 00 00 00 00 00 00 e0  Microsoft ISATAP Adapter #2
 12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 15 ...00 00 00 00 00 00 00 e0  isatap.{B3922EC2-3263-418E-A732-44CEBC455E44}
 14 ...00 00 00 00 00 00 00 e0  isatap.{C966F92B-F884-40CE-8096-7E5FAFC26918}
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.13     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.13    281
     192.168.0.13  255.255.255.255         On-link      192.168.0.13    281
    192.168.0.255  255.255.255.255         On-link      192.168.0.13    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.13    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.13    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    281 fe80::/64                On-link
 11    281 fe80::cc17:6923:3078:59b5/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (08/13/2013 10:14:03 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/13/2013 09:51:07 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/13/2013 09:49:51 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
 
Error: (08/13/2013 09:28:10 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/13/2013 02:36:42 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/12/2013 09:09:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/12/2013 03:07:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/12/2013 01:47:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/12/2013 08:12:43 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/12/2013 08:12:19 AM) (Source: Application Error) (User: )
Description: Faulting application DefaultTabSearch.exe, version 0.0.0.0, time stamp 0x511246e7, faulting module DefaultTabSearch.exe, version 0.0.0.0, time stamp 0x511246e7, exception code 0xc0000005, fault offset 0x00002c60,
process id 0x89c, application start time 0xDefaultTabSearch.exe0.
 
 
System errors:
=============
Error: (08/13/2013 10:17:55 AM) (Source: PlugPlayManager) (User: )
Description: The device 'JMB38X xD Host Controller' (PCI\VEN_197B&DEV_2384&SUBSYS_01401025&REV_00\4&1f1c355f&0&04E4) disappeared from the system without first being prepared for removal.
 
Error: (08/13/2013 10:17:55 AM) (Source: PlugPlayManager) (User: )
Description: The device 'JMB38X MS Host Controller' (PCI\VEN_197B&DEV_2383&SUBSYS_01401025&REV_00\4&1f1c355f&0&03E4) disappeared from the system without first being prepared for removal.
 
Error: (08/13/2013 10:17:55 AM) (Source: PlugPlayManager) (User: )
Description: The device 'JMB38X SD Host Controller' (PCI\VEN_197B&DEV_2381&SUBSYS_01401025&REV_00\4&1f1c355f&0&02E4) disappeared from the system without first being prepared for removal.
 
Error: (08/13/2013 10:17:55 AM) (Source: PlugPlayManager) (User: )
Description: The device 'JMB38X SD/MMC Host Controller' (PCI\VEN_197B&DEV_2382&SUBSYS_01401025&REV_00\4&1f1c355f&0&00E4) disappeared from the system without first being prepared for removal.
 
Error: (08/13/2013 10:13:44 AM) (Source: Microsoft-Windows-ResourcePublication) (User: NT AUTHORITY)
Description: Provider\Microsoft.Base.Publication/Publication/Computer
 
Error: (08/13/2013 10:13:37 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: C:\Windows\system32\athihvs.dll126
 
Error: (08/13/2013 09:51:07 AM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068
 
Error: (08/13/2013 09:51:07 AM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068
 
Error: (08/13/2013 09:51:07 AM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068
 
Error: (08/13/2013 09:51:07 AM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (08/13/2013 10:14:03 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/13/2013 09:51:07 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/13/2013 09:49:51 AM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
 
Error: (08/13/2013 09:28:10 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/13/2013 02:36:42 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/12/2013 09:09:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/12/2013 03:07:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/12/2013 01:47:31 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/12/2013 08:12:43 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/12/2013 08:12:19 AM) (Source: Application Error)(User: )
Description: DefaultTabSearch.exe0.0.0.0511246e7DefaultTabSearch.exe0.0.0.0511246e7c000000500002c6089c01ce97552fe20714
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-08-13 16:26:25.583
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-13 16:26:25.193
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-13 16:26:24.850
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-13 16:26:24.507
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-13 16:26:24.164
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-13 16:26:23.805
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-13 16:26:19.749
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130715.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-13 16:26:19.406
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130715.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-13 16:26:19.047
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130715.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-13 16:26:18.704
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130715.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
1-2-3 Word Search Maker
31!
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212)
Acer Arcade Deluxe (Version: 2.0.5529)
Acer eDataSecurity Management (Version: 3.0.3065)
Acer Empowering Technology (Version: 3.0.3009)
Acer ePower Management (Version: 3.0.3014)
Acer eRecovery Management (Version: 3.0.3014)
Acer eSettings Management (Version: 3.0.3007)
Acer GridVista (Version: 2.72.317)
Acer Mobility Center Plug-In (Version: 3.0.3000)
Acer Registration
Acer ScreenSaver (Version: 1.11.0506)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Photoshop Elements 2.0 (Version: 2.0)
Adobe Reader 9.5.4 (Version: 9.5.4)
Agere Systems HDA Modem
ALPS Touch Pad Driver (Version: Version 7.0.1101.18)
American Greetings® Art & More Store
AOL Mail Toolbar
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
Babylon toolbar  (Version: 1.8.7.2)
Black Jack Fever Special Edition
Boggle
Bowling Mania Special Edition
BrowserProtect
CassetteMate
Castle Camelot
Collector's Edition 251
Coupon Printer for Windows (Version: 5.0.0.3)
Crossword Weaver 5.0
CyberLink PowerDirector (Version: 6.5.3023)
DefaultTab (Version: 2.2.3.0)
Download Updater (AOL LLC)
Epson Connect
Epson Customer Participation (Version: 1.0.0.0)
Epson Download Navigator (Version: 1.0.1)
Epson Event Manager (Version: 2.50.0001)
Epson FAX Utility (Version: 1.20.00)
Epson PC-FAX Driver
EPSON Scan
EPSON WorkForce 845 Series Printer Uninstall
EpsonNet Print (Version: 2.4j)
GameSpy Arcade
Google Chrome (Version: 28.0.1500.95)
Google Desktop (Version: 5.7.0808.07150)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.153)
Hearts
iLivid (Version: 4.0.0.2624)
Intel® Graphics Media Accelerator Driver
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Jigsaw USA Special Edition
JMicron JMB38X Flash Media Controller (Version: 1.00.14.03)
Just Aces
Krazy 8's
Launch Manager
Lexicon Special Edition
LightScribe  1.4.142.1 (Version: 1.4.142.1)
LTCM Client (Version: 1.20.3792)
Mahjongg Master 4
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Micrografx Windows Draw 6 LE
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office XP Media Content (Version: 10.0.2619.0)
Microsoft Office XP Small Business (Version: 10.0.2627.01)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Web Publishing Wizard 1.52
Microsoft Word 2000 SR-1 (Version: 9.00.3821)
Microsoft Works (Version: 08.05.0818)
Mini Golf Master 2 Special Edition
Moraff's Maximum MahJongg
Mozilla Firefox 23.0 (x86 en-US) (Version: 23.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton Bootable Recovery Tool Wizard (Version: 5.1.0.26)
Norton Internet Security (Version: 20.4.0.40)
NTI Backup Now 5 (Version: 5.1.2.606)
NTI Backup Now Standard (Version: 5.1.2.606)
NTI Media Maker 8 (Version: 8.0.2.6329)
PhotoNow! (Version: 1.1.4619)
PrintMaster 7.00
PrivitizeVPN (Version: 1.0.0)
QuickTime (Version: 7.71.80.42)
Quik 21
RahJongg- The Curse of Ra Special Edition
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.6)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5648)
RealUpgrade 1.1 (Version: 1.1.0)
Registry Mechanic 10.0 (Version: 10.0)
Rifle Range
Scrabble Complete
Serif DrawPlus 3.0
SimCity 2000® Special Edition
SimCity 3000
Skype Click to Call (Version: 6.10.13089)
Skype™ 5.10 (Version: 5.10.116)
Solitaire Master 3 Special Edition 1
Solitaire Master 3 Special Edition 2
Space Solitaire
SUPERAntiSpyware (Version: 5.6.1020)
The Holy Bible v2.0
Tiks Texas Hold em
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 62%
Total physical RAM: 1977.27 MB
Available physical RAM: 750.54 MB
Total Pagefile: 4199.81 MB
Available Pagefile: 2424.04 MB
Total Virtual: 2047.88 MB
Available Virtual: 1929.32 MB
 
========================= Partitions: =====================================
 
1 Drive c: (ACER) (Fixed) (Total:111.44 GB) (Free:45.84 GB) NTFS
2 Drive d: () (Fixed) (Total:111.44 GB) (Free:60.99 GB) NTFS
4 Drive f: (PENDRIVE) (Removable) (Total:1.89 GB) (Free:1.35 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\NICK-PC
 
Administrator            Guest                    Nick                     
 
 
**** End of log ****
 
  • TDSSKiller Log
17:02:24.0523 2628  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
17:02:26.0536 2628  ============================================================
17:02:26.0536 2628  Current date / time: 2013/08/13 17:02:26.0536
17:02:26.0536 2628  SystemInfo:
17:02:26.0536 2628  
17:02:26.0536 2628  OS Version: 6.0.6002 ServicePack: 2.0
17:02:26.0536 2628  Product type: Workstation
17:02:26.0536 2628  ComputerName: NICK-PC
17:02:26.0536 2628  UserName: Nick
17:02:26.0536 2628  Windows directory: C:\Windows
17:02:26.0536 2628  System windows directory: C:\Windows
17:02:26.0536 2628  Processor architecture: Intel x86
17:02:26.0536 2628  Number of processors: 2
17:02:26.0536 2628  Page size: 0x1000
17:02:26.0536 2628  Boot type: Normal boot
17:02:26.0536 2628  ============================================================
17:02:30.0358 2628  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:02:30.0389 2628  Drive \Device\Harddisk1\DR1 - Size: 0x79800000 (1.90 Gb), SectorSize: 0x200, Cylinders: 0xF7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:02:30.0389 2628  ============================================================
17:02:30.0389 2628  \Device\Harddisk0\DR0:
17:02:30.0389 2628  MBR partitions:
17:02:30.0389 2628  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1402800, BlocksNum 0xDEE2000
17:02:30.0389 2628  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF2E4800, BlocksNum 0xDEE0800
17:02:30.0389 2628  \Device\Harddisk1\DR1:
17:02:30.0389 2628  MBR partitions:
17:02:30.0389 2628  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x40, BlocksNum 0x3CBFC0
17:02:30.0389 2628  ============================================================
17:02:30.0451 2628  C: <-> \Device\Harddisk0\DR0\Partition1
17:02:30.0498 2628  D: <-> \Device\Harddisk0\DR0\Partition2
17:02:30.0498 2628  ============================================================
17:02:30.0498 2628  Initialize success
17:02:30.0498 2628  ============================================================
17:03:03.0040 4576  ============================================================
17:03:03.0040 4576  Scan started
17:03:03.0040 4576  Mode: Manual; TDLFS; 
17:03:03.0040 4576  ============================================================
17:03:03.0477 4576  ================ Scan system memory ========================
17:03:03.0477 4576  System memory - ok
17:03:03.0477 4576  ================ Scan services =============================
17:03:03.0570 4576  [ 9EBE730D4B5E3FF25EAAF5A59BA6CCFF ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
17:03:03.0570 4576  !SASCORE - ok
17:03:03.0711 4576  [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
17:03:03.0726 4576  ABBYY.Licensing.FineReader.Sprint.9.0 - ok
17:03:03.0960 4576  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
17:03:03.0960 4576  ACPI - ok
17:03:04.0023 4576  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:03:04.0023 4576  AdobeFlashPlayerUpdateSvc - ok
17:03:04.0069 4576  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:03:04.0069 4576  adp94xx - ok
17:03:04.0101 4576  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:03:04.0101 4576  adpahci - ok
17:03:04.0132 4576  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
17:03:04.0132 4576  adpu160m - ok
17:03:04.0163 4576  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:03:04.0163 4576  adpu320 - ok
17:03:04.0210 4576  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:03:04.0210 4576  AeLookupSvc - ok
17:03:04.0272 4576  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
17:03:04.0272 4576  AFD - ok
17:03:04.0303 4576  [ EFBC44FBD75E4F80BD927AEBF6E7EADE ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
17:03:04.0303 4576  AgereModemAudio - ok
17:03:04.0381 4576  [ 38325C6AA8EAE011897D61CE48EC6435 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
17:03:04.0397 4576  AgereSoftModem - ok
17:03:04.0428 4576  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:03:04.0428 4576  agp440 - ok
17:03:04.0459 4576  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
17:03:04.0475 4576  aic78xx - ok
17:03:04.0491 4576  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
17:03:04.0491 4576  ALG - ok
17:03:04.0506 4576  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:03:04.0506 4576  aliide - ok
17:03:04.0537 4576  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
17:03:04.0537 4576  amdagp - ok
17:03:04.0553 4576  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
17:03:04.0553 4576  amdide - ok
17:03:04.0569 4576  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
17:03:04.0569 4576  AmdK7 - ok
17:03:04.0600 4576  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
17:03:04.0600 4576  AmdK8 - ok
17:03:04.0662 4576  [ 0ED1A5B7A8AE5939A92EA1EC39E16D21 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
17:03:04.0662 4576  ApfiltrService - ok
17:03:04.0709 4576  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
17:03:04.0709 4576  Appinfo - ok
17:03:04.0740 4576  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
17:03:04.0740 4576  arc - ok
17:03:04.0771 4576  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:03:04.0787 4576  arcsas - ok
17:03:04.0803 4576  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:03:04.0803 4576  AsyncMac - ok
17:03:04.0849 4576  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:03:04.0849 4576  atapi - ok
17:03:04.0912 4576  [ 99D78248BFD454BFA9B5BEC37350FADE ] athr            C:\Windows\system32\DRIVERS\athr.sys
17:03:04.0943 4576  athr - ok
17:03:04.0990 4576  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:03:05.0005 4576  AudioEndpointBuilder - ok
17:03:05.0021 4576  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:03:05.0021 4576  Audiosrv - ok
17:03:05.0099 4576  [ E22ABCAA7B6FF580FEB0D49545DC4263 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
17:03:05.0130 4576  BCM43XX - ok
17:03:05.0161 4576  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:03:05.0161 4576  Beep - ok
17:03:05.0224 4576  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
17:03:05.0224 4576  BFE - ok
17:03:05.0364 4576  [ 6C6AC7CA8A034C15C52B35189BAD58EE ] BHDrvx86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130715.001\BHDrvx86.sys
17:03:05.0395 4576  BHDrvx86 - ok
17:03:05.0458 4576  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
17:03:05.0473 4576  BITS - ok
17:03:05.0505 4576  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
17:03:05.0505 4576  blbdrive - ok
17:03:05.0536 4576  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:03:05.0536 4576  bowser - ok
17:03:05.0567 4576  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
17:03:05.0567 4576  BrFiltLo - ok
17:03:05.0598 4576  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
17:03:05.0598 4576  BrFiltUp - ok
17:03:05.0645 4576  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
17:03:05.0645 4576  Browser - ok
17:03:05.0676 4576  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
17:03:05.0692 4576  Brserid - ok
17:03:05.0707 4576  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
17:03:05.0707 4576  BrSerWdm - ok
17:03:05.0723 4576  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
17:03:05.0723 4576  BrUsbMdm - ok
17:03:05.0739 4576  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
17:03:05.0739 4576  BrUsbSer - ok
17:03:05.0770 4576  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:03:05.0770 4576  BTHMODEM - ok
17:03:05.0817 4576  [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc     C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
17:03:05.0832 4576  BUNAgentSvc - ok
17:03:05.0926 4576  [ 3BEE52611F22C9C0023A98A4425E084F ] ccSet_NIS       C:\Windows\system32\drivers\NIS\1404000.028\ccSetx86.sys
17:03:05.0941 4576  ccSet_NIS - ok
17:03:06.0004 4576  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:03:06.0004 4576  cdfs - ok
17:03:06.0066 4576  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:03:06.0066 4576  cdrom - ok
17:03:06.0129 4576  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:03:06.0129 4576  CertPropSvc - ok
17:03:06.0175 4576  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
17:03:06.0175 4576  circlass - ok
17:03:06.0222 4576  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
17:03:06.0222 4576  CLFS - ok
17:03:06.0347 4576  [ 5CA9B1062C0C3E3AE19C23AD9D8A5048 ] CLHNService     C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
17:03:06.0347 4576  CLHNService - ok
17:03:06.0394 4576  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:03:06.0409 4576  clr_optimization_v2.0.50727_32 - ok
17:03:06.0487 4576  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:03:06.0503 4576  clr_optimization_v4.0.30319_32 - ok
17:03:06.0534 4576  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:03:06.0534 4576  CmBatt - ok
17:03:06.0581 4576  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:03:06.0581 4576  cmdide - ok
17:03:06.0597 4576  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:03:06.0597 4576  Compbatt - ok
17:03:06.0612 4576  COMSysApp - ok
17:03:06.0628 4576  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:03:06.0628 4576  crcdisk - ok
17:03:06.0659 4576  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
17:03:06.0659 4576  Crusoe - ok
17:03:06.0690 4576  [ 3EDE4C1F9672C972479201544969ADCB ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:03:06.0706 4576  CryptSvc - ok
17:03:06.0784 4576  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:03:06.0799 4576  DcomLaunch - ok
17:03:06.0831 4576  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:03:06.0831 4576  DfsC - ok
17:03:06.0924 4576  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
17:03:06.0987 4576  DFSR - ok
17:03:07.0049 4576  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
17:03:07.0049 4576  Dhcp - ok
17:03:07.0111 4576  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
17:03:07.0111 4576  disk - ok
17:03:07.0158 4576  [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr         C:\Windows\system32\DRIVERS\DKbFltr.sys
17:03:07.0158 4576  DKbFltr - ok
17:03:07.0205 4576  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:03:07.0205 4576  Dnscache - ok
17:03:07.0252 4576  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:03:07.0252 4576  dot3svc - ok
17:03:07.0283 4576  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
17:03:07.0299 4576  DPS - ok
17:03:07.0361 4576  [ 5C918D413F5837E67A85775C9873775E ] DritekPortIO    C:\PROGRA~1\LAUNCH~1\DPortIO.sys
17:03:07.0361 4576  DritekPortIO - ok
17:03:07.0392 4576  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:03:07.0392 4576  drmkaud - ok
17:03:07.0439 4576  [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:03:07.0470 4576  DXGKrnl - ok
17:03:07.0501 4576  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
17:03:07.0517 4576  E1G60 - ok
17:03:07.0548 4576  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
17:03:07.0548 4576  EapHost - ok
17:03:07.0595 4576  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
17:03:07.0595 4576  Ecache - ok
17:03:07.0689 4576  [ B1F2503E23425B386DF0F3413B2596F3 ] eDataSecurity Service C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
17:03:07.0704 4576  eDataSecurity Service - ok
17:03:07.0767 4576  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
17:03:07.0782 4576  eeCtrl - ok
17:03:07.0845 4576  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:03:07.0845 4576  ehRecvr - ok
17:03:07.0860 4576  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
17:03:07.0876 4576  ehSched - ok
17:03:07.0891 4576  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
17:03:07.0891 4576  ehstart - ok
17:03:07.0938 4576  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:03:07.0954 4576  elxstor - ok
17:03:08.0016 4576  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
17:03:08.0032 4576  EMDMgmt - ok
17:03:08.0110 4576  [ B78436CA173FF723A1EACE5CD4900375 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
17:03:08.0110 4576  EpsonCustomerParticipation - ok
17:03:08.0172 4576  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:03:08.0172 4576  EraserUtilRebootDrv - ok
17:03:08.0203 4576  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:03:08.0203 4576  ErrDev - ok
17:03:08.0250 4576  [ 27D2754314D12EB27D81D462FD0D86C0 ] ETService       C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
17:03:08.0250 4576  ETService - ok
17:03:08.0297 4576  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
17:03:08.0313 4576  EventSystem - ok
17:03:08.0359 4576  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
17:03:08.0359 4576  exfat - ok
17:03:08.0391 4576  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:03:08.0391 4576  fastfat - ok
17:03:08.0422 4576  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:03:08.0437 4576  fdc - ok
17:03:08.0469 4576  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
17:03:08.0469 4576  fdPHost - ok
17:03:08.0484 4576  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:03:08.0484 4576  FDResPub - ok
17:03:08.0515 4576  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:03:08.0515 4576  FileInfo - ok
17:03:08.0531 4576  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:03:08.0531 4576  Filetrace - ok
17:03:08.0562 4576  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:03:08.0562 4576  flpydisk - ok
17:03:08.0593 4576  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:03:08.0593 4576  FltMgr - ok
17:03:08.0671 4576  [ 119ACA7CADCA75BEA6B38E999443BAA6 ] FontCache       C:\Windows\system32\FntCache.dll
17:03:08.0671 4576  FontCache - ok
17:03:08.0734 4576  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:03:08.0734 4576  FontCache3.0.0.0 - ok
17:03:08.0765 4576  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:03:08.0781 4576  Fs_Rec - ok
17:03:08.0796 4576  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:03:08.0796 4576  gagp30kx - ok
17:03:08.0827 4576  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:03:08.0827 4576  GEARAspiWDM - ok
17:03:08.0905 4576  [ 6FD7F370817F16B5E1F08B91BADAA2EE ] GoogleDesktopManager-080708-050100 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
17:03:08.0905 4576  GoogleDesktopManager-080708-050100 - ok
17:03:08.0983 4576  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:03:08.0983 4576  gpsvc - ok
17:03:09.0061 4576  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
17:03:09.0061 4576  gupdate - ok
17:03:09.0077 4576  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
17:03:09.0077 4576  gupdatem - ok
17:03:09.0124 4576  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:03:09.0155 4576  gusvc - ok
17:03:09.0186 4576  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:03:09.0202 4576  HdAudAddService - ok
17:03:09.0249 4576  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:03:09.0264 4576  HDAudBus - ok
17:03:09.0295 4576  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:03:09.0295 4576  HidBth - ok
17:03:09.0327 4576  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:03:09.0327 4576  HidIr - ok
17:03:09.0358 4576  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
17:03:09.0373 4576  hidserv - ok
17:03:09.0405 4576  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:03:09.0420 4576  HidUsb - ok
17:03:09.0451 4576  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:03:09.0467 4576  hkmsvc - ok
17:03:09.0483 4576  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
17:03:09.0483 4576  HpCISSs - ok
17:03:09.0529 4576  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:03:09.0545 4576  HTTP - ok
17:03:09.0576 4576  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
17:03:09.0576 4576  i2omp - ok
17:03:09.0607 4576  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:03:09.0623 4576  i8042prt - ok
17:03:09.0639 4576  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
17:03:09.0654 4576  iaStorV - ok
17:03:09.0732 4576  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:03:09.0748 4576  idsvc - ok
17:03:09.0841 4576  [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130810.001\IDSvix86.sys
17:03:09.0857 4576  IDSVix86 - ok
17:03:10.0185 4576  [ DCE0B53570703CCE580D066F89EF58CD ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
17:03:10.0450 4576  igfx - ok
17:03:10.0481 4576  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:03:10.0481 4576  iirsp - ok
17:03:10.0528 4576  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
17:03:10.0528 4576  IKEEXT - ok
17:03:10.0559 4576  [ C6E5276C00EBDEB096BB5EF4B797D1B6 ] int15           C:\Windows\system32\drivers\int15.sys
17:03:10.0559 4576  int15 - ok
17:03:10.0668 4576  [ CF2219A2FED4F8F2E0817A2BF1658799 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:03:10.0731 4576  IntcAzAudAddService - ok
17:03:10.0762 4576  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:03:10.0777 4576  intelide - ok
17:03:10.0809 4576  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:03:10.0809 4576  intelppm - ok
17:03:10.0840 4576  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:03:10.0855 4576  IPBusEnum - ok
17:03:10.0871 4576  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:03:10.0871 4576  IpFilterDriver - ok
17:03:10.0918 4576  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:03:10.0933 4576  iphlpsvc - ok
17:03:10.0933 4576  IpInIp - ok
17:03:10.0949 4576  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
17:03:10.0965 4576  IPMIDRV - ok
17:03:10.0996 4576  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
17:03:10.0996 4576  IPNAT - ok
17:03:11.0011 4576  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:03:11.0011 4576  IRENUM - ok
17:03:11.0043 4576  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:03:11.0043 4576  isapnp - ok
17:03:11.0105 4576  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
17:03:11.0105 4576  iScsiPrt - ok
17:03:11.0121 4576  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
17:03:11.0121 4576  iteatapi - ok
17:03:11.0152 4576  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
17:03:11.0152 4576  iteraid - ok
17:03:11.0183 4576  [ FA4A5B32CAE6074205B26971191EFEE4 ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
17:03:11.0183 4576  JMCR - ok
17:03:11.0214 4576  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:03:11.0214 4576  kbdclass - ok
17:03:11.0245 4576  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:03:11.0245 4576  kbdhid - ok
17:03:11.0277 4576  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
17:03:11.0292 4576  KeyIso - ok
17:03:11.0339 4576  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:03:11.0339 4576  KSecDD - ok
17:03:11.0386 4576  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:03:11.0401 4576  KtmRm - ok
17:03:11.0433 4576  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:03:11.0448 4576  LanmanServer - ok
17:03:11.0479 4576  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:03:11.0479 4576  LanmanWorkstation - ok
17:03:11.0526 4576  [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
17:03:11.0526 4576  LightScribeService - ok
17:03:11.0573 4576  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:03:11.0573 4576  lltdio - ok
17:03:11.0604 4576  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:03:11.0604 4576  lltdsvc - ok
17:03:11.0620 4576  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:03:11.0635 4576  lmhosts - ok
17:03:11.0651 4576  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:03:11.0667 4576  LSI_FC - ok
17:03:11.0682 4576  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:03:11.0682 4576  LSI_SAS - ok
17:03:11.0713 4576  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:03:11.0713 4576  LSI_SCSI - ok
17:03:11.0729 4576  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
17:03:11.0729 4576  luafv - ok
17:03:11.0776 4576  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
17:03:11.0776 4576  MBAMProtector - ok
17:03:11.0838 4576  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:03:11.0838 4576  MBAMScheduler - ok
17:03:11.0901 4576  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:03:11.0916 4576  MBAMService - ok
17:03:11.0947 4576  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:03:11.0947 4576  Mcx2Svc - ok
17:03:12.0010 4576  [ 52C3E33C1CA373C41FD2805021578C4E ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
17:03:12.0010 4576  MDM - ok
17:03:12.0041 4576  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:03:12.0041 4576  megasas - ok
17:03:12.0072 4576  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
17:03:12.0088 4576  MegaSR - ok
17:03:12.0119 4576  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
17:03:12.0119 4576  MMCSS - ok
17:03:12.0166 4576  MobilityService - ok
17:03:12.0181 4576  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
17:03:12.0181 4576  Modem - ok
17:03:12.0213 4576  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:03:12.0213 4576  monitor - ok
17:03:12.0228 4576  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:03:12.0244 4576  mouclass - ok
17:03:12.0259 4576  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:03:12.0259 4576  mouhid - ok
17:03:12.0275 4576  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
17:03:12.0275 4576  MountMgr - ok
17:03:12.0291 4576  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:03:12.0306 4576  mpio - ok
17:03:12.0322 4576  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:03:12.0322 4576  mpsdrv - ok
17:03:12.0369 4576  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:03:12.0384 4576  MpsSvc - ok
17:03:12.0400 4576  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
17:03:12.0400 4576  Mraid35x - ok
17:03:12.0447 4576  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:03:12.0447 4576  MRxDAV - ok
17:03:12.0493 4576  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:03:12.0493 4576  mrxsmb - ok
17:03:12.0525 4576  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:03:12.0525 4576  mrxsmb10 - ok
17:03:12.0540 4576  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:03:12.0540 4576  mrxsmb20 - ok
17:03:12.0587 4576  [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:03:12.0587 4576  msahci - ok
17:03:12.0618 4576  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:03:12.0618 4576  msdsm - ok
17:03:12.0634 4576  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
17:03:12.0649 4576  MSDTC - ok
17:03:12.0681 4576  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:03:12.0681 4576  Msfs - ok
17:03:12.0696 4576  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:03:12.0696 4576  msisadrv - ok
17:03:12.0743 4576  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:03:12.0743 4576  MSiSCSI - ok
17:03:12.0743 4576  msiserver - ok
17:03:12.0774 4576  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:03:12.0790 4576  MSKSSRV - ok
17:03:12.0805 4576  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:03:12.0805 4576  MSPCLOCK - ok
17:03:12.0821 4576  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:03:12.0821 4576  MSPQM - ok
17:03:12.0868 4576  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:03:12.0883 4576  MsRPC - ok
17:03:12.0899 4576  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:03:12.0915 4576  mssmbios - ok
17:03:12.0915 4576  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:03:12.0915 4576  MSTEE - ok
17:03:12.0930 4576  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
17:03:12.0930 4576  Mup - ok
17:03:12.0993 4576  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
17:03:13.0008 4576  napagent - ok
17:03:13.0039 4576  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:03:13.0055 4576  NativeWifiP - ok
17:03:13.0133 4576  [ CE2156DF796D41614AB60E68D107D573 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130813.002\NAVENG.SYS
17:03:13.0133 4576  NAVENG - ok
17:03:13.0211 4576  [ 19CEB8F4EC8C800A53D0B67E658E0367 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130813.002\NAVEX15.SYS
17:03:13.0258 4576  NAVEX15 - ok
17:03:13.0320 4576  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:03:13.0320 4576  NDIS - ok
17:03:13.0367 4576  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:03:13.0367 4576  NdisTapi - ok
17:03:13.0383 4576  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:03:13.0383 4576  Ndisuio - ok
17:03:13.0429 4576  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:03:13.0429 4576  NdisWan - ok
17:03:13.0445 4576  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:03:13.0445 4576  NDProxy - ok
17:03:13.0461 4576  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:03:13.0461 4576  NetBIOS - ok
17:03:13.0507 4576  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
17:03:13.0507 4576  netbt - ok
17:03:13.0523 4576  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
17:03:13.0523 4576  Netlogon - ok
17:03:13.0570 4576  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
17:03:13.0585 4576  Netman - ok
17:03:13.0601 4576  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
17:03:13.0617 4576  netprofm - ok
17:03:13.0663 4576  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:03:13.0663 4576  NetTcpPortSharing - ok
17:03:13.0695 4576  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:03:13.0695 4576  nfrd960 - ok
17:03:13.0788 4576  [ 1BF9D6476061B31CD7FC2BF848529A56 ] NIS             C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
17:03:13.0788 4576  NIS - ok
17:03:13.0819 4576  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:03:13.0819 4576  NlaSvc - ok
17:03:13.0851 4576  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:03:13.0866 4576  Npfs - ok
17:03:13.0882 4576  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
17:03:13.0882 4576  nsi - ok
17:03:13.0913 4576  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:03:13.0913 4576  nsiproxy - ok
17:03:13.0991 4576  [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:03:14.0022 4576  Ntfs - ok
17:03:14.0053 4576  [ A2B6583A5652A385DFF5E4F49AD48761 ] NTIBackupSvc    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
17:03:14.0053 4576  NTIBackupSvc - ok
17:03:14.0085 4576  [ 2757D2BA59AEE155209E24942AB127C9 ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
17:03:14.0085 4576  NTIDrvr - ok
17:03:14.0209 4576  [ 547BFA3591C70674B0BFC99354AB78B3 ] NTIPPKernel     C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys
17:03:14.0209 4576  NTIPPKernel - ok
17:03:14.0241 4576  [ 40B87FE8A1A9A5AC9E5A91D96F212BCD ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
17:03:14.0241 4576  NTISchedulerSvc - ok
17:03:14.0272 4576  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
17:03:14.0272 4576  ntrigdigi - ok
17:03:14.0287 4576  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
17:03:14.0287 4576  Null - ok
17:03:14.0319 4576  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:03:14.0319 4576  nvraid - ok
17:03:14.0350 4576  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:03:14.0350 4576  nvstor - ok
17:03:14.0365 4576  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:03:14.0381 4576  nv_agp - ok
17:03:14.0381 4576  NwlnkFlt - ok
17:03:14.0397 4576  NwlnkFwd - ok
17:03:14.0428 4576  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:03:14.0428 4576  ohci1394 - ok
17:03:14.0490 4576  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
17:03:14.0521 4576  p2pimsvc - ok
17:03:14.0537 4576  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:03:14.0553 4576  p2psvc - ok
17:03:14.0584 4576  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
17:03:14.0584 4576  Parport - ok
17:03:14.0631 4576  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:03:14.0631 4576  partmgr - ok
17:03:14.0646 4576  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
17:03:14.0646 4576  Parvdm - ok
17:03:14.0693 4576  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:03:14.0693 4576  PcaSvc - ok
17:03:14.0740 4576  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
17:03:14.0740 4576  pci - ok
17:03:14.0771 4576  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
17:03:14.0771 4576  pciide - ok
17:03:14.0787 4576  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:03:14.0802 4576  pcmcia - ok
17:03:14.0896 4576  [ A0E7D752514A7D99341D5F2A834224A9 ] PCToolsSSDMonitorSvc C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
17:03:14.0911 4576  PCToolsSSDMonitorSvc - ok
17:03:14.0974 4576  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:03:14.0989 4576  PEAUTH - ok
17:03:15.0099 4576  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
17:03:15.0130 4576  pla - ok
17:03:15.0177 4576  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:03:15.0192 4576  PlugPlay - ok
17:03:15.0223 4576  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
17:03:15.0239 4576  PNRPAutoReg - ok
17:03:15.0270 4576  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
17:03:15.0286 4576  PNRPsvc - ok
17:03:15.0333 4576  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:03:15.0333 4576  PolicyAgent - ok
17:03:15.0379 4576  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:03:15.0395 4576  PptpMiniport - ok
17:03:15.0426 4576  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
17:03:15.0442 4576  Processor - ok
17:03:15.0473 4576  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:03:15.0489 4576  ProfSvc - ok
17:03:15.0504 4576  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
17:03:15.0504 4576  ProtectedStorage - ok
17:03:15.0551 4576  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
17:03:15.0551 4576  PSched - ok
17:03:15.0567 4576  [ 628321C8DD76AD369B362B202E655A68 ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
17:03:15.0567 4576  PSDFilter - ok
17:03:15.0582 4576  [ 79D7117E62709C7690CF3DD55ACEAD37 ] PSDNServ        C:\Windows\system32\DRIVERS\PSDNServ.sys
17:03:15.0582 4576  PSDNServ - ok
17:03:15.0613 4576  [ CAE5E82827990CF4BD4A49576BDE3A43 ] psdvdisk        C:\Windows\system32\DRIVERS\PSDVdisk.sys
17:03:15.0629 4576  psdvdisk - ok
17:03:15.0691 4576  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:03:15.0723 4576  ql2300 - ok
17:03:15.0738 4576  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:03:15.0738 4576  ql40xx - ok
17:03:15.0785 4576  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
17:03:15.0785 4576  QWAVE - ok
17:03:15.0801 4576  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:03:15.0801 4576  QWAVEdrv - ok
17:03:15.0816 4576  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:03:15.0832 4576  RasAcd - ok
17:03:15.0847 4576  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
17:03:15.0863 4576  RasAuto - ok
17:03:15.0879 4576  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:03:15.0894 4576  Rasl2tp - ok
17:03:15.0941 4576  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
17:03:15.0941 4576  RasMan - ok
17:03:15.0988 4576  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:03:15.0988 4576  RasPppoe - ok
17:03:16.0019 4576  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:03:16.0019 4576  RasSstp - ok
17:03:16.0035 4576  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:03:16.0035 4576  rdbss - ok
17:03:16.0066 4576  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:03:16.0081 4576  RDPCDD - ok
17:03:16.0113 4576  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
17:03:16.0128 4576  rdpdr - ok
17:03:16.0128 4576  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:03:16.0128 4576  RDPENCDD - ok
17:03:16.0191 4576  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:03:16.0191 4576  RDPWD - ok
17:03:16.0237 4576  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:03:16.0253 4576  RemoteAccess - ok
17:03:16.0300 4576  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:03:16.0300 4576  RemoteRegistry - ok
17:03:16.0362 4576  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo       C:\Program Files\Cyberlink\Shared files\RichVideo.exe
17:03:16.0362 4576  RichVideo - ok
17:03:16.0393 4576  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
17:03:16.0393 4576  RpcLocator - ok
17:03:16.0456 4576  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
17:03:16.0471 4576  RpcSs - ok
17:03:16.0503 4576  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:03:16.0503 4576  rspndr - ok
17:03:16.0534 4576  [ 125C504A34D0A2E152517E342E7E432C ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
17:03:16.0549 4576  RTL8169 - ok
17:03:16.0549 4576  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
17:03:16.0565 4576  SamSs - ok
17:03:16.0627 4576  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
17:03:16.0627 4576  SASDIFSV - ok
17:03:16.0643 4576  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
17:03:16.0659 4576  SASKUTIL - ok
17:03:16.0674 4576  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:03:16.0674 4576  sbp2port - ok
17:03:16.0721 4576  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:03:16.0721 4576  SCardSvr - ok
17:03:16.0783 4576  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
17:03:16.0799 4576  Schedule - ok
17:03:16.0830 4576  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:03:16.0830 4576  SCPolicySvc - ok
17:03:16.0877 4576  [ 126EA89BCC413EE45E3004FB0764888F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
17:03:16.0877 4576  sdbus - ok
17:03:16.0908 4576  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:03:16.0908 4576  SDRSVC - ok
17:03:16.0924 4576  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:03:16.0924 4576  secdrv - ok
17:03:16.0939 4576  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
17:03:16.0955 4576  seclogon - ok
17:03:16.0971 4576  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
17:03:16.0971 4576  SENS - ok
17:03:16.0986 4576  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
17:03:16.0986 4576  Serenum - ok
17:03:17.0033 4576  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
17:03:17.0033 4576  Serial - ok
17:03:17.0049 4576  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:03:17.0049 4576  sermouse - ok
17:03:17.0111 4576  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:03:17.0111 4576  SessionEnv - ok
17:03:17.0127 4576  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:03:17.0127 4576  sffdisk - ok
17:03:17.0158 4576  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:03:17.0173 4576  sffp_mmc - ok
17:03:17.0173 4576  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:03:17.0189 4576  sffp_sd - ok
17:03:17.0189 4576  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:03:17.0205 4576  sfloppy - ok
17:03:17.0251 4576  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:03:17.0251 4576  SharedAccess - ok
17:03:17.0298 4576  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:03:17.0314 4576  ShellHWDetection - ok
17:03:17.0329 4576  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
17:03:17.0329 4576  sisagp - ok
17:03:17.0345 4576  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
17:03:17.0361 4576  SiSRaid2 - ok
17:03:17.0376 4576  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:03:17.0376 4576  SiSRaid4 - ok
17:03:17.0532 4576  [ AE40D1BC6FB02A5625516AD74CA9A309 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:03:17.0595 4576  Skype C2C Service - ok
17:03:17.0641 4576  [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
17:03:17.0641 4576  SkypeUpdate - ok
17:03:17.0782 4576  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
17:03:17.0829 4576  slsvc - ok
17:03:17.0875 4576  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
17:03:17.0875 4576  SLUINotify - ok
17:03:17.0907 4576  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:03:17.0922 4576  Smb - ok
17:03:17.0953 4576  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:03:17.0953 4576  SNMPTRAP - ok
17:03:17.0985 4576  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
17:03:17.0985 4576  spldr - ok
17:03:18.0016 4576  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
17:03:18.0031 4576  Spooler - ok
17:03:18.0094 4576  [ C743E384E9EFCA10B41C60D406DE39C0 ] SRTSP           C:\Windows\System32\Drivers\NIS\1404000.028\SRTSP.SYS
17:03:18.0109 4576  SRTSP - ok
17:03:18.0125 4576  [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX          C:\Windows\system32\drivers\NIS\1404000.028\SRTSPX.SYS
17:03:18.0125 4576  SRTSPX - ok
17:03:18.0172 4576  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:03:18.0187 4576  srv - ok
17:03:18.0219 4576  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:03:18.0219 4576  srv2 - ok
17:03:18.0250 4576  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:03:18.0250 4576  srvnet - ok
17:03:18.0297 4576  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:03:18.0297 4576  SSDPSRV - ok
17:03:18.0328 4576  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:03:18.0328 4576  SstpSvc - ok
17:03:18.0390 4576  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
17:03:18.0406 4576  stisvc - ok
17:03:18.0437 4576  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:03:18.0437 4576  swenum - ok
17:03:18.0484 4576  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
17:03:18.0499 4576  swprv - ok
17:03:18.0515 4576  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
17:03:18.0515 4576  Symc8xx - ok
17:03:18.0577 4576  [ 5A193E5E0F0A776430E5D62A051C1E16 ] SymDS           C:\Windows\system32\drivers\NIS\1404000.028\SYMDS.SYS
17:03:18.0577 4576  SymDS - ok
17:03:18.0640 4576  [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA          C:\Windows\system32\drivers\NIS\1404000.028\SYMEFA.SYS
17:03:18.0655 4576  SymEFA - ok
17:03:18.0687 4576  [ F50D81D3E0C7A353F205562B89CD06D6 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
17:03:18.0687 4576  SymEvent - ok
17:03:18.0749 4576  [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON         C:\Windows\system32\drivers\NIS\1404000.028\Ironx86.SYS
17:03:18.0749 4576  SymIRON - ok
17:03:18.0796 4576  [ C834343C3A23DC9BC3AA752F0CAFD04B ] SYMTDIv         C:\Windows\System32\Drivers\NIS\1404000.028\SYMTDIV.SYS
17:03:18.0796 4576  SYMTDIv - ok
17:03:18.0843 4576  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
17:03:18.0843 4576  Sym_hi - ok
17:03:18.0858 4576  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
17:03:18.0858 4576  Sym_u3 - ok
17:03:18.0921 4576  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
17:03:18.0936 4576  SysMain - ok
17:03:18.0967 4576  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:03:18.0967 4576  TabletInputService - ok
17:03:19.0014 4576  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:03:19.0030 4576  TapiSrv - ok
17:03:19.0045 4576  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
17:03:19.0061 4576  TBS - ok
17:03:19.0123 4576  [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:03:19.0139 4576  Tcpip - ok
17:03:19.0170 4576  [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
17:03:19.0186 4576  Tcpip6 - ok
17:03:19.0233 4576  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:03:19.0233 4576  tcpipreg - ok
17:03:19.0264 4576  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:03:19.0264 4576  TDPIPE - ok
17:03:19.0279 4576  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:03:19.0279 4576  TDTCP - ok
17:03:19.0311 4576  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:03:19.0311 4576  tdx - ok
17:03:19.0342 4576  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:03:19.0357 4576  TermDD - ok
17:03:19.0389 4576  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
17:03:19.0404 4576  TermService - ok
17:03:19.0420 4576  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
17:03:19.0435 4576  Themes - ok
17:03:19.0435 4576  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
17:03:19.0451 4576  THREADORDER - ok
17:03:19.0482 4576  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
17:03:19.0498 4576  TrkWks - ok
17:03:19.0545 4576  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:03:19.0545 4576  TrustedInstaller - ok
17:03:19.0576 4576  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:03:19.0576 4576  tssecsrv - ok
17:03:19.0607 4576  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
17:03:19.0607 4576  tunmp - ok
17:03:19.0654 4576  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:03:19.0654 4576  tunnel - ok
17:03:19.0669 4576  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:03:19.0669 4576  uagp35 - ok
17:03:19.0701 4576  [ F763E070843EE2803DE1395002B42938 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
17:03:19.0701 4576  UBHelper - ok
17:03:19.0747 4576  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:03:19.0747 4576  udfs - ok
17:03:19.0794 4576  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:03:19.0794 4576  UI0Detect - ok
17:03:19.0825 4576  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:03:19.0825 4576  uliagpkx - ok
17:03:19.0857 4576  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
17:03:19.0857 4576  uliahci - ok
17:03:19.0888 4576  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
17:03:19.0888 4576  UlSata - ok
17:03:19.0903 4576  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
17:03:19.0903 4576  ulsata2 - ok
17:03:19.0935 4576  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:03:19.0935 4576  umbus - ok
17:03:19.0981 4576  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
17:03:19.0981 4576  upnphost - ok
17:03:20.0013 4576  [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
17:03:20.0028 4576  usbaudio - ok
17:03:20.0059 4576  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:03:20.0059 4576  usbccgp - ok
17:03:20.0091 4576  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:03:20.0091 4576  usbcir - ok
17:03:20.0137 4576  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:03:20.0137 4576  usbehci - ok
17:03:20.0169 4576  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:03:20.0169 4576  usbhub - ok
17:03:20.0184 4576  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:03:20.0200 4576  usbohci - ok
17:03:20.0215 4576  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:03:20.0215 4576  usbprint - ok
17:03:20.0231 4576  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:03:20.0247 4576  USBSTOR - ok
17:03:20.0278 4576  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
17:03:20.0278 4576  usbuhci - ok
17:03:20.0309 4576  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
17:03:20.0309 4576  usbvideo - ok
17:03:20.0356 4576  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
17:03:20.0356 4576  UxSms - ok
17:03:20.0403 4576  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
17:03:20.0418 4576  vds - ok
17:03:20.0449 4576  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:03:20.0449 4576  vga - ok
17:03:20.0465 4576  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:03:20.0465 4576  VgaSave - ok
17:03:20.0496 4576  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
17:03:20.0496 4576  viaagp - ok
17:03:20.0527 4576  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
17:03:20.0527 4576  ViaC7 - ok
17:03:20.0543 4576  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
17:03:20.0543 4576  viaide - ok
17:03:20.0574 4576  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:03:20.0574 4576  volmgr - ok
17:03:20.0605 4576  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:03:20.0605 4576  volmgrx - ok
17:03:20.0652 4576  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:03:20.0652 4576  volsnap - ok
17:03:20.0668 4576  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:03:20.0683 4576  vsmraid - ok
17:03:20.0761 4576  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
17:03:20.0793 4576  VSS - ok
17:03:20.0839 4576  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
17:03:20.0839 4576  W32Time - ok
17:03:20.0871 4576  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:03:20.0886 4576  WacomPen - ok
17:03:20.0886 4576  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
17:03:20.0902 4576  Wanarp - ok
17:03:20.0902 4576  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:03:20.0902 4576  Wanarpv6 - ok
17:03:20.0933 4576  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:03:20.0949 4576  wcncsvc - ok
17:03:20.0980 4576  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:03:20.0980 4576  WcsPlugInService - ok
17:03:21.0011 4576  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
17:03:21.0011 4576  Wd - ok
17:03:21.0058 4576  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:03:21.0073 4576  Wdf01000 - ok
17:03:21.0105 4576  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:03:21.0120 4576  WdiServiceHost - ok
17:03:21.0120 4576  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:03:21.0136 4576  WdiSystemHost - ok
17:03:21.0183 4576  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
17:03:21.0198 4576  WebClient - ok
17:03:21.0245 4576  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:03:21.0245 4576  Wecsvc - ok
17:03:21.0261 4576  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:03:21.0276 4576  wercplsupport - ok
17:03:21.0323 4576  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:03:21.0323 4576  WerSvc - ok
17:03:21.0370 4576  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
17:03:21.0370 4576  WinDefend - ok
17:03:21.0385 4576  WinHttpAutoProxySvc - ok
17:03:21.0479 4576  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:03:21.0479 4576  Winmgmt - ok
17:03:21.0557 4576  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
17:03:21.0573 4576  WinRM - ok
17:03:21.0635 4576  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
17:03:21.0635 4576  WinUSB - ok
17:03:21.0697 4576  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:03:21.0713 4576  Wlansvc - ok
17:03:21.0744 4576  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
17:03:21.0744 4576  WmiAcpi - ok
17:03:21.0791 4576  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:03:21.0791 4576  wmiApSrv - ok
17:03:21.0853 4576  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
17:03:21.0869 4576  WMPNetworkSvc - ok
17:03:21.0963 4576  [ 017695393AFFFED8DE58ABD1B085BE6D ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe
17:03:21.0978 4576  WMZuneComm - ok
17:03:22.0009 4576  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:03:22.0025 4576  WPCSvc - ok
17:03:22.0056 4576  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:03:22.0056 4576  WPDBusEnum - ok
17:03:22.0103 4576  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
17:03:22.0103 4576  WpdUsb - ok
17:03:22.0212 4576  [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:03:22.0228 4576  WPFFontCache_v0400 - ok
17:03:22.0259 4576  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:03:22.0259 4576  ws2ifsl - ok
17:03:22.0306 4576  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
17:03:22.0306 4576  wscsvc - ok
17:03:22.0321 4576  WSearch - ok
17:03:22.0384 4576  [ 084E0D335481C3C5172B2AE0BA5BB455 ] WSVD            C:\Windows\system32\drivers\WSVD.sys
17:03:22.0384 4576  WSVD - ok
17:03:22.0477 4576  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
17:03:22.0524 4576  wuauserv - ok
17:03:22.0587 4576  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:03:22.0587 4576  WudfPf - ok
17:03:22.0602 4576  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:03:22.0618 4576  WUDFRd - ok
17:03:22.0633 4576  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:03:22.0649 4576  wudfsvc - ok
17:03:22.0883 4576  [ 1076DF9ADE4E13EA3BF39D2165AEB903 ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe
17:03:23.0070 4576  ZuneNetworkSvc - ok
17:03:23.0133 4576  [ DE1CDB333A402B279F04D627122FA08E ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe
17:03:23.0148 4576  ZuneWlanCfgSvc - ok
17:03:23.0226 4576  [ 4D840C6AF3C020ED3A35EFBA9025CF4A ] {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
17:03:23.0226 4576  {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
17:03:23.0242 4576  ================ Scan global ===============================
17:03:23.0304 4576  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
17:03:23.0398 4576  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
17:03:23.0429 4576  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
17:03:23.0476 4576  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
17:03:23.0476 4576  [Global] - ok
17:03:23.0476 4576  ================ Scan MBR ==================================
17:03:23.0507 4576  [ 4E21D458A40C15E660464D81BF7302E4 ] \Device\Harddisk0\DR0
17:03:28.0905 4576  \Device\Harddisk0\DR0 - ok
17:03:28.0920 4576  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:03:38.0031 4576  \Device\Harddisk1\DR1 - ok
17:03:38.0031 4576  ================ Scan VBR ==================================
17:03:38.0046 4576  [ 6A38443983083E85389D569BA4CBB9A8 ] \Device\Harddisk0\DR0\Partition1
17:03:38.0046 4576  \Device\Harddisk0\DR0\Partition1 - ok
17:03:38.0077 4576  [ F3F04B6E8CEEF243500AF8FB592BF9F2 ] \Device\Harddisk0\DR0\Partition2
17:03:38.0077 4576  \Device\Harddisk0\DR0\Partition2 - ok
17:03:38.0077 4576  [ 9574B8FFDCA7BB99F6A01A55AE0F2B03 ] \Device\Harddisk1\DR1\Partition1
17:03:38.0077 4576  \Device\Harddisk1\DR1\Partition1 - ok
17:03:38.0093 4576  ============================================================
17:03:38.0093 4576  Scan finished
17:03:38.0093 4576  ============================================================
17:03:38.0187 3868  Detected object count: 0
17:03:38.0187 3868  Actual detected object count: 0
17:03:46.0673 0792  Deinitialize success
 
  • AdwCleaner log
# AdwCleaner v3.000 - Report created13/08/2013at17:18:12
# Updated 13/08/2013 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Nick - NICK-PC
# Running from : C:\Users\Nick\Desktop\Computer Tools\adwcleaner.exe
 
***** [ Services ] *****
 
[#] Service Deleted : BrowserProtect
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
[!] Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\GameTap Web Player
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\registry mechanic
Folder Deleted : C:\Program Files\BabylonToolbar
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\GamesBar
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\registry mechanic
Folder Deleted : C:\Program Files\SearchProtect
Folder Deleted : C:\Program Files\yourfiledownloader
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Windows\system32\BrowserProtect
Folder Deleted : C:\Users\Nick\AppData\Local\Conduit
Folder Deleted : C:\Users\Nick\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Nick\AppData\Local\Ilivid
Folder Deleted : C:\Users\Nick\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Nick\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Nick\AppData\LocalLow\Retrogamer_4w
Folder Deleted : C:\Users\Nick\AppData\Roaming\Conduit
Folder Deleted : C:\Users\Nick\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Nick\AppData\Roaming\registry mechanic
Folder Deleted : C:\Users\Nick\AppData\Roaming\SearchProtect
Folder Deleted : C:\Users\Nick\AppData\Roaming\yourfiledownloader
Folder Deleted : C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Folder Deleted : C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Downloader
Folder Deleted : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\hpla0umi.default\Smartbar
Folder Deleted : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\hpla0umi.default\CT3297955
File Deleted : C:\END
File Deleted : C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
File Deleted : C:\Users\Nick\Desktop\iLivid.lnk
File Deleted : C:\Windows\System32\Tasks\BrowserProtect
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserProtect
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ABC69219-AA02-485E-86A9-FF4A71C2F3F3}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ABC69219-AA02-485E-86A9-FF4A71C2F3F3}
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\browse~1\261040~1.25\{c16c1~1\browse~1.dll
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKCU\Software\5b68a8de26eba42
Key Deleted : HKLM\SOFTWARE\5b68a8de26eba42
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7BD9A644-9DC6-42be-8872-CBF5524276BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Deleted : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49dd-99D7-DC866BE87DBC}]
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4b0f-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4b0f-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BE89FFB3-7F9C-4A16-B475-98B195A06628}
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\GamesBarSetup
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16496
 
[OK] No bad entry found.
 
-\\ Mozilla Firefox v23.0 (en-US)
 
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\GameTapPlayer@gametap.com
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [lesstabs@lesstabs.com]
Folder Deleted : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\hpla0umi.default\Extensions\{589d7cff-0173-47a9-966a-9afae3e5c249}
File Deleted : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\hpla0umi.default\Extensions\addon@defaulttab.com.xpi
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\hpla0umi.default\searchplugins\babylon1.xml
File Deleted : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\hpla0umi.default\searchplugins\my-web-search.xml
File Deleted : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\hpla0umi.default\searchplugins\safesearch.xml
File Deleted : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\hpla0umi.default\searchplugins\search.xml
File Deleted : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\hpla0umi.default\searchplugins\Search_Results.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml
File Deleted : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\hpla0umi.default\bProtector_extensions.rdf
File Deleted : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\hpla0umi.default\bprotector_extensions.sqlite
File Deleted : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\hpla0umi.default\bprotector_prefs.js
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\hpla0umi.default\user.js
 
[ File : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\hpla0umi.default\prefs.js ]
 
Line Deleted : user_pref("CT3297955.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT3297955.1000082.state", "{\"state\":\"stopped\",\"text\":\"1.FM (Cou...\",\"description[...]
Line Deleted : user_pref("CT3297955.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3297955.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Line Deleted : user_pref("CT3297955.FirstTime", "true");
Line Deleted : user_pref("CT3297955.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3297955.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT329[...]
Line Deleted : user_pref("CT3297955.UserID", "UN51258580246934420");
Line Deleted : user_pref("CT3297955.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3297955.browser.search.defaultthis.engineName", true);
Line Deleted : user_pref("CT3297955.countryCode", "US");
Line Deleted : user_pref("CT3297955.enableFix404ByUser", "TRUE");
Line Deleted : user_pref("CT3297955.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT3297955.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT3297955.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3297955.fixUrls", true);
Line Deleted : user_pref("CT3297955.fullUserID", "UN51258580246934420.UP.20130625221118");
Line Deleted : user_pref("CT3297955.installType", "DirectDownload");
Line Deleted : user_pref("CT3297955.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3297955.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3297955.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3297955.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3297955.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3297955.keyword", true);
Line Deleted : user_pref("CT3297955.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...]
Line Deleted : user_pref("CT3297955.lastVersion", "10.16.70.505");
Line Deleted : user_pref("CT3297955.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9w[...]
Line Deleted : user_pref("CT3297955.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlR29uZyIsImN[...]
Line Deleted : user_pref("CT3297955.mam_gk_currentVersion.enc", "MS40LjQuNg==");
Line Deleted : user_pref("CT3297955.mam_gk_installer_preapproved.enc", "VFJVRQ==");
Line Deleted : user_pref("CT3297955.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3297955.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]
Line Deleted : user_pref("CT3297955.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT3297955.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fgeneral-changelo[...]
Line Deleted : user_pref("CT3297955.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3297955.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT32[...]
Line Deleted : user_pref("CT3297955.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"BROWSER_COMPONENT\\\"][...]
Line Deleted : user_pref("CT3297955.revertSettingsEnabled", "false");
Line Deleted : user_pref("CT3297955.search.searchAppId", "130106765728788785");
Line Deleted : user_pref("CT3297955.search.searchCount", "0");
Line Deleted : user_pref("CT3297955.searchFromAddressBarEnabledByUser", "true");
Line Deleted : user_pref("CT3297955.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT3297955.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3297955.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT3297955.searchUserMode", "2");
Line Deleted : user_pref("CT3297955.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3297955.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Line Deleted : user_pref("CT3297955.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Line Deleted : user_pref("CT3297955.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Line Deleted : user_pref("CT3297955.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Line Deleted : user_pref("CT3297955.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Line Deleted : user_pref("CT3297955.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Line Deleted : user_pref("CT3297955.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Line Deleted : user_pref("CT3297955.serviceLayer_services_Configuration_lastUpdate", "1376271474896");
Line Deleted : user_pref("CT3297955.serviceLayer_services_location_lastUpdate", "1372203288841");
Line Deleted : user_pref("CT3297955.serviceLayer_services_login_10.15.2.523_lastUpdate", "1368621087976");
Line Deleted : user_pref("CT3297955.serviceLayer_services_login_10.16.2.509_lastUpdate", "1372203288562");
Line Deleted : user_pref("CT3297955.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374623971867");
Line Deleted : user_pref("CT3297955.serviceLayer_services_login_10.16.70.505_lastUpdate", "1376356392513");
Line Deleted : user_pref("CT3297955.serviceLayer_services_searchAPI_lastUpdate", "1376271474838");
Line Deleted : user_pref("CT3297955.serviceLayer_services_serviceMap_lastUpdate", "1376271474696");
Line Deleted : user_pref("CT3297955.serviceLayer_services_setupAPI_lastUpdate", "1367547948710");
Line Deleted : user_pref("CT3297955.serviceLayer_services_toolbarSettings_lastUpdate", "1376356392269");
Line Deleted : user_pref("CT3297955.serviceLayer_services_translation_lastUpdate", "1376271475116");
Line Deleted : user_pref("CT3297955.settingsINI", true);
Line Deleted : user_pref("CT3297955.showToolbarPermission", "false");
Line Deleted : user_pref("CT3297955.smartbar.CTID", "CT3297955");
Line Deleted : user_pref("CT3297955.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3297955.smartbar.homepage", true);
Line Deleted : user_pref("CT3297955.smartbar.isHidden", true);
Line Deleted : user_pref("CT3297955.smartbar.toolbarName", "Produtools Manuals 2.1 B2 ");
Line Deleted : user_pref("CT3297955.toolbarBornServerTime", "24-4-2013");
Line Deleted : user_pref("CT3297955.toolbarCurrentServerTime", "13-8-2013");
Line Deleted : user_pref("CT3297955.toolbarLoginClientTime", "Thu May 02 2013 22:23:50 GMT-0400 (Eastern Standard T[...]
Line Deleted : user_pref("CT3297955.userIdGenerationCounter", "1");
Line Deleted : user_pref("CT3297955_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3297955&SearchSource=1[...]
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "Produtools Manuals 2.1 B2 Customized Web Search");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3297955[...]
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://nortonsafe.search.ask.com/web?o=APN10506&[...]
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3297955");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3297955&SearchSource=13&CUI[...]
Line Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Line Deleted : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Line Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Line Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Line Deleted : user_pref("extensions.BabylonToolbar.id", "00ddfbf300000000000000234e7acbd0");
Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15705");
Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar.rvrt", "false");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2");
Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=116782&tt=0112_6");
Line Deleted : user_pref("extensions.BabylonToolbar_i.excTlbr", false);
Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "00ddfbf300000000000000234e7acbd0");
Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "00ddfbf300000000000000234e7acbd0");
Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15467");
Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.212:04:08");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Line Deleted : user_pref("extensions.DivXWebPlayer@divx.com.install-event-fired", true);
Line Deleted : user_pref("extensions.enabledAddons", "addon%40defaulttab.com:2.0,DivXWebPlayer%40divx.com:2.0.2.039[...]
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-[...]
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3297955&SearchSource=2&CU[...]
Line Deleted : user_pref("show.CT3297955", false);
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3297955");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3297955&SearchSource=13[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Line Deleted : user_pref("smartbar.machineId", "HQWZSSOYKAIXJUNONHS6P69IBT5CC2ZUVFP5GT5YFGGBN/QGITK381/PJ+QUDI68KM6[...]
Line Deleted : user_pref("smartbar.originalHomepage", "hxxps://www.google.com/");
Line Deleted : user_pref("smartbar.originalSearchAddressUrl", "hxxp://nortonsafe.search.ask.com/web?o=APN10506&gct=[...]
Line Deleted : user_pref("smartbar.originalSearchEngine", "Norton Safe Search");
 
-\\ Google Chrome v
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
 
[ File : C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
[OK] No bad entry found.
 
*************************
 
AdwCleaner[0].txt - [26757 octets] - [13/08/2013 17:18:12]
 
########## EOF - C:\AdwCleaner\AdwCleaner[0].txt - [26817 octets] ##########
 

ESET is coming


Edited by Alfran, 13 August 2013 - 10:14 PM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:23 AM

Posted 13 August 2013 - 10:33 PM

Loks a lot better already, I have to go will look back asap.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Alfran

Alfran
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:23 AM

Posted 13 August 2013 - 11:36 PM

Thanks; no rush, whenever you've got the time is fine with me.  I'm going to let this finish overnight...it's probably got another hour left to run, but I don't.  I'll get the log up in the morning.  It's already showing some babylon toolbar and conduit records though (27 entries so far), which I guess is good.


Edited by Alfran, 13 August 2013 - 11:37 PM.


#8 Alfran

Alfran
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:23 AM

Posted 14 August 2013 - 09:13 AM

Well, they interrupted the scan again.  Starting over.



#9 Adam Pollard

Adam Pollard

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales, UK
  • Local time:07:23 AM

Posted 14 August 2013 - 10:00 AM

If the system is freezing at the bios screen or before Windows starts to load, it is quite likely to be a hardware problem. Although viruses can cause bios corruption, or modify the Master Boot Record to load malware from hidden partitions etc, it sounds like the problem is occuring even before the MBR is loaded. Does the system have a hardware diagnostics utility in the startup options?



#10 Alfran

Alfran
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:23 AM

Posted 14 August 2013 - 10:23 AM

Hello Adam,

Software I have a rudimentary fluency in; I'm very little help when it comes to hardware.  That's the issue they're fixing on my computer (this particular thread is for a relative's machine) in another area of the site.  I'm in the process of making a system image off my failing hard drive.  From what I've gone through with that experience so far, I could possibly agree with you there, but again, I have a very basic understanding of hardware (I plugged in some extra RAM on a desktop once in '98, and that's about as far as I got.  I follow directions well and I can research and apply, but I don't have a working knowledge myself).  Once I'm done getting this scan complete I'll run a hardware diagnostic.  This malware has to go, though.


Edited by Alfran, 14 August 2013 - 11:06 AM.


#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:23 AM

Posted 14 August 2013 - 12:06 PM

No luck with ESET?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 Alfran

Alfran
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:23 AM

Posted 14 August 2013 - 01:13 PM

It's just about done now, but I've got some errands to run.  I'll be back later and post the log.  So far it's got 45 errors, and hopefully no one shuts it off this time.



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:23 AM

Posted 14 August 2013 - 01:54 PM

:thumbup2:


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 Alfran

Alfran
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:23 AM

Posted 14 August 2013 - 03:56 PM

C:\Users\All Users\APN\APN-Stub\W3IV6-G\APNIC.dll Win32/Bundled.Toolbar.Ask.B application
C:\Users\All Users\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\bprotector-17.0.dll a variant of Win32/bProtector.B application
C:\Users\All Users\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll a variant of Win32/bProtector.B application
C:\Users\All Users\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-18.0.dll a variant of Win32/bProtector.B application
C:\Users\All Users\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js Win32/bProtector.C application
C:\AdwCleaner\Quarantine\C\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll.vir a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll.vir Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe.vir probably a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll.vir Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll.vir Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\BabylonToolbar\BabylonToolbar\1.8.7.2\BabylonToolbarApp.dll.vir a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\BabylonToolbar\BabylonToolbar\1.8.7.2\BabylonToolbarsrv.exe.vir probably a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SearchProtect\ffprotect\application.js.vir Win32/Conduit.SearchProtect.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\APN\APN-Stub\W3IV6-G\APNIC.7z.vir Win32/Bundled.Toolbar.Ask.B application deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\APN\APN-Stub\W3IV6-G\APNIC.dll.vir Win32/Bundled.Toolbar.Ask.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Nick\AppData\Roaming\SearchProtect\ffprotect\application.js.vir Win32/Conduit.SearchProtect.A application cleaned by deleting - quarantined
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe probably a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.7.2\BabylonToolbarApp.dll a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.7.2\BabylonToolbarsrv.exe probably a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files\Mozilla Firefox\browser\components\sprotector.js Win32/Conduit.SearchProtect.A application cleaned by deleting - quarantined
C:\Program Files\Mozilla Firefox\components\sprotector.js Win32/Conduit.SearchProtect.A application cleaned by deleting - quarantined
C:\Program Files\SearchProtect\ffprotect\application.js Win32/Conduit.SearchProtect.A application cleaned by deleting - quarantined
C:\ProgramData\APN\APN-Stub\W3IV6-G\APNIC.dll Win32/Bundled.Toolbar.Ask.B application cleaned by deleting - quarantined
C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll a variant of Win32/bProtector.A application cleaned by deleting (after the next restart) - quarantined
C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\bprotector-17.0.dll a variant of Win32/bProtector.B application cleaned by deleting (after the next restart) - quarantined
C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll a variant of Win32/bProtector.B application cleaned by deleting (after the next restart) - quarantined
C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-18.0.dll a variant of Win32/bProtector.B application cleaned by deleting (after the next restart) - quarantined
C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js Win32/bProtector.C application cleaned by deleting (after the next restart) - quarantined
C:\Users\All Users\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll a variant of Win32/bProtector.A application cleaned by deleting (after the next restart) - quarantined
C:\Users\Nick\AppData\LocalLow\Retrogamer_4wEI\Installr\Cache\009BC9E6.exe a variant of Win32/Toolbar.MyWebSearch.O application cleaned by deleting - quarantined
C:\Users\Nick\AppData\Roaming\SearchProtect\ffprotect\application.js Win32/Conduit.SearchProtect.A application cleaned by deleting - quarantined
C:\Users\Nick\Documents\ezguitartabs.exe a variant of Win32/InstallIQ.A application cleaned by deleting - quarantined
C:\Users\Nick\Documents\mplayer_d4235070.exe a variant of Win32/InstallIQ.A application cleaned by deleting - quarantined
C:\Users\Nick\Downloads\movie_player_1280(1).exe a variant of Win32/InstallIQ.A application cleaned by deleting - quarantined
C:\Users\Nick\Downloads\movie_player_1280.exe a variant of Win32/InstallIQ.A application cleaned by deleting - quarantined
C:\Users\Nick\Downloads\The_Daniel_Project_-_Bible_Prophecy,_Big_Brother,_Terrorism,_The_secure.exe Win32/TopMedia.B application cleaned by deleting - quarantined
C:\Users\Nick\Downloads\The_Daniel_Project_[2011]_[Verifire]_secure (1).exe Win32/TopMedia.B application cleaned by deleting - quarantined
C:\Users\Nick\Downloads\The_Daniel_Project_[2011]_[Verifire]_secure (2).exe Win32/TopMedia.B application cleaned by deleting - quarantined
C:\Users\Nick\Downloads\The_Daniel_Project_[2011]_[Verifire]_secure (3).exe Win32/TopMedia.B application cleaned by deleting - quarantined
C:\Users\Nick\Downloads\The_Daniel_Project_[2011]_[Verifire]_secure.exe Win32/TopMedia.B application cleaned by deleting - quarantined
C:\Users\Nick\Pictures\PCPerformer_GN.exe a variant of Win32/InstallBrain application cleaned by deleting - quarantined
Operating memory a variant of Win32/bProtector.A application contained infected files


#15 Alfran

Alfran
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:23 AM

Posted 14 August 2013 - 04:36 PM

Couldn't find Acer hardware diagnostic like Dell had, I'm going to run disk health in Parted Magic like I did for the previous repair just as an analysis, but that will only analyze the drive status.  Computer froze on restart in windows, had to power off/on.  In the programs list, babylon toolbar, privitizevpn, and browserprotect are still listed.  Conduit, searchprotect, and babylon folders are still there.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users