Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

CPU pegged at 100% & Trojan Messages


  • Please log in to reply
5 replies to this topic

#1 james.potteiger

james.potteiger

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:52 PM

Posted 13 August 2013 - 08:37 PM

Hello,

I began receiving messages from AVG that I was infected with the 3 following Trojans. Each time I selected for AVG to quarantine them but the messages return. Shortly afterward, the CPU pegged at 100% and the computer is very slow.

Generic31.esz
Crypt_s.ccd
Generic34.cdw

Thanks in advance for any assistance.

Jim P.

BC AdBot (Login to Remove)

 


#2 james.potteiger

james.potteiger
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:52 PM

Posted 13 August 2013 - 08:44 PM

I did obtain a MBAM log which is below. This did not help the problem.

*** I notice that the paste comes out backwards. Is this part of the virus?


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.13.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Jim :: VISTABOX [administrator]

8/13/2013 7:25:37 PM
mbam-log-2013-08-13 (19-25-37).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 351755
Time elapsed: 12 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKLM\SYSTEM\CurrentControlSet\Services\‮etadpug (Trojan.Medfos) -> Delete on reboot.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GOOGLEUPDATE.EXE (Trojan.Medfos) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 10
C:\Users\Jim\AppData\Local\Temp\OpenCandy\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> No action taken.
c:\program files\google\desktop\install\{1ecbde10-0498-0213-c1b9-3c766cbb201f}\ \...\‮ﯹ๛\{1ecbde10-0498-0213-c1b9-3c766cbb201f}\googleupdate.exe (Trojan.Medfos) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-3843628810-1494182717-1151088467-1000\$RN476LH.zip (Trojan.Spy.SZGen) -> Quarantined and deleted successfully.
C:\Users\Jim\AppData\Local\Temp\Low\0.5262796288550112 (Trojan.Happili) -> Quarantined and deleted successfully.
C:\Users\Jim\AppData\Local\Temp\Low\0.8196688901115796 (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Users\Jim\AppData\Local\Temp\Low\0.9232587419201529 (Trojan.Dropper.ED) -> Quarantined and deleted successfully.
C:\Users\Jim\AppData\Local\Temp\Low\8CF8.tmp (Trojan.Agent.MRGGen) -> Quarantined and deleted successfully.
C:\Users\Jim\AppData\Local\Temp\Low\msimg32.dll (Trojan.Medfos) -> Quarantined and deleted successfully.
C:\Windows\Temp\ats18A7.tmp (Trojan.Hiloti) -> Quarantined and deleted successfully.
C:\Users\Jim\Downloads\iLividSetup-r362-n.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.

(end)

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:52 PM

Posted 13 August 2013 - 10:18 PM

Welcome james, let's look a bit further.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.



Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 james.potteiger

james.potteiger
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:52 PM

Posted 14 August 2013 - 04:13 PM

Thanks for your help. The requested information is below.

Jim P.


MiniToolBox by Farbar Version: 13-07-2013
Ran by Jim (administrator) on 14-08-2013 at 08:20:43
Running from "C:\Users\Jim\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = Local Area Connection (Connected)
NVIDIA nForce Networking Controller = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 11" forwarding=disabled advertise=disabled metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : VistaBox
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : JimNet

Ethernet adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Check Point Virtual Network Adapter For SecureClient
Physical Address. . . . . . . . . : 54-55-43-44-52-0C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : JimNet
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller #2
Physical Address. . . . . . . . . : 00-18-F3-73-DD-DE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : JimNet
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
Physical Address. . . . . . . . . : 00-18-F3-73-CF-57
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a880:507e:252e:df91%7(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.111(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, August 14, 2013 8:12:58 AM
Lease Expires . . . . . . . . . . : Thursday, August 15, 2013 8:12:58 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 184555763
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0D-69-D4-A3-00-18-F3-73-CF-57
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:4004:802::1000
74.125.228.100
74.125.228.102
74.125.228.103
74.125.228.99
74.125.228.96
74.125.228.97
74.125.228.105
74.125.228.98
74.125.228.110
74.125.228.101
74.125.228.104



Pinging google.com [74.125.228.7] with 32 bytes of data:

Reply from 74.125.228.7: bytes=32 time=17ms TTL=54

Reply from 74.125.228.7: bytes=32 time=18ms TTL=54



Ping statistics for 74.125.228.7:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 17ms, Maximum = 18ms, Average = 17ms

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=89ms TTL=49

Reply from 206.190.36.45: bytes=32 time=111ms TTL=49



Ping statistics for 206.190.36.45:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 89ms, Maximum = 111ms, Average = 100ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...54 55 43 44 52 0c ...... Check Point Virtual Network Adapter For SecureClient
8 ...00 18 f3 73 dd de ...... NVIDIA nForce Networking Controller #2
7 ...00 18 f3 73 cf 57 ...... NVIDIA nForce Networking Controller
1 ........................... Software Loopback Interface 1
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.111 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.111 276
192.168.1.111 255.255.255.255 On-link 192.168.1.111 276
192.168.1.255 255.255.255.255 On-link 192.168.1.111 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.111 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.111 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
7 276 fe80::/64 On-link
7 276 fe80::a880:507e:252e:df91/128
On-link
1 306 ff00::/8 On-link
7 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 mswsock.dll [File Not found] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 07 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 02 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 03 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 04 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 05 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 06 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 07 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 08 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 09 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 10 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 11 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 12 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 13 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 14 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 15 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 16 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 17 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 18 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 19 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 20 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 21 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 22 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 23 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 24 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 25 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 26 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 27 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 28 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 29 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 30 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 31 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 32 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 33 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 34 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 35 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 36 mswsock.dll [File not found] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/14/2013 08:18:34 AM) (Source: Application Error) (User: )
Description: Faulting application wmpnetwk.exe, version 11.0.6001.7000, time stamp 0x47919370, faulting module Indiv01.key, version 11.0.6000.6324, time stamp 0x47e48d51, exception code 0xc0000005, fault offset 0x00113d38,
process id 0x5dc, application start time 0xwmpnetwk.exe0.

Error: (08/14/2013 08:18:00 AM) (Source: Application Error) (User: )
Description: Faulting application wmpnetwk.exe, version 11.0.6001.7000, time stamp 0x47919370, faulting module Indiv01.key, version 11.0.6000.6324, time stamp 0x47e48d51, exception code 0xc0000005, fault offset 0x001244cd,
process id 0x11ec, application start time 0xwmpnetwk.exe0.

Error: (08/14/2013 08:17:15 AM) (Source: Application Error) (User: )
Description: Faulting application wmpnetwk.exe, version 11.0.6001.7000, time stamp 0x47919370, faulting module Indiv01.key, version 11.0.6000.6324, time stamp 0x47e48d51, exception code 0xc0000005, fault offset 0x00123b94,
process id 0x163c, application start time 0xwmpnetwk.exe0.

Error: (08/13/2013 08:00:49 PM) (Source: Application Error) (User: )
Description: Faulting application wmpnetwk.exe, version 11.0.6001.7000, time stamp 0x47919370, faulting module Indiv01.key, version 11.0.6000.6324, time stamp 0x47e48d51, exception code 0xc0000005, fault offset 0x0011dca8,
process id 0x1748, application start time 0xwmpnetwk.exe0.

Error: (08/13/2013 07:59:13 PM) (Source: Application Error) (User: )
Description: Faulting application wmpnetwk.exe, version 11.0.6001.7000, time stamp 0x47919370, faulting module Indiv01.key, version 11.0.6000.6324, time stamp 0x47e48d51, exception code 0xc0000005, fault offset 0x00111f56,
process id 0xf14, application start time 0xwmpnetwk.exe0.

Error: (08/13/2013 07:56:55 PM) (Source: Application Error) (User: )
Description: Faulting application wmpnetwk.exe, version 11.0.6001.7000, time stamp 0x47919370, faulting module Indiv01.key, version 11.0.6000.6324, time stamp 0x47e48d51, exception code 0xc0000005, fault offset 0x00119952,
process id 0xed8, application start time 0xwmpnetwk.exe0.

Error: (08/13/2013 07:21:52 PM) (Source: Application Error) (User: )
Description: Faulting application nslookup.exe, version 6.0.6002.18005, time stamp 0x49e01d63, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000138, fault offset 0x00009f5d,
process id 0xae4, application start time 0xnslookup.exe0.

Error: (08/13/2013 07:21:43 PM) (Source: Application Error) (User: )
Description: Faulting application nslookup.exe, version 6.0.6002.18005, time stamp 0x49e01d63, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000138, fault offset 0x00009f5d,
process id 0x10dc, application start time 0xnslookup.exe0.

Error: (08/13/2013 06:52:07 PM) (Source: Application Error) (User: )
Description: Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp 0x49e01da5, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc00000fd, fault offset 0x0004a15f,
process id 0xbd8, application start time 0xExplorer.EXE0.

Error: (08/13/2013 06:42:23 PM) (Source: Application Error) (User: )
Description: Faulting application SR_Service.exe, version 63.0.0.12, time stamp 0x459cd0ba, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000138, fault offset 0x00009f5d,
process id 0x1574, application start time 0xSR_Service.exe0.


System errors:
=============
Error: (08/14/2013 08:18:38 AM) (Source: Service Control Manager) (User: )
Description: Windows Media Player Network Sharing Service3

Error: (08/14/2013 08:18:03 AM) (Source: Service Control Manager) (User: )
Description: Windows Media Player Network Sharing Service2300001Restart the service

Error: (08/14/2013 08:17:29 AM) (Source: Service Control Manager) (User: )
Description: Windows Media Player Network Sharing Service1300001Restart the service

Error: (08/14/2013 08:16:45 AM) (Source: Service Control Manager) (User: )
Description: Intuit Update Service v4%%1053

Error: (08/14/2013 08:16:43 AM) (Source: Service Control Manager) (User: )
Description: 30000Intuit Update Service v4

Error: (08/14/2013 08:15:14 AM) (Source: Service Control Manager) (User: )
Description: BrYNSvc%%1053

Error: (08/14/2013 08:15:14 AM) (Source: Service Control Manager) (User: )
Description: 30000BrYNSvc

Error: (08/14/2013 08:15:14 AM) (Source: DCOM) (User: )
Description: 1053BrYNSvc{F2189AE3-E432-427F-93B6-38D1C6F5E8D4}

Error: (08/14/2013 08:14:25 AM) (Source: Service Control Manager) (User: )
Description: ScRegSetValueExWFailureActions%%5

Error: (08/14/2013 08:14:25 AM) (Source: Service Control Manager) (User: )
Description: Windows Firewall5 (0x5)


Microsoft Office Sessions:
=========================
Error: (07/19/2013 09:41:16 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1714 seconds with 60 seconds of active time. This session ended with a crash.

Error: (07/12/2013 06:35:04 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10683 seconds with 4620 seconds of active time. This session ended with a crash.

Error: (07/11/2013 07:39:09 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3419 seconds with 3240 seconds of active time. This session ended with a crash.

Error: (04/22/2013 06:57:47 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 932 seconds with 900 seconds of active time. This session ended with a crash.

Error: (03/23/2013 07:00:49 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2299 seconds with 2340 seconds of active time. This session ended with a crash.

Error: (03/31/2009 10:28:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 124 seconds with 120 seconds of active time. This session ended with a crash.

Error: (01/21/2009 07:41:31 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 105 seconds with 60 seconds of active time. This session ended with a crash.

Error: (10/22/2008 08:18:32 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 816 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/07/2008 08:12:46 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 718 seconds with 300 seconds of active time. This session ended with a crash.

Error: (09/01/2008 06:01:13 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 794 seconds with 240 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2013-08-13 20:10:16.966
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-13 20:10:16.747
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-13 20:10:16.528
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-13 20:10:16.294
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-13 20:10:03.317
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-13 20:10:03.098
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-13 20:10:02.880
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-13 20:10:02.661
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-13 20:10:02.427
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-13 20:10:02.208
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 2.1.5)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Reader X (10.1.6) (Version: 10.1.6)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Age of Empires III (Version: 1.00.0000)
AIO_Scan (Version: 90.0.222.000)
AnswerWorks 4.0 Runtime - English (Version: 4.0.101)
AnswerWorks 5.0 English Runtime (Version: 008.000.0003)
Any Video Converter Professional 2.7.2
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Applian FLV Player (Version: 2.0.24)
ArcGIS Desktop Evaluation Edition (Version: 9.3.1770)
ATI AVIVO Codecs (Version: 10.12.0.41124)
ATI Catalyst Install Manager (Version: 3.0.754.0)
AudibleManager (Version: -2.2005997635.2005997276.4528520)
AutoUpdate (Version: 1.1)
AVG 2013 (Version: 13.0.2904)
AVG 2013 (Version: 13.0.3211)
AVG 2013 (Version: 2013.0.2904)
AviSynth 2.5
Battlefield 2142
Bejeweled 3
BLACKBOX-PROG Programming Software
Bonjour (Version: 3.0.0.10)
Brother MFL-Pro Suite MFC-J875DW (Version: 1.0.3.0)
BufferChm (Version: 90.0.146.000)
C6200 (Version: 90.0.222.000)
C6200_doccd (Version: 90.0.222.000)
C6200_Help (Version: 90.0.222.000)
Call of Duty® 4 - Modern Warfare™ (Version: 1.00.0000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.1124.2131.38610)
Catalyst Control Center Graphics Full Existing (Version: 2009.1124.2131.38610)
Catalyst Control Center Graphics Full New (Version: 2009.1124.2131.38610)
Catalyst Control Center Graphics Light (Version: 2009.1124.2131.38610)
Catalyst Control Center Graphics Previews Common (Version: 2009.1124.2131.38610)
Catalyst Control Center Graphics Previews Vista (Version: 2009.1124.2131.38610)
Catalyst Control Center HydraVision Full (Version: 2009.1124.2131.38610)
Catalyst Control Center InstallProxy (Version: 2009.1124.2131.38610)
Catalyst Control Center Localization All (Version: 2009.1124.2131.38610)
CCC Help Chinese Standard (Version: 2009.1124.2130.38610)
CCC Help Chinese Traditional (Version: 2009.1124.2130.38610)
CCC Help Czech (Version: 2009.1124.2130.38610)
CCC Help Danish (Version: 2009.1124.2130.38610)
CCC Help Dutch (Version: 2009.1124.2130.38610)
CCC Help English (Version: 2009.1124.2130.38610)
CCC Help Finnish (Version: 2009.1124.2130.38610)
CCC Help French (Version: 2009.1124.2130.38610)
CCC Help German (Version: 2009.1124.2130.38610)
CCC Help Greek (Version: 2009.1124.2130.38610)
CCC Help Hungarian (Version: 2009.1124.2130.38610)
CCC Help Italian (Version: 2009.1124.2130.38610)
CCC Help Japanese (Version: 2009.1124.2130.38610)
CCC Help Korean (Version: 2009.1124.2130.38610)
CCC Help Norwegian (Version: 2009.1124.2130.38610)
CCC Help Polish (Version: 2009.1124.2130.38610)
CCC Help Portuguese (Version: 2009.1124.2130.38610)
CCC Help Russian (Version: 2009.1124.2130.38610)
CCC Help Spanish (Version: 2009.1124.2130.38610)
CCC Help Swedish (Version: 2009.1124.2130.38610)
CCC Help Thai (Version: 2009.1124.2130.38610)
CCC Help Turkish (Version: 2009.1124.2130.38610)
ccc-core-static (Version: 2009.1124.2131.38610)
ccc-utility (Version: 2009.1124.2131.38610)
Check Point VPN-1 SecuRemote/SecureClient NGX HFA2 EA (Version: 1.00.0000)
Copy (Version: 90.0.146.000)
Corel Paint Shop Pro Photo XI (Version: 11.00.0000)
Creative Audio Console
CyberLink PowerDVD 8 (Version: 8.0.2606a)
Destination Component (Version: 090.000.091.086)
DeviceDiscovery (Version: 90.0.205.000)
DivX Codec (Version: 6.6.1)
DivX Converter (Version: 6.2.1)
DivX Player (Version: 6.4.3)
DivX Web Player (Version: 1.3.1)
DocProc (Version: 9.0.0.0)
DocProcQFolder (Version: 1.00.0000)
DVD to iPod Converter 4 (Version: 4.0.53.0804)
EA SPORTS online 2007
eSupportQFolder (Version: 1.00.0000)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Fax (Version: 90.0.146.000)
Garmin Communicator Plugin (Version: 2.6.2)
Garmin TOPO U.S. 2008 (Version: 4.0.0.0)
Google Chrome (Version: 28.0.1500.95)
Google Earth (Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.153)
Google Updater (Version: 2.4.2432.1652)
HP Imaging Device Functions 9.0 (Version: 9.0)
HP OCR Software 9.0 (Version: 9.0)
HP Officejet 6600 Basic Device Software (Version: 25.0.619.0)
HP Officejet 6600 Help (Version: 140.0.2.2)
HP Photosmart All-In-One Driver Software 10.0 Rel .2 (Version: 10.0)
HP Photosmart All-In-One Driver Software 9.0.A Corporate Edition (Version: 9.0)
HP Photosmart All-In-One Software 9.0 (Version: 9.0)
HP Photosmart Essential 2.01 (Version: 2.01)
HP Photosmart Essential2.01 (Version: 1.01.0000)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 9.0 (Version: 9.0)
HP Update (Version: 5.003.000.004)
HPProductAssistant (Version: 90.0.146.000)
HPSSupply (Version: 2.2.0.0000)
HydraVision (Version: 4.2.128.0)
I.R.I.S. OCR (Version: 12.3.4.0)
iCloud (Version: 2.0.2.187)
ImTOO Ringtone Maker (Version: 2.0.1.0401)
Indeo® Software
iPad/iPhone/iPod to Computer Transfer 7.7.0
iTunes (Version: 10.7.0.21)
Java™ 6 Update 7 (Version: 1.6.0.70)
Logitech Gaming Software (Version: 4.40)
Madden NFL 08
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MasterSplitter Program
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Corporation (Version: 9.0.0.0)
Microsoft Flight Simulator X (Version: 10.0.60905)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Streets & Trips 2007 (Version: 14.0.09.1100)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Move Networks Media Player for Internet Explorer
Mozilla Firefox (2.0.0.20) (Version: 2.0.0.20 (en-US))
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Nero Suite
NetDeviceManager (Version: 100.0.170.000)
NOOK for PC (Version: 2.5.1.237)
Nuance PaperPort 12 (Version: 12.1.0006)
Nuance PDF Viewer Plus (Version: 5.30.3290)
NutritionCalc Plus (Version: 2.00.0000)
NVIDIA Drivers
OpenAL
PanoStandAlone (Version: 90.0.146.000)
PaperPort Image Printer (Version: 14.00.0000)
ps_aio_02_corporate (Version: 90.0.235.000)
PS_AIO_02_ProductContext (Version: 90.0.222.000)
PS_AIO_02_Software (Version: 90.0.222.000)
PS_AIO_02_Software_Min (Version: 100.0.206.000)
PS_AIO_02_Software_min (Version: 90.0.222.000)
PSSWCORE (Version: 2.01.0000)
Python 2.5 numpy-1.0.3
Python 2.5.1
QuickPar 0.9 (Version: 0.9)
QuickTime (Version: 7.70.80.34)
RealPlayer
Scan (Version: 10.1.0.0)
Scansoft PDF Professional
Skype™ 6.3 (Version: 6.3.107)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 90.0.146.000)
Status (Version: 90.0.146.000)
TeamSpeak 2 RC2 (Version: 2.0.32.60)
TeamSpeak Overlay BETA 2 (#63)
Toolbox (Version: 100.0.170.000)
TrayApp (Version: 90.0.146.000)
TTWin3
TurboTax 2008
TurboTax 2008 WinPerFedFormset (Version: 008.000.0330)
TurboTax 2008 WinPerProgramHelp (Version: 008.000.0216)
TurboTax 2008 WinPerReleaseEngine (Version: 008.000.0186)
TurboTax 2008 WinPerTaxSupport (Version: 008.000.0988)
TurboTax 2008 WinPerUserEducation (Version: 008.000.0422)
TurboTax 2008 wmdiper (Version: 008.000.0120)
TurboTax 2008 wrapper (Version: 008.000.0063)
TurboTax 2009
TurboTax 2009 WinPerFedFormset (Version: 009.000.1925)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0316)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0234)
TurboTax 2009 wmdiper (Version: 009.000.0624)
TurboTax 2009 wrapper (Version: 009.000.0145)
TurboTax 2010
TurboTax 2010 WinPerFedFormset (Version: 010.000.3796)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0443)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0211)
TurboTax 2010 wmdiper (Version: 010.000.1181)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.2675)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0436)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0210)
TurboTax 2011 wmdiper (Version: 011.000.1374)
TurboTax 2011 wrapper (Version: 011.000.0120)
TurboTax 2012 (Version: 2012.0)
TurboTax 2012 WinPerFedFormset (Version: 012.000.1881)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0419)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0178)
TurboTax 2012 wmdiper (Version: 012.000.1236)
TurboTax 2012 wrapper (Version: 012.000.0127)
TurboTax Deluxe 2007
UnloadSupport (Version: 9.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Videora iPod touch Converter 4.07 (Version: 4.07)
VideoToolkit01 (Version: 90.0.146.000)
Vista Codec Package (Version: 4.7.0)
Visual Basic for Applications ® Core - English (Version: 6.5.10.32)
Visual Basic for Applications ® Core (Version: 6.5.10.32)
Walmart MP3 Music Downloads (Version: 1.0.3.3)
WebEx
WebReg (Version: 90.0.146.000)
WinRAR archiver
YouTube Downloader App 1.02 (Version: 1.02)

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 3581.56 MB
Available physical RAM: 2108.44 MB
Total Pagefile: 7349.11 MB
Available Pagefile: 5757.76 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.14 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:232.88 GB) (Free:28.38 GB) NTFS
3 Drive d: () (Fixed) (Total:232.88 GB) (Free:40.32 GB) NTFS
4 Drive e: (Pat Rogers - Basic Carbine) (CDROM) (Total:7.83 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\VISTABOX

Administrator Deb Guest
Heather Jim Mcx1
Robyn


**** End of log ****

TDSS Killer LOG

08:22:11.0248 1688 TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
08:22:11.0576 1688 ============================================================
08:22:11.0576 1688 Current date / time: 2013/08/14 08:22:11.0576
08:22:11.0576 1688 SystemInfo:
08:22:11.0576 1688
08:22:11.0576 1688 OS Version: 6.0.6002 ServicePack: 2.0
08:22:11.0576 1688 Product type: Workstation
08:22:11.0576 1688 ComputerName: VISTABOX
08:22:11.0576 1688 UserName: Jim
08:22:11.0576 1688 Windows directory: C:\Windows
08:22:11.0576 1688 System windows directory: C:\Windows
08:22:11.0576 1688 Processor architecture: Intel x86
08:22:11.0576 1688 Number of processors: 2
08:22:11.0576 1688 Page size: 0x1000
08:22:11.0576 1688 Boot type: Normal boot
08:22:11.0576 1688 ============================================================
08:22:13.0185 1688 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
08:22:13.0185 1688 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:22:13.0201 1688 ============================================================
08:22:13.0201 1688 \Device\Harddisk0\DR0:
08:22:13.0201 1688 MBR partitions:
08:22:13.0201 1688 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
08:22:13.0201 1688 \Device\Harddisk1\DR1:
08:22:13.0201 1688 MBR partitions:
08:22:13.0201 1688 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
08:22:13.0201 1688 ============================================================
08:22:13.0373 1688 C: <-> \Device\Harddisk0\DR0\Partition1
08:22:13.0404 1688 D: <-> \Device\Harddisk1\DR1\Partition1
08:22:13.0404 1688 ============================================================
08:22:13.0404 1688 Initialize success
08:22:13.0404 1688 ============================================================
08:23:01.0970 3948 ============================================================
08:23:01.0970 3948 Scan started
08:23:01.0970 3948 Mode: Manual; TDLFS;
08:23:01.0970 3948 ============================================================
08:23:03.0141 3948 ================ Scan system memory ========================
08:23:03.0141 3948 System memory - ok
08:23:03.0141 3948 ================ Scan services =============================
08:23:04.0798 3948 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
08:23:04.0798 3948 ACPI - ok
08:23:05.0079 3948 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
08:23:05.0079 3948 AdobeARMservice - ok
08:23:05.0423 3948 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:23:05.0470 3948 AdobeFlashPlayerUpdateSvc - ok
08:23:05.0548 3948 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
08:23:05.0563 3948 adp94xx - ok
08:23:05.0610 3948 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
08:23:05.0626 3948 adpahci - ok
08:23:05.0657 3948 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
08:23:05.0657 3948 adpu160m - ok
08:23:05.0673 3948 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
08:23:05.0688 3948 adpu320 - ok
08:23:05.0720 3948 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:23:05.0720 3948 AeLookupSvc - ok
08:23:05.0798 3948 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
08:23:05.0813 3948 AFD - ok
08:23:05.0829 3948 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:23:05.0829 3948 agp440 - ok
08:23:05.0860 3948 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
08:23:05.0860 3948 aic78xx - ok
08:23:05.0907 3948 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
08:23:05.0907 3948 ALG - ok
08:23:05.0970 3948 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
08:23:05.0970 3948 aliide - ok
08:23:06.0236 3948 [ 62A91789C1165E86196980827FEF492E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:23:06.0236 3948 AMD External Events Utility - ok
08:23:06.0267 3948 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
08:23:06.0267 3948 amdagp - ok
08:23:06.0314 3948 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
08:23:06.0314 3948 amdide - ok
08:23:06.0330 3948 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
08:23:06.0330 3948 AmdK7 - ok
08:23:06.0361 3948 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:23:06.0361 3948 AmdK8 - ok
08:23:06.0408 3948 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
08:23:06.0408 3948 Appinfo - ok
08:23:06.0502 3948 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:23:06.0533 3948 Apple Mobile Device - ok
08:23:06.0549 3948 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
08:23:06.0549 3948 arc - ok
08:23:06.0596 3948 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
08:23:06.0596 3948 arcsas - ok
08:23:06.0627 3948 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:23:06.0627 3948 AsyncMac - ok
08:23:06.0658 3948 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
08:23:06.0658 3948 atapi - ok
08:23:06.0705 3948 [ 7A38872F458C2F24A40FBE98AEAB4AAB ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
08:23:06.0705 3948 AtiHdmiService - ok
08:23:07.0424 3948 [ FCD4C95B1CB2A7DFBF8DF5609C74734A ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:23:07.0580 3948 atikmdag - ok
08:23:07.0658 3948 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:23:07.0658 3948 AudioEndpointBuilder - ok
08:23:07.0767 3948 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
08:23:07.0767 3948 Audiosrv - ok
08:23:08.0861 3948 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
08:23:09.0142 3948 AVGIDSAgent - ok
08:23:09.0189 3948 [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
08:23:09.0189 3948 AVGIDSDriver - ok
08:23:09.0221 3948 [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
08:23:09.0221 3948 AVGIDSHX - ok
08:23:09.0236 3948 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
08:23:09.0236 3948 AVGIDSShim - ok
08:23:09.0252 3948 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
08:23:09.0252 3948 Avgldx86 - ok
08:23:09.0283 3948 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
08:23:09.0283 3948 Avglogx - ok
08:23:09.0330 3948 [ AF7AA9BA434CD28833A66E90993E8DFD ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
08:23:09.0330 3948 Avgmfx86 - ok
08:23:09.0330 3948 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
08:23:09.0330 3948 Avgrkx86 - ok
08:23:09.0346 3948 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
08:23:09.0346 3948 Avgtdix - ok
08:23:09.0377 3948 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
08:23:09.0377 3948 avgwd - ok
08:23:09.0408 3948 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
08:23:09.0408 3948 Beep - ok
08:23:09.0486 3948 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
08:23:09.0533 3948 BFE - ok
08:23:09.0596 3948 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
08:23:09.0611 3948 BITS - ok
08:23:09.0611 3948 blbdrive - ok
08:23:09.0705 3948 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:23:09.0752 3948 Bonjour Service - ok
08:23:09.0830 3948 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:23:09.0846 3948 bowser - ok
08:23:09.0892 3948 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
08:23:09.0892 3948 BrFiltLo - ok
08:23:09.0908 3948 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
08:23:09.0908 3948 BrFiltUp - ok
08:23:09.0939 3948 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
08:23:09.0939 3948 Browser - ok
08:23:09.0955 3948 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
08:23:09.0955 3948 Brserid - ok
08:23:09.0986 3948 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
08:23:09.0986 3948 BrSerWdm - ok
08:23:10.0002 3948 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
08:23:10.0002 3948 BrUsbMdm - ok
08:23:10.0017 3948 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
08:23:10.0017 3948 BrUsbSer - ok
08:23:10.0268 3948 [ 065818B8A2CD7F08D6DC8C598191548C ] BrYNSvc C:\Program Files\Browny02\BrYNSvc.exe
08:23:10.0268 3948 BrYNSvc - ok
08:23:10.0300 3948 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
08:23:10.0300 3948 BTHMODEM - ok
08:23:10.0347 3948 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:23:10.0347 3948 cdfs - ok
08:23:10.0378 3948 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:23:10.0393 3948 cdrom - ok
08:23:10.0440 3948 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
08:23:10.0440 3948 CertPropSvc - ok
08:23:10.0534 3948 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
08:23:10.0565 3948 circlass - ok
08:23:10.0784 3948 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
08:23:10.0800 3948 CLFS - ok
08:23:10.0925 3948 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:23:10.0940 3948 clr_optimization_v2.0.50727_32 - ok
08:23:11.0097 3948 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:23:11.0128 3948 clr_optimization_v4.0.30319_32 - ok
08:23:11.0159 3948 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:23:11.0159 3948 cmdide - ok
08:23:11.0237 3948 [ 8B7544FC15A4108AD981B0D46245A495 ] COMMONFX.DLL C:\Windows\system32\COMMONFX.DLL
08:23:11.0253 3948 COMMONFX.DLL - ok
08:23:11.0284 3948 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
08:23:11.0284 3948 Compbatt - ok
08:23:11.0300 3948 COMSysApp - ok
08:23:11.0347 3948 [ A7BBD74B1FE573E0DD83AC488523A982 ] CP_OMDRV C:\Windows\system32\drivers\omdrv.sys
08:23:11.0347 3948 CP_OMDRV - ok
08:23:11.0362 3948 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
08:23:11.0362 3948 crcdisk - ok
08:23:11.0409 3948 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
08:23:11.0440 3948 Crusoe - ok
08:23:11.0565 3948 [ 3EDE4C1F9672C972479201544969ADCB ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:23:11.0565 3948 CryptSvc - ok
08:23:11.0643 3948 [ CD60EEE60061F6923AD52AD98164756A ] CT20XUT.DLL C:\Windows\system32\CT20XUT.DLL
08:23:11.0643 3948 CT20XUT.DLL - ok
08:23:11.0690 3948 [ FC539EBD3F527C1A95056582BE001333 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys
08:23:11.0690 3948 ctac32k - ok
08:23:11.0737 3948 [ C960B134ABFEFE628C73CB5910431784 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys
08:23:11.0737 3948 ctaud2k - ok
08:23:11.0815 3948 [ 0A83EEE9AC3DC6CF5B3C4106D4534CAD ] CTAUDFX.DLL C:\Windows\system32\CTAUDFX.DLL
08:23:11.0831 3948 CTAUDFX.DLL - ok
08:23:12.0128 3948 [ 7DC675BDEDDD4585EAAB4F3C96B8EE95 ] ctdvda2k C:\Windows\system32\drivers\ctdvda2k.sys
08:23:12.0207 3948 ctdvda2k - ok
08:23:12.0254 3948 [ 307C9B97FFF47FA5B1B50FB782B8CEBB ] CTEAPSFX.DLL C:\Windows\system32\CTEAPSFX.DLL
08:23:12.0254 3948 CTEAPSFX.DLL - ok
08:23:12.0301 3948 [ 24A14B66977468A78722D74009B3EF66 ] CTEDSPFX.DLL C:\Windows\system32\CTEDSPFX.DLL
08:23:12.0316 3948 CTEDSPFX.DLL - ok
08:23:12.0348 3948 [ 07F5BFE4039F52767237C52968AC00FB ] CTEDSPIO.DLL C:\Windows\system32\CTEDSPIO.DLL
08:23:12.0348 3948 CTEDSPIO.DLL - ok
08:23:12.0363 3948 [ 38FD006DB54E12B10D57F357B125D832 ] CTEDSPSY.DLL C:\Windows\system32\CTEDSPSY.DLL
08:23:12.0394 3948 CTEDSPSY.DLL - ok
08:23:12.0410 3948 [ 7C36C06FAF603E45F5FDDA8A159480A5 ] CTERFXFX.DLL C:\Windows\system32\CTERFXFX.DLL
08:23:12.0410 3948 CTERFXFX.DLL - ok
08:23:12.0473 3948 [ 1AD187452B93331E02DB8E2B001CAAB2 ] CTEXFIFX.DLL C:\Windows\system32\CTEXFIFX.DLL
08:23:12.0473 3948 CTEXFIFX.DLL - ok
08:23:12.0535 3948 [ 5993A4CFF9D83708C5DE6A5FD31F2E07 ] CTHWIUT.DLL C:\Windows\system32\CTHWIUT.DLL
08:23:12.0535 3948 CTHWIUT.DLL - ok
08:23:12.0598 3948 [ 72D9F491120DE6FF1B12145C4B7A228C ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys
08:23:12.0598 3948 ctprxy2k - ok
08:23:12.0785 3948 [ 568B182244309360EDB3C445CB319395 ] CTSBLFX.DLL C:\Windows\system32\CTSBLFX.DLL
08:23:12.0801 3948 CTSBLFX.DLL - ok
08:23:12.0926 3948 [ E76C6A81B65AE230D0DDCFFE3B06A806 ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
08:23:12.0926 3948 ctsfm2k - ok
08:23:13.0223 3948 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:23:13.0223 3948 DcomLaunch - ok
08:23:13.0285 3948 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:23:13.0301 3948 DfsC - ok
08:23:13.0394 3948 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
08:23:13.0457 3948 DFSR - ok
08:23:13.0519 3948 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
08:23:13.0519 3948 Dhcp - ok
08:23:13.0535 3948 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
08:23:13.0535 3948 disk - ok
08:23:13.0582 3948 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:23:13.0598 3948 Dnscache - ok
08:23:13.0629 3948 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:23:13.0629 3948 dot3svc - ok
08:23:13.0660 3948 [ 4F59C172C094E1A1D46463A8DC061CBD ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
08:23:13.0691 3948 dot4 - ok
08:23:13.0723 3948 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
08:23:13.0723 3948 Dot4Print - ok
08:23:13.0754 3948 [ A84D8A9006B1AE515CC7B6B3586C295A ] Dot4Scan C:\Windows\system32\DRIVERS\Dot4Scan.sys
08:23:13.0754 3948 Dot4Scan - ok
08:23:13.0769 3948 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
08:23:13.0769 3948 dot4usb - ok
08:23:13.0801 3948 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
08:23:13.0801 3948 DPS - ok
08:23:13.0832 3948 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:23:13.0832 3948 drmkaud - ok
08:23:13.0926 3948 [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:23:13.0941 3948 DXGKrnl - ok
08:23:14.0004 3948 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
08:23:14.0019 3948 E1G60 - ok
08:23:14.0051 3948 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
08:23:14.0051 3948 EapHost - ok
08:23:14.0098 3948 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
08:23:14.0113 3948 Ecache - ok
08:23:14.0191 3948 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:23:14.0207 3948 ehRecvr - ok
08:23:14.0254 3948 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
08:23:14.0254 3948 ehSched - ok
08:23:14.0269 3948 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
08:23:14.0269 3948 ehstart - ok
08:23:14.0332 3948 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
08:23:14.0348 3948 elxstor - ok
08:23:14.0519 3948 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
08:23:14.0519 3948 EMDMgmt - ok
08:23:14.0582 3948 [ EBBFE1141A6C8D93898280501BB03CEA ] emupia C:\Windows\system32\drivers\emupia2k.sys
08:23:14.0582 3948 emupia - ok
08:23:14.0644 3948 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
08:23:14.0644 3948 EventSystem - ok
08:23:14.0660 3948 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
08:23:14.0660 3948 exfat - ok
08:23:14.0723 3948 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:23:14.0723 3948 fastfat - ok
08:23:14.0769 3948 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:23:14.0769 3948 fdc - ok
08:23:14.0785 3948 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
08:23:14.0785 3948 fdPHost - ok
08:23:14.0816 3948 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
08:23:14.0816 3948 FDResPub - ok
08:23:14.0863 3948 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:23:14.0863 3948 FileInfo - ok
08:23:14.0894 3948 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:23:14.0894 3948 Filetrace - ok
08:23:14.0910 3948 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:23:14.0910 3948 flpydisk - ok
08:23:14.0973 3948 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:23:14.0973 3948 FltMgr - ok
08:23:15.0176 3948 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
08:23:15.0176 3948 FontCache - ok
08:23:15.0254 3948 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
08:23:15.0269 3948 FontCache3.0.0.0 - ok
08:23:15.0301 3948 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:23:15.0316 3948 Fs_Rec - ok
08:23:15.0394 3948 [ D45FE6AE336AFB38B0B3948300698465 ] FW1 C:\Windows\system32\DRIVERS\fw.sys
08:23:15.0457 3948 FW1 - ok
08:23:15.0535 3948 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
08:23:15.0551 3948 gagp30kx - ok
08:23:15.0629 3948 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
08:23:15.0629 3948 GEARAspiWDM - ok
08:23:15.0723 3948 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
08:23:15.0723 3948 gpsvc - ok
08:23:15.0769 3948 [ D956358054E99E6FFAC69CD87E893A89 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
08:23:15.0769 3948 grmnusb - ok
08:23:15.0894 3948 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c98eb5ace03d5e C:\Program Files\Google\Update\GoogleUpdate.exe
08:23:15.0894 3948 gupdate1c98eb5ace03d5e - ok
08:23:15.0910 3948 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
08:23:15.0910 3948 gupdatem - ok
08:23:16.0004 3948 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
08:23:16.0004 3948 gusvc - ok
08:23:16.0082 3948 [ 963174D60FBD90722051383A7B207AB6 ] ha20x2k C:\Windows\system32\drivers\ha20x2k.sys
08:23:16.0098 3948 ha20x2k - ok
08:23:16.0129 3948 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:23:16.0144 3948 HdAudAddService - ok
08:23:16.0191 3948 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
08:23:16.0207 3948 HDAudBus - ok
08:23:16.0269 3948 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
08:23:16.0285 3948 HidBth - ok
08:23:16.0301 3948 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
08:23:16.0301 3948 HidIr - ok
08:23:16.0348 3948 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
08:23:16.0348 3948 hidserv - ok
08:23:16.0379 3948 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:23:16.0379 3948 HidUsb - ok
08:23:16.0441 3948 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:23:16.0441 3948 hkmsvc - ok
08:23:16.0457 3948 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
08:23:16.0457 3948 HpCISSs - ok
08:23:16.0691 3948 [ 38D6B51F04DEF7FB248FA56E4C47407E ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
08:23:16.0707 3948 hpqcxs08 - ok
08:23:16.0754 3948 [ 3EE4A63539EC04EE2D4BD293985087AB ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
08:23:16.0754 3948 hpqddsvc - ok
08:23:16.0832 3948 [ 75F122CDCA3C71BD09089F2CA824B796 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
08:23:16.0863 3948 HPSLPSVC - ok
08:23:17.0113 3948 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:23:17.0144 3948 HTTP - ok
08:23:17.0191 3948 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
08:23:17.0191 3948 i2omp - ok
08:23:17.0238 3948 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:23:17.0238 3948 i8042prt - ok
08:23:17.0254 3948 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
08:23:17.0254 3948 iaStorV - ok
08:23:17.0301 3948 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
08:23:17.0316 3948 IDriverT - ok
08:23:17.0457 3948 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:23:17.0488 3948 idsvc - ok
08:23:17.0519 3948 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
08:23:17.0519 3948 iirsp - ok
08:23:17.0644 3948 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
08:23:17.0644 3948 IKEEXT - ok
08:23:17.0676 3948 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
08:23:17.0676 3948 intelide - ok
08:23:17.0707 3948 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:23:17.0707 3948 intelppm - ok
08:23:17.0816 3948 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
08:23:17.0816 3948 IntuitUpdateService - ok
08:23:17.0941 3948 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
08:23:17.0941 3948 IntuitUpdateServiceV4 - ok
08:23:17.0988 3948 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:23:17.0988 3948 IPBusEnum - ok
08:23:18.0035 3948 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:23:18.0051 3948 IpFilterDriver - ok
08:23:18.0082 3948 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:23:18.0098 3948 iphlpsvc - ok
08:23:18.0098 3948 IpInIp - ok
08:23:18.0129 3948 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
08:23:18.0144 3948 IPMIDRV - ok
08:23:18.0191 3948 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
08:23:18.0191 3948 IPNAT - ok
08:23:18.0238 3948 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:23:18.0269 3948 iPod Service - ok
08:23:18.0316 3948 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:23:18.0316 3948 IRENUM - ok
08:23:18.0348 3948 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:23:18.0348 3948 isapnp - ok
08:23:18.0410 3948 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
08:23:18.0410 3948 iScsiPrt - ok
08:23:18.0426 3948 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
08:23:18.0426 3948 iteatapi - ok
08:23:18.0441 3948 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
08:23:18.0441 3948 iteraid - ok
08:23:18.0473 3948 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:23:18.0473 3948 kbdclass - ok
08:23:18.0535 3948 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:23:18.0566 3948 kbdhid - ok
08:23:18.0613 3948 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
08:23:18.0613 3948 KeyIso - ok
08:23:18.0801 3948 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:23:18.0816 3948 KSecDD - ok
08:23:18.0848 3948 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
08:23:18.0863 3948 KtmRm - ok
08:23:18.0957 3948 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
08:23:18.0957 3948 LanmanServer - ok
08:23:19.0035 3948 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:23:19.0035 3948 LanmanWorkstation - ok
08:23:19.0082 3948 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:23:19.0082 3948 lltdio - ok
08:23:19.0176 3948 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:23:19.0191 3948 lltdsvc - ok
08:23:19.0238 3948 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:23:19.0238 3948 lmhosts - ok
08:23:19.0316 3948 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
08:23:19.0348 3948 LSI_FC - ok
08:23:19.0379 3948 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
08:23:19.0379 3948 LSI_SAS - ok
08:23:19.0410 3948 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
08:23:19.0410 3948 LSI_SCSI - ok
08:23:19.0488 3948 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
08:23:19.0488 3948 luafv - ok
08:23:19.0551 3948 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:23:19.0551 3948 Mcx2Svc - ok
08:23:19.0582 3948 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
08:23:19.0582 3948 megasas - ok
08:23:19.0613 3948 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
08:23:19.0613 3948 MMCSS - ok
08:23:19.0629 3948 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
08:23:19.0644 3948 Modem - ok
08:23:19.0707 3948 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:23:19.0707 3948 monitor - ok
08:23:19.0738 3948 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:23:19.0754 3948 mouclass - ok
08:23:19.0801 3948 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:23:19.0801 3948 mouhid - ok
08:23:19.0832 3948 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
08:23:19.0832 3948 MountMgr - ok
08:23:19.0863 3948 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
08:23:19.0863 3948 mpio - ok
08:23:19.0894 3948 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:23:19.0894 3948 mpsdrv - ok
08:23:20.0144 3948 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
08:23:20.0176 3948 MpsSvc - ok
08:23:20.0223 3948 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
08:23:20.0223 3948 Mraid35x - ok
08:23:20.0269 3948 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:23:20.0269 3948 MRxDAV - ok
08:23:20.0348 3948 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:23:20.0348 3948 mrxsmb - ok
08:23:20.0363 3948 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:23:20.0379 3948 mrxsmb10 - ok
08:23:20.0379 3948 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:23:20.0379 3948 mrxsmb20 - ok
08:23:20.0394 3948 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
08:23:20.0394 3948 msahci - ok
08:23:20.0410 3948 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:23:20.0410 3948 msdsm - ok
08:23:20.0535 3948 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
08:23:20.0551 3948 MSDTC - ok
08:23:20.0598 3948 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:23:20.0598 3948 Msfs - ok
08:23:20.0644 3948 [ 01446556C149BBA152E2FF79E296889F ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
08:23:20.0660 3948 MSHUSBVideo - ok
08:23:20.0676 3948 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:23:20.0676 3948 msisadrv - ok
08:23:20.0707 3948 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:23:20.0723 3948 MSiSCSI - ok
08:23:20.0738 3948 msiserver - ok
08:23:20.0769 3948 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:23:20.0769 3948 MSKSSRV - ok
08:23:20.0801 3948 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:23:20.0801 3948 MSPCLOCK - ok
08:23:20.0816 3948 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:23:20.0816 3948 MSPQM - ok
08:23:20.0863 3948 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:23:20.0863 3948 MsRPC - ok
08:23:20.0894 3948 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
08:23:20.0894 3948 mssmbios - ok
08:23:20.0910 3948 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:23:20.0910 3948 MSTEE - ok
08:23:20.0941 3948 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
08:23:20.0941 3948 MTsensor - ok
08:23:20.0988 3948 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
08:23:21.0004 3948 Mup - ok
08:23:21.0051 3948 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
08:23:21.0082 3948 napagent - ok
08:23:21.0129 3948 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:23:21.0129 3948 NativeWifiP - ok
08:23:21.0285 3948 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:23:21.0301 3948 NDIS - ok
08:23:21.0348 3948 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:23:21.0348 3948 NdisTapi - ok
08:23:21.0379 3948 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:23:21.0426 3948 Ndisuio - ok
08:23:21.0457 3948 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:23:21.0504 3948 NdisWan - ok
08:23:21.0551 3948 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:23:21.0566 3948 NDProxy - ok
08:23:21.0613 3948 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
08:23:21.0613 3948 Net Driver HPZ12 - ok
08:23:21.0644 3948 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:23:21.0644 3948 NetBIOS - ok
08:23:21.0660 3948 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
08:23:21.0660 3948 netbt - ok
08:23:21.0660 3948 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
08:23:21.0676 3948 Netlogon - ok
08:23:21.0707 3948 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
08:23:21.0707 3948 Netman - ok
08:23:21.0801 3948 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
08:23:21.0816 3948 netprofm - ok
08:23:21.0848 3948 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:23:21.0848 3948 NetTcpPortSharing - ok
08:23:21.0879 3948 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
08:23:21.0879 3948 nfrd960 - ok
08:23:21.0910 3948 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:23:21.0910 3948 NlaSvc - ok
08:23:21.0973 3948 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:23:22.0004 3948 Npfs - ok
08:23:22.0035 3948 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
08:23:22.0035 3948 nsi - ok
08:23:22.0051 3948 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:23:22.0051 3948 nsiproxy - ok
08:23:22.0176 3948 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:23:22.0207 3948 Ntfs - ok
08:23:22.0238 3948 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
08:23:22.0238 3948 ntrigdigi - ok
08:23:22.0269 3948 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
08:23:22.0269 3948 Null - ok
08:23:22.0301 3948 [ 1657F3FBD9061526C14FF37E79306F98 ] NVENETFD C:\Windows\system32\DRIVERS\nvm60x32.sys
08:23:22.0316 3948 NVENETFD - ok
08:23:22.0629 3948 [ 1BFBB2820433236BE0877629EFFCF067 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:23:22.0863 3948 nvlddmkm - ok
08:23:22.0910 3948 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:23:22.0926 3948 nvraid - ok
08:23:22.0957 3948 [ 4A5FCAB82D9BF6AF8A023A66802FE9E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:23:22.0957 3948 nvstor - ok
08:23:22.0973 3948 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:23:22.0988 3948 nv_agp - ok
08:23:22.0988 3948 NwlnkFlt - ok
08:23:23.0004 3948 NwlnkFwd - ok
08:23:23.0176 3948 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:23:23.0191 3948 odserv - ok
08:23:23.0238 3948 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
08:23:23.0238 3948 ohci1394 - ok
08:23:23.0269 3948 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:23:23.0269 3948 ose - ok
08:23:23.0301 3948 [ 58ED675E69DBE2F58213EC5577D9606A ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
08:23:23.0301 3948 ossrv - ok
08:23:23.0473 3948 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
08:23:23.0473 3948 p2pimsvc - ok
08:23:23.0566 3948 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
08:23:23.0566 3948 p2psvc - ok
08:23:23.0598 3948 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:23:23.0598 3948 Parport - ok
08:23:23.0676 3948 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:23:23.0676 3948 partmgr - ok
08:23:23.0723 3948 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
08:23:23.0723 3948 Parvdm - ok
08:23:23.0754 3948 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
08:23:23.0754 3948 PcaSvc - ok
08:23:23.0785 3948 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
08:23:23.0785 3948 pci - ok
08:23:23.0801 3948 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
08:23:23.0801 3948 pciide - ok
08:23:23.0832 3948 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
08:23:23.0848 3948 pcmcia - ok
08:23:24.0019 3948 [ 7CADB4ABAE72390951886CF259791F5F ] PDFProFiltSrvPP C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
08:23:24.0035 3948 PDFProFiltSrvPP - ok
08:23:24.0066 3948 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:23:24.0098 3948 PEAUTH - ok
08:23:24.0207 3948 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
08:23:24.0207 3948 pla - ok
08:23:24.0332 3948 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:23:24.0332 3948 PlugPlay - ok
08:23:24.0363 3948 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
08:23:24.0379 3948 Pml Driver HPZ12 - ok
08:23:24.0410 3948 [ 831883B107684301F48ACE752C963984 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
08:23:24.0410 3948 PnkBstrA - ok
08:23:24.0473 3948 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
08:23:24.0473 3948 PNRPAutoReg - ok
08:23:24.0582 3948 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
08:23:24.0582 3948 PNRPsvc - ok
08:23:24.0785 3948 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:23:24.0785 3948 PolicyAgent - ok
08:23:24.0832 3948 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:23:24.0848 3948 PptpMiniport - ok
08:23:24.0863 3948 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
08:23:24.0863 3948 Processor - ok
08:23:24.0957 3948 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
08:23:24.0957 3948 ProfSvc - ok
08:23:25.0004 3948 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
08:23:25.0004 3948 ProtectedStorage - ok
08:23:25.0066 3948 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
08:23:25.0082 3948 PSched - ok
08:23:25.0129 3948 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
08:23:25.0160 3948 ql2300 - ok
08:23:25.0191 3948 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
08:23:25.0191 3948 ql40xx - ok
08:23:25.0223 3948 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
08:23:25.0239 3948 QWAVE - ok
08:23:25.0255 3948 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:23:25.0270 3948 QWAVEdrv - ok
08:23:25.0552 3948 [ FCD4C95B1CB2A7DFBF8DF5609C74734A ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
08:23:25.0583 3948 R300 - ok
08:23:25.0630 3948 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:23:25.0630 3948 RasAcd - ok
08:23:25.0661 3948 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
08:23:25.0661 3948 RasAuto - ok
08:23:25.0708 3948 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:23:25.0708 3948 Rasl2tp - ok
08:23:25.0786 3948 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
08:23:25.0786 3948 RasMan - ok
08:23:25.0848 3948 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:23:25.0848 3948 RasPppoe - ok
08:23:25.0864 3948 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:23:25.0864 3948 RasSstp - ok
08:23:25.0927 3948 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:23:25.0927 3948 rdbss - ok
08:23:25.0942 3948 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:23:25.0942 3948 RDPCDD - ok
08:23:25.0973 3948 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
08:23:25.0973 3948 rdpdr - ok
08:23:25.0989 3948 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:23:25.0989 3948 RDPENCDD - ok
08:23:26.0114 3948 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:23:26.0130 3948 RDPWD - ok
08:23:26.0161 3948 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:23:26.0177 3948 RemoteAccess - ok
08:23:26.0286 3948 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:23:26.0286 3948 RemoteRegistry - ok
08:23:26.0364 3948 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
08:23:26.0364 3948 RimUsb - ok
08:23:26.0395 3948 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
08:23:26.0395 3948 RpcLocator - ok
08:23:26.0473 3948 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
08:23:26.0473 3948 RpcSs - ok
08:23:26.0536 3948 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:23:26.0536 3948 rspndr - ok
08:23:26.0552 3948 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
08:23:26.0552 3948 SamSs - ok
08:23:26.0598 3948 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:23:26.0677 3948 sbp2port - ok
08:23:26.0708 3948 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:23:26.0723 3948 SCardSvr - ok
08:23:26.0786 3948 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
08:23:26.0786 3948 Schedule - ok
08:23:26.0848 3948 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
08:23:26.0848 3948 SCPolicySvc - ok
08:23:26.0880 3948 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:23:26.0880 3948 SDRSVC - ok
08:23:26.0911 3948 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:23:26.0911 3948 secdrv - ok
08:23:26.0942 3948 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
08:23:26.0942 3948 seclogon - ok
08:23:26.0958 3948 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
08:23:26.0958 3948 SENS - ok
08:23:26.0989 3948 [ 6CD8DC61304BF5CA16FE48DC3039CC05 ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl.sys
08:23:27.0005 3948 Ser2pl - ok
08:23:27.0036 3948 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:23:27.0036 3948 Serenum - ok
08:23:27.0036 3948 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:23:27.0036 3948 Serial - ok
08:23:27.0067 3948 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
08:23:27.0067 3948 sermouse - ok
08:23:27.0098 3948 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
08:23:27.0098 3948 SessionEnv - ok
08:23:27.0114 3948 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:23:27.0114 3948 sffdisk - ok
08:23:27.0130 3948 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:23:27.0130 3948 sffp_mmc - ok
08:23:27.0161 3948 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:23:27.0161 3948 sffp_sd - ok
08:23:27.0177 3948 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
08:23:27.0177 3948 sfloppy - ok
08:23:27.0286 3948 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:23:27.0286 3948 ShellHWDetection - ok
08:23:27.0317 3948 [ 8DF166BAA3301FAE21DB647BA88B1FDF ] SI3112 C:\Windows\system32\drivers\si3112.sys
08:23:27.0333 3948 SI3112 - ok
08:23:27.0348 3948 [ 1EF3C18C354CE300F22B84E63DF6A853 ] SiFilter C:\Windows\system32\drivers\siwinacc.sys
08:23:27.0348 3948 SiFilter - ok
08:23:27.0348 3948 [ 51FF6A650980EB887C90E74F0856226B ] SiRemFil C:\Windows\system32\drivers\siremfil.sys
08:23:27.0348 3948 SiRemFil - ok
08:23:27.0364 3948 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
08:23:27.0380 3948 sisagp - ok
08:23:27.0395 3948 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
08:23:27.0395 3948 SiSRaid2 - ok
08:23:27.0411 3948 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
08:23:27.0411 3948 SiSRaid4 - ok
08:23:27.0473 3948 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
08:23:27.0473 3948 SkypeUpdate - ok
08:23:27.0614 3948 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
08:23:27.0645 3948 slsvc - ok
08:23:27.0677 3948 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
08:23:27.0692 3948 SLUINotify - ok
08:23:27.0739 3948 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:23:27.0739 3948 Smb - ok
08:23:27.0770 3948 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:23:27.0770 3948 SNMPTRAP - ok
08:23:27.0817 3948 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
08:23:27.0817 3948 spldr - ok
08:23:27.0864 3948 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
08:23:27.0864 3948 Spooler - ok
08:23:28.0036 3948 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
08:23:28.0052 3948 srv - ok
08:23:28.0098 3948 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:23:28.0098 3948 srv2 - ok
08:23:28.0161 3948 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:23:28.0161 3948 srvnet - ok
08:23:28.0223 3948 [ A66600400DCC78E55783417F4D7F537A ] SR_Service C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
08:23:28.0223 3948 SR_Service - ok
08:23:28.0223 3948 [ 4B138C53D5B10C0477094719C930916E ] SR_Watchdog C:\Program Files\CheckPoint\SecuRemote\bin\SR_Watchdog.exe
08:23:28.0239 3948 SR_Watchdog - ok
08:23:28.0255 3948 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:23:28.0255 3948 SSDPSRV - ok
08:23:28.0302 3948 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:23:28.0302 3948 SstpSvc - ok
08:23:28.0333 3948 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
08:23:28.0333 3948 StillCam - ok
08:23:28.0395 3948 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
08:23:28.0411 3948 stisvc - ok
08:23:28.0411 3948 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
08:23:28.0411 3948 swenum - ok
08:23:28.0489 3948 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
08:23:28.0489 3948 swprv - ok
08:23:28.0536 3948 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
08:23:28.0552 3948 Symc8xx - ok
08:23:28.0567 3948 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
08:23:28.0567 3948 Sym_hi - ok
08:23:28.0614 3948 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
08:23:28.0614 3948 Sym_u3 - ok
08:23:28.0645 3948 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
08:23:28.0645 3948 SysMain - ok
08:23:28.0677 3948 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:23:28.0692 3948 TabletInputService - ok
08:23:28.0770 3948 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:23:28.0770 3948 TapiSrv - ok
08:23:28.0802 3948 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
08:23:28.0802 3948 TBS - ok
08:23:28.0958 3948 [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:23:28.0973 3948 Tcpip - ok
08:23:29.0020 3948 [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
08:23:29.0020 3948 Tcpip6 - ok
08:23:29.0098 3948 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:23:29.0098 3948 tcpipreg - ok
08:23:29.0114 3948 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:23:29.0114 3948 TDPIPE - ok
08:23:29.0130 3948 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:23:29.0130 3948 TDTCP - ok
08:23:29.0177 3948 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:23:29.0177 3948 tdx - ok
08:23:29.0192 3948 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
08:23:29.0192 3948 TermDD - ok
08:23:29.0255 3948 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
08:23:29.0270 3948 TermService - ok
08:23:29.0302 3948 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
08:23:29.0302 3948 Themes - ok
08:23:29.0333 3948 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
08:23:29.0333 3948 THREADORDER - ok
08:23:29.0380 3948 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
08:23:29.0380 3948 TrkWks - ok
08:23:29.0473 3948 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:23:29.0473 3948 TrustedInstaller - ok
08:23:29.0505 3948 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:23:29.0505 3948 tssecsrv - ok
08:23:29.0520 3948 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
08:23:29.0536 3948 tunmp - ok
08:23:29.0583 3948 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:23:29.0583 3948 tunnel - ok
08:23:29.0614 3948 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
08:23:29.0614 3948 uagp35 - ok
08:23:29.0661 3948 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:23:29.0661 3948 udfs - ok
08:23:29.0692 3948 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:23:29.0692 3948 UI0Detect - ok
08:23:29.0708 3948 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:23:29.0708 3948 uliagpkx - ok
08:23:29.0723 3948 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
08:23:29.0739 3948 uliahci - ok
08:23:29.0786 3948 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
08:23:29.0786 3948 UlSata - ok
08:23:29.0817 3948 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
08:23:29.0817 3948 ulsata2 - ok
08:23:29.0833 3948 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:23:29.0833 3948 umbus - ok
08:23:29.0864 3948 [ 88BD96A1BAEED33EE8BDF9499C07A841 ] UMPass C:\Windows\system32\DRIVERS\umpass.sys
08:23:29.0864 3948 UMPass - ok
08:23:29.0895 3948 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
08:23:29.0895 3948 upnphost - ok
08:23:29.0942 3948 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
08:23:29.0942 3948 USBAAPL - ok
08:23:29.0989 3948 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
08:23:29.0989 3948 usbaudio - ok
08:23:30.0005 3948 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:23:30.0020 3948 usbccgp - ok
08:23:30.0036 3948 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:23:30.0036 3948 usbcir - ok
08:23:30.0083 3948 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:23:30.0083 3948 usbehci - ok
08:23:30.0114 3948 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:23:30.0114 3948 usbhub - ok
08:23:30.0130 3948 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
08:23:30.0130 3948 usbohci - ok
08:23:30.0161 3948 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
08:23:30.0161 3948 usbprint - ok
08:23:30.0192 3948 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:23:30.0192 3948 USBSTOR - ok
08:23:30.0208 3948 [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
08:23:30.0223 3948 usbuhci - ok
08:23:30.0255 3948 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
08:23:30.0270 3948 usbvideo - ok
08:23:30.0333 3948 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
08:23:30.0333 3948 UxSms - ok
08:23:30.0442 3948 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
08:23:30.0458 3948 vds - ok
08:23:30.0520 3948 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:23:30.0536 3948 vga - ok
08:23:30.0552 3948 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
08:23:30.0552 3948 VgaSave - ok
08:23:30.0583 3948 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
08:23:30.0583 3948 viaagp - ok
08:23:30.0598 3948 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
08:23:30.0598 3948 ViaC7 - ok
08:23:30.0614 3948 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
08:23:30.0614 3948 viaide - ok
08:23:30.0645 3948 [ 13C5292AAB15A261DE2EC006DD224B30 ] VNASC C:\Windows\system32\DRIVERS\vnasc.sys
08:23:30.0645 3948 VNASC - ok
08:23:30.0645 3948 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:23:30.0661 3948 volmgr - ok
08:23:30.0708 3948 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:23:30.0755 3948 volmgrx - ok
08:23:30.0817 3948 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:23:30.0833 3948 volsnap - ok
08:23:30.0864 3948 [ 608498ED89051E89D3E4AD720CA792E5 ] VPN-1 C:\Windows\System32\drivers\vpn.sys
08:23:30.0880 3948 VPN-1 - ok
08:23:30.0895 3948 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
08:23:30.0895 3948 vsmraid - ok
08:23:31.0145 3948 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
08:23:31.0177 3948 VSS - ok
08:23:31.0349 3948 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
08:23:31.0365 3948 W32Time - ok
08:23:31.0412 3948 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
08:23:31.0443 3948 WacomPen - ok
08:23:31.0474 3948 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
08:23:31.0474 3948 Wanarp - ok
08:23:31.0474 3948 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:23:31.0474 3948 Wanarpv6 - ok
08:23:31.0709 3948 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:23:31.0709 3948 wcncsvc - ok
08:23:31.0771 3948 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:23:31.0787 3948 WcsPlugInService - ok
08:23:31.0818 3948 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
08:23:31.0834 3948 Wd - ok
08:23:32.0178 3948 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:23:32.0178 3948 Wdf01000 - ok
08:23:32.0193 3948 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:23:32.0193 3948 WdiServiceHost - ok
08:23:32.0193 3948 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:23:32.0209 3948 WdiSystemHost - ok
08:23:32.0334 3948 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
08:23:32.0334 3948 WebClient - ok
08:23:32.0459 3948 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:23:32.0459 3948 Wecsvc - ok
08:23:32.0506 3948 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:23:32.0521 3948 wercplsupport - ok
08:23:32.0568 3948 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
08:23:32.0568 3948 WerSvc - ok
08:23:32.0568 3948 WinHttpAutoProxySvc - ok
08:23:32.0724 3948 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:23:32.0724 3948 Winmgmt - ok
08:23:32.0803 3948 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
08:23:32.0803 3948 WinRM - ok
08:23:32.0881 3948 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
08:23:32.0896 3948 Wlansvc - ok
08:23:32.0928 3948 [ B3CFCBCC91FF61EF82FC693B8B57E7F0 ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
08:23:32.0928 3948 WmFilter - ok
08:23:32.0959 3948 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:23:32.0959 3948 WmiAcpi - ok
08:23:33.0021 3948 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:23:33.0021 3948 wmiApSrv - ok
08:23:33.0099 3948 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
08:23:33.0099 3948 WMPNetworkSvc - ok
08:23:33.0162 3948 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:23:33.0162 3948 WPCSvc - ok
08:23:33.0209 3948 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:23:33.0224 3948 WPDBusEnum - ok
08:23:33.0287 3948 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
08:23:33.0287 3948 WpdUsb - ok
08:23:33.0537 3948 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
08:23:33.0553 3948 WPFFontCache_v0400 - ok
08:23:33.0615 3948 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:23:33.0631 3948 ws2ifsl - ok
08:23:33.0678 3948 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
08:23:33.0678 3948 wscsvc - ok
08:23:33.0678 3948 WSearch - ok
08:23:33.0818 3948 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
08:23:33.0834 3948 wuauserv - ok
08:23:33.0912 3948 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:23:33.0912 3948 WudfPf - ok
08:23:33.0943 3948 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:23:33.0943 3948 WUDFRd - ok
08:23:34.0037 3948 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:23:34.0037 3948 wudfsvc - ok
08:23:34.0131 3948 [ 556B5CFE8D21B256ADD7F87D7F4B4123 ] {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} C:\Program Files\CyberLink\PowerDVD8\000.fcl
08:23:34.0131 3948 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} - ok
08:23:34.0193 3948 ‮etadpug - ok
08:23:34.0193 3948 ================ Scan global ===============================
08:23:34.0257 3948 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
08:23:34.0382 3948 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
08:23:34.0429 3948 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
08:23:34.0507 3948 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
08:23:34.0507 3948 [Global] - ok
08:23:34.0507 3948 ================ Scan MBR ==================================
08:23:34.0522 3948 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
08:23:35.0194 3948 \Device\Harddisk0\DR0 - ok
08:23:35.0194 3948 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
08:23:35.0272 3948 \Device\Harddisk1\DR1 - ok
08:23:35.0272 3948 ================ Scan VBR ==================================
08:23:35.0288 3948 [ 41957A4E3CB16BA36B61F0F47C68AA1F ] \Device\Harddisk0\DR0\Partition1
08:23:35.0288 3948 \Device\Harddisk0\DR0\Partition1 - ok
08:23:35.0304 3948 [ 05E69C97F4F4221A13654DD8CC57ABF3 ] \Device\Harddisk1\DR1\Partition1
08:23:35.0304 3948 \Device\Harddisk1\DR1\Partition1 - ok
08:23:35.0304 3948 ============================================================
08:23:35.0304 3948 Scan finished
08:23:35.0304 3948 ============================================================
08:23:35.0319 2360 Detected object count: 0
08:23:35.0319 2360 Actual detected object count: 0
08:23:46.0179 5952 Deinitialize success

# AdwCleaner v3.000 - Report created14/08/2013at08:25:49
# Updated 13/08/2013 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Jim - VISTABOX
# Running from : C:\Users\Jim\Desktop\AdwCleaner.exe

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\Red Kawa\Video Converter App\OpenCandy
Folder Deleted : C:\Users\Jim\AppData\Local\Temp\OpenCandy

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16490

[OK] No bad entry found.

-\\ Mozilla Firefox v2.0.0.20 (en-US)

File Deleted : C:\Users\Heather\AppData\Roaming\Mozilla\Firefox\Profiles\ow9m5d4i.default\.autoreg
File Deleted : C:\Program Files\Mozilla Firefox\.autoreg
File Deleted : C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\nvj916cr.default\user.js

[ File : C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\nvj916cr.default\prefs.js ]

[OK] No bad entry found.

[ File : C:\Users\Heather\AppData\Roaming\Mozilla\Firefox\Profiles\ow9m5d4i.default\prefs.js ]

[OK] No bad entry found.

-\\ Google Chrome v28.0.1500.95

Folder Deleted : C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Deleted : C:\Users\Heather\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Deleted : C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\Heather\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

[ File : C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[OK] No bad entry found.

[ File : C:\Users\Deb\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[OK] No bad entry found.

[ File : C:\Users\Heather\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[OK] No bad entry found.

*************************

AdwCleaner[0].txt - [2155 octets] - [14/08/2013 08:25:49]

########## EOF - C:\AdwCleaner\AdwCleaner[0].txt - [2214 octets] ##########


C:\AdwCleaner\Quarantine\C\Program Files\Red Kawa\Video Converter App\OpenCandy\OCSetupHlp.dll.vir Win32/OpenCandy application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Jim\AppData\Local\Temp\OpenCandy\OCSetupHlp.dll.vir Win32/OpenCandy application cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\5D47.tmp Win32/Olmarik.AYY trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\D984.tmp Win32/Olmarik.AYY trojan cleaned by deleting - quarantined
C:\Users\Heather\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G0DX5FNI\Zwinky.exe Win32/AdInstaller application cleaned by deleting - quarantined
C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\C35E4BUU\js[1].php JS/Kryptik.L.Gen trojan cleaned by deleting - quarantined
C:\Users\Jim\AppData\Local\Temp\Low\67E7.tmp Win32/Olmarik.AYY trojan cleaned by deleting - quarantined
C:\Users\Jim\AppData\Local\Temp\Low\E453.tmp Win32/Olmarik.AYY trojan cleaned by deleting - quarantined
C:\Users\Jim\AppData\Local\Temp\Low\jar_cache10039.tmp multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\Local\Temp\Low\jar_cache35665.tmp multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\Local\Temp\Low\jar_cache35955.tmp multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\Local\Temp\Low\jar_cache64409.tmp multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\Local\Temp\Low\jar_cache7056.tmp multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\4ae46b41-6ddb9a49 multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3256e392-1676c65c Java/Exploit.Agent.PFX trojan cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\63edc45a-1fb6c26e multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\338db19b-4b3834ec multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\22dbef9c-46c55876 multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\2a5b58e1-33ce0d2a Java/Exploit.Agent.NCD trojan cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\79093ce2-2cccc7ad Java/Exploit.Agent.OWN trojan cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\280f8327-57bbd350 multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\301cb2ab-12e15963 Java/Exploit.Agent.PDX trojan cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\7b354585-40c80e17 multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\7abdcbf2-47bc465b multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\554daa34-2a738a46 multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\554daa34-2c90bd71 multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\554daa34-4e215ab5 multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\554daa34-53587a3b multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\554daa34-5bcf8abb multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\5bf516b4-3c610f71 multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\17181a76-4978e250 multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\de0bcf6-4dc45ccb multiple threats cleaned by deleting - quarantined
C:\Users\Jim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\390c47f-5b7a5d27 multiple threats cleaned by deleting - quarantined
D:\VISTABOX\Backup Set 2009-02-22 030000\Backup Files 2011-11-27 030001\Backup files 1.zip multiple threats deleted - quarantined
D:\VISTABOX\Backup Set 2009-02-22 030000\Backup Files 2012-06-10 030001\Backup files 2.zip Java/Exploit.Agent.NCD trojan deleted - quarantined
D:\VISTABOX\Backup Set 2009-02-22 030000\Backup Files 2013-01-06 030001\Backup files 1.zip multiple threats deleted - quarantined
D:\VISTABOX\Backup Set 2009-02-22 030000\Backup Files 2013-03-31 030001\Backup files 1.zip multiple threats deleted - quarantined
D:\VISTABOX\Backup Set 2009-02-22 030000\Backup Files 2013-04-21 030001\Backup files 1.zip multiple threats deleted - quarantined
D:\VISTABOX\Backup Set 2013-04-22 221401\Backup Files 2013-04-22 221401\Backup files 86.zip multiple threats deleted - quarantined
D:\VISTABOX\Backup Set 2013-04-22 221401\Backup Files 2013-06-09 030002\Backup files 1.zip multiple threats deleted - quarantined
D:\VISTABOX\Backup Set 2013-04-22 221401\Backup Files 2013-06-23 030002\Backup files 1.zip multiple threats deleted - quarantined
D:\VISTABOX\Backup Set 2013-04-22 221401\Backup Files 2013-07-07 030002\Backup files 1.zip multiple threats deleted - quarantined
D:\VISTABOX\Backup Set 2013-04-22 221401\Backup Files 2013-07-14 030002\Backup files 2.zip multiple threats deleted - quarantined
D:\VISTABOX\Backup Set 2013-04-22 221401\Backup Files 2013-08-04 030002\Backup files 1.zip multiple threats deleted - quarantined
D:\VISTABOX\Backup Set 2013-04-22 221401\Backup Files 2013-08-11 030002\Backup files 1.zip Java/Exploit.Agent.PDX trojan deleted - quarantined

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:52 PM

Posted 14 August 2013 - 07:52 PM

That was a lot of bad things removed.
What language is that?

How is it running now?

In control Panel, uninstall
Adobe Reader X (10.1.6) (Version: 10.1.6)
Java™ 6 Update 7 (Version: 1.6.0.70)


Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window: netsh winsock reset
Click on the enter key.

Reboot your system to complete the process.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 james.potteiger

james.potteiger
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:52 PM

Posted 24 August 2013 - 08:35 AM

Sorry for the slow reply. I have been out of town. If you are asking about the language in the output files, it appears strange because when I paste text it is backwards. I think I need a mirror to read it! :-)

Things are much better but I am still having a problem with IE and am not sure if it is related. Whenever I try to open or save a file from IE, I get an error message that it contained a virus and was deleted. I KNOW that all of the files are not infected. Any thoughts?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users