Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FLV virus


  • Please log in to reply
10 replies to this topic

#1 goclagoc

goclagoc

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:51 PM

Posted 19 August 2013 - 09:17 AM

i came here because i seem to have contracted the FLV virus and i looked on yahoo for a solution and one of the responses recommended that i come here

anyone got any solutions?

 

*Moderator Edit: Moved topic from XP to the more appropriate forum.  Also changed topic title to one descriptive of the issue~ Queen-Evie*

 


Edited by Queen-Evie, 19 August 2013 - 09:33 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:51 PM

Posted 19 August 2013 - 04:23 PM

Hello, can you run these?

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.



Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 goclagoc

goclagoc
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:51 PM

Posted 20 August 2013 - 12:11 AM

here is the report from MINI TOOL BOX

MiniToolBox by Farbar  Version: 13-07-2013
Ran by user (administrator) on 19-08-2013 at 18:26:45
Running from "C:\Documents and Settings\user\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

Broadcom NetXtreme 57xx Gigabit Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : 3NDGW71

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : wi.rr.com



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . : wi.rr.com

        Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller

        Physical Address. . . . . . . . . : 00-12-3F-44-D3-9F

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.144

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 209.18.47.61

                                            209.18.47.62

                                            192.168.1.1

        Lease Obtained. . . . . . . . . . : Monday, August 19, 2013 1:17:34 PM

        Lease Expires . . . . . . . . . . : Tuesday, August 20, 2013 1:17:34 PM

Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    google.com
Addresses:  173.194.46.65, 173.194.46.66, 173.194.46.67, 173.194.46.68
      173.194.46.69, 173.194.46.70, 173.194.46.71, 173.194.46.72, 173.194.46.73
      173.194.46.78, 173.194.46.64



Pinging google.com [173.194.46.64] with 32 bytes of data:



Reply from 173.194.46.64: bytes=32 time=13ms TTL=52

Reply from 173.194.46.64: bytes=32 time=13ms TTL=52



Ping statistics for 173.194.46.64:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 13ms, Maximum = 13ms, Average = 13ms

Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    yahoo.com
Addresses:  98.138.253.109, 98.139.183.24, 206.190.36.45



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=153ms TTL=41

Reply from 98.139.183.24: bytes=32 time=101ms TTL=41



Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 101ms, Maximum = 153ms, Average = 127ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 12 3f 44 d3 9f ...... Broadcom NetXtreme 57xx Gigabit Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1   192.168.1.144      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      169.254.0.0      255.255.0.0    192.168.1.144   192.168.1.144      20
      192.168.1.0    255.255.255.0    192.168.1.144   192.168.1.144      20
    192.168.1.144  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.1.255  255.255.255.255    192.168.1.144   192.168.1.144      20
        224.0.0.0        240.0.0.0    192.168.1.144   192.168.1.144      20
  255.255.255.255  255.255.255.255    192.168.1.144   192.168.1.144      1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/19/2013 04:57:45 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (08/19/2013 04:57:45 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (08/19/2013 04:54:45 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (08/19/2013 04:54:45 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (08/19/2013 03:12:44 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (08/19/2013 03:12:44 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (08/19/2013 02:57:44 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (08/19/2013 02:57:44 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (08/19/2013 01:17:43 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (08/19/2013 01:17:43 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.


System errors:
=============
Error: (08/19/2013 10:34:12 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service SENS with arguments ""
in order to run the server:
{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error: (08/19/2013 10:34:12 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service SENS with arguments ""
in order to run the server:
{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error: (08/19/2013 10:05:50 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2742596).

Error: (08/19/2013 10:05:45 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista, Server 2008 x86 (KB2604111).

Error: (08/19/2013 10:05:18 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2604092).

Error: (08/19/2013 10:05:13 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista, Server 2008 x86 (KB2840629).

Error: (08/19/2013 10:05:09 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2804577).

Error: (08/19/2013 10:05:05 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista, Server 2008 x86 (KB2657424).

Error: (08/19/2013 10:05:01 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista, Server 2008 x86 (KB2736416).

Error: (08/19/2013 10:04:57 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 3.5 SP1 and .NET Framework 2.0 SP2 Update for Windows Server 2003 and Windows XP x86 (KB982524).


Microsoft Office Sessions:
=========================
Error: (08/19/2013 04:57:45 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (08/19/2013 04:57:45 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (08/19/2013 04:54:45 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (08/19/2013 04:54:45 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (08/19/2013 03:12:44 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (08/19/2013 03:12:44 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (08/19/2013 02:57:44 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (08/19/2013 02:57:44 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (08/19/2013 01:17:43 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (08/19/2013 01:17:43 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.6.602.171)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader XI (11.0.01) (Version: 11.0.01)
Amazon Cloud Player (Version: 1.1.0.337)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
AVG SafeGuard toolbar (Version: 15.4.0.5)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit Integrated Controller (Version: 8.10.07)
ImgBurn (Version: 2.5.7.0)
InsiderFootball 2013 (Version: 1.5.56)
Intel® Graphics Media Accelerator Driver (Version: 6.14.10.4410)
iTunes (Version: 11.0.4.4)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
LyricXeeker
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 23.0.1 (x86 en-US) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
Norton Internet Security (Version: 20.4.0.40)
OpenOffice.org 3.4.1 (Version: 3.41.9593)
SAMSUNG Intelli-studio (Version: 3.1.32.1)
SoundMAX (Version: 5.12.01.5246)
TopArcadeHits
VLC media player 2.0.5 (Version: 2.0.5)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Media Format 11 runtime
Windows Media Player 11
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 1014.07 MB
Available physical RAM: 594.43 MB
Total Pagefile: 2439.39 MB
Available Pagefile: 1760.95 MB
Total Virtual: 2047.88 MB
Available Virtual: 1967.57 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:149.01 GB) (Free:134.87 GB) NTFS

========================= Users: ========================================

User accounts for \\3NDGW71

Administrator            Guest                    HelpAssistant            
SUPPORT_388945a0         user                     


**** End of log ****
 



#4 goclagoc

goclagoc
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:51 PM

Posted 20 August 2013 - 12:13 AM

HERE'S THE REPORT FROM TDDSKiller

18:29:06.0328 0x04fc  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
18:29:06.0844 0x04fc  ============================================================
18:29:06.0844 0x04fc  Current date / time: 2013/08/19 18:29:06.0844
18:29:06.0844 0x04fc  SystemInfo:
18:29:06.0844 0x04fc  
18:29:06.0844 0x04fc  OS Version: 5.1.2600 ServicePack: 3.0
18:29:06.0844 0x04fc  Product type: Workstation
18:29:06.0844 0x04fc  ComputerName: 3NDGW71
18:29:06.0844 0x04fc  UserName: user
18:29:06.0844 0x04fc  Windows directory: C:\WINDOWS
18:29:06.0844 0x04fc  System windows directory: C:\WINDOWS
18:29:06.0844 0x04fc  Processor architecture: Intel x86
18:29:06.0844 0x04fc  Number of processors: 2
18:29:06.0844 0x04fc  Page size: 0x1000
18:29:06.0844 0x04fc  Boot type: Normal boot
18:29:06.0844 0x04fc  ============================================================
18:29:08.0172 0x04fc  Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:29:08.0188 0x04fc  ============================================================
18:29:08.0188 0x04fc  \Device\Harddisk0\DR0:
18:29:08.0188 0x04fc  MBR partitions:
18:29:08.0188 0x04fc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A050BD
18:29:08.0188 0x04fc  ============================================================
18:29:08.0203 0x04fc  C: <-> \Device\Harddisk0\DR0\Partition1
18:29:08.0203 0x04fc  ============================================================
18:29:08.0203 0x04fc  Initialize success
18:29:08.0203 0x04fc  ============================================================
18:29:13.0407 0x0cfc  ============================================================
18:29:13.0407 0x0cfc  Scan started
18:29:13.0407 0x0cfc  Mode: Manual;
18:29:13.0407 0x0cfc  ============================================================
18:29:13.0610 0x0cfc  ================ Scan system memory ========================
18:29:13.0610 0x0cfc  System memory - ok
18:29:13.0610 0x0cfc  ================ Scan services =============================
18:29:13.0657 0x0cfc  Abiosdsk - ok
18:29:13.0672 0x0cfc  abp480n5 - ok
18:29:13.0688 0x0cfc  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:29:13.0688 0x0cfc  ACPI - ok
18:29:13.0704 0x0cfc  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
18:29:13.0750 0x0cfc  ACPIEC - ok
18:29:13.0750 0x0cfc  adpu160m - ok
18:29:13.0766 0x0cfc  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
18:29:13.0766 0x0cfc  aec - ok
18:29:13.0797 0x0cfc  [ 322D0E36693D6E24A2398BEE62A268CD ] AFD             C:\WINDOWS\System32\drivers\afd.sys
18:29:13.0797 0x0cfc  AFD - ok
18:29:13.0797 0x0cfc  Aha154x - ok
18:29:13.0813 0x0cfc  aic78u2 - ok
18:29:13.0813 0x0cfc  aic78xx - ok
18:29:13.0829 0x0cfc  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
18:29:13.0844 0x0cfc  Alerter - ok
18:29:13.0860 0x0cfc  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
18:29:13.0860 0x0cfc  ALG - ok
18:29:13.0875 0x0cfc  AliIde - ok
18:29:13.0875 0x0cfc  amsint - ok
18:29:13.0907 0x0cfc  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:29:13.0907 0x0cfc  Apple Mobile Device - ok
18:29:13.0938 0x0cfc  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
18:29:13.0954 0x0cfc  AppMgmt - ok
18:29:13.0969 0x0cfc  asc - ok
18:29:13.0969 0x0cfc  asc3350p - ok
18:29:13.0985 0x0cfc  asc3550 - ok
18:29:14.0032 0x0cfc  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:29:14.0032 0x0cfc  aspnet_state - ok
18:29:14.0063 0x0cfc  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:29:14.0063 0x0cfc  AsyncMac - ok
18:29:14.0079 0x0cfc  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
18:29:14.0079 0x0cfc  atapi - ok
18:29:14.0079 0x0cfc  Atdisk - ok
18:29:14.0094 0x0cfc  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:29:14.0110 0x0cfc  Atmarpc - ok
18:29:14.0110 0x0cfc  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
18:29:14.0125 0x0cfc  AudioSrv - ok
18:29:14.0141 0x0cfc  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
18:29:14.0141 0x0cfc  audstub - ok
18:29:14.0157 0x0cfc  [ F798F61B3B5642D7086B96A891B129D2 ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys
18:29:14.0157 0x0cfc  avgtp - ok
18:29:14.0172 0x0cfc  [ 241474D01380E9ED41D4C07F4F5FD401 ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys
18:29:14.0188 0x0cfc  b57w2k - ok
18:29:14.0204 0x0cfc  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:29:14.0204 0x0cfc  Beep - ok
18:29:14.0250 0x0cfc  [ 6C6AC7CA8A034C15C52B35189BAD58EE ] BHDrvx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130715.001\BHDrvx86.sys
18:29:14.0266 0x0cfc  BHDrvx86 - ok
18:29:14.0297 0x0cfc  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
18:29:14.0313 0x0cfc  BITS - ok
18:29:14.0344 0x0cfc  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:29:14.0360 0x0cfc  Bonjour Service - ok
18:29:14.0375 0x0cfc  [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser         C:\WINDOWS\System32\browser.dll
18:29:14.0375 0x0cfc  Browser - ok
18:29:14.0407 0x0cfc  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
18:29:14.0407 0x0cfc  cbidf2k - ok
18:29:14.0422 0x0cfc  [ 3BEE52611F22C9C0023A98A4425E084F ] ccSet_NIS       C:\WINDOWS\system32\drivers\NIS\1404000.028\ccSetx86.sys
18:29:14.0438 0x0cfc  ccSet_NIS - ok
18:29:14.0438 0x0cfc  cd20xrnt - ok
18:29:14.0454 0x0cfc  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
18:29:14.0454 0x0cfc  Cdaudio - ok
18:29:14.0469 0x0cfc  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
18:29:14.0485 0x0cfc  Cdfs - ok
18:29:14.0500 0x0cfc  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:29:14.0500 0x0cfc  Cdrom - ok
18:29:14.0500 0x0cfc  cerc6 - ok
18:29:14.0516 0x0cfc  Changer - ok
18:29:14.0532 0x0cfc  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
18:29:14.0532 0x0cfc  CiSvc - ok
18:29:14.0547 0x0cfc  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
18:29:14.0547 0x0cfc  ClipSrv - ok
18:29:14.0563 0x0cfc  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:29:14.0594 0x0cfc  clr_optimization_v2.0.50727_32 - ok
18:29:14.0625 0x0cfc  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:29:14.0625 0x0cfc  clr_optimization_v4.0.30319_32 - ok
18:29:14.0625 0x0cfc  CmdIde - ok
18:29:14.0641 0x0cfc  COMSysApp - ok
18:29:14.0657 0x0cfc  Cpqarray - ok
18:29:14.0672 0x0cfc  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
18:29:14.0672 0x0cfc  CryptSvc - ok
18:29:14.0688 0x0cfc  dac2w2k - ok
18:29:14.0688 0x0cfc  dac960nt - ok
18:29:14.0704 0x0cfc  [ 2589FE6015A316C0F5D5112B4DA7B509 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:29:14.0719 0x0cfc  DcomLaunch - ok
18:29:14.0735 0x0cfc  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
18:29:14.0735 0x0cfc  Dhcp - ok
18:29:14.0750 0x0cfc  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
18:29:14.0750 0x0cfc  Disk - ok
18:29:14.0750 0x0cfc  dmadmin - ok
18:29:14.0782 0x0cfc  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
18:29:14.0797 0x0cfc  dmboot - ok
18:29:14.0813 0x0cfc  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\DRIVERS\dmio.sys
18:29:14.0829 0x0cfc  dmio - ok
18:29:14.0829 0x0cfc  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
18:29:14.0829 0x0cfc  dmload - ok
18:29:14.0844 0x0cfc  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
18:29:14.0844 0x0cfc  dmserver - ok
18:29:14.0875 0x0cfc  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
18:29:14.0875 0x0cfc  DMusic - ok
18:29:14.0891 0x0cfc  [ 474B4DC3983173E4B4C9740B0DAC98A6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:29:14.0891 0x0cfc  Dnscache - ok
18:29:14.0907 0x0cfc  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:29:14.0907 0x0cfc  Dot3svc - ok
18:29:14.0922 0x0cfc  dpti2o - ok
18:29:14.0922 0x0cfc  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:29:14.0922 0x0cfc  drmkaud - ok
18:29:14.0938 0x0cfc  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
18:29:14.0938 0x0cfc  EapHost - ok
18:29:14.0969 0x0cfc  [ 031F3DC72315C7C9E2CFE7F9AE3AC239 ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
18:29:14.0985 0x0cfc  eeCtrl - ok
18:29:14.0985 0x0cfc  [ 1530CE335048994396D27A91980D2F6A ] EraserUtilDrv11310 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys
18:29:15.0000 0x0cfc  EraserUtilDrv11310 - ok
18:29:15.0016 0x0cfc  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:29:15.0016 0x0cfc  EraserUtilRebootDrv - ok
18:29:15.0032 0x0cfc  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
18:29:15.0032 0x0cfc  ERSvc - ok
18:29:15.0063 0x0cfc  [ 0E776ED5F7CC9F94299E70461B7B8185 ] Eventlog        C:\WINDOWS\system32\services.exe
18:29:15.0063 0x0cfc  Eventlog - ok
18:29:15.0079 0x0cfc  [ 19A799805B24990867B00C120D300C3A ] EventSystem     C:\WINDOWS\system32\es.dll
18:29:15.0079 0x0cfc  EventSystem - ok
18:29:15.0094 0x0cfc  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
18:29:15.0094 0x0cfc  Fastfat - ok
18:29:15.0110 0x0cfc  [ 1926899BF9FFE2602B63074971700412 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:29:15.0110 0x0cfc  FastUserSwitchingCompatibility - ok
18:29:15.0125 0x0cfc  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
18:29:15.0141 0x0cfc  Fdc - ok
18:29:15.0157 0x0cfc  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
18:29:15.0157 0x0cfc  Fips - ok
18:29:15.0172 0x0cfc  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:29:15.0172 0x0cfc  Flpydisk - ok
18:29:15.0188 0x0cfc  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
18:29:15.0204 0x0cfc  FltMgr - ok
18:29:15.0235 0x0cfc  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:29:15.0235 0x0cfc  FontCache3.0.0.0 - ok
18:29:15.0250 0x0cfc  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:29:15.0250 0x0cfc  Fs_Rec - ok
18:29:15.0250 0x0cfc  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:29:15.0266 0x0cfc  Ftdisk - ok
18:29:15.0266 0x0cfc  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:29:15.0282 0x0cfc  GEARAspiWDM - ok
18:29:15.0297 0x0cfc  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:29:15.0297 0x0cfc  Gpc - ok
18:29:15.0329 0x0cfc  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:29:15.0329 0x0cfc  helpsvc - ok
18:29:15.0344 0x0cfc  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
18:29:15.0344 0x0cfc  HidServ - ok
18:29:15.0360 0x0cfc  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:29:15.0360 0x0cfc  hidusb - ok
18:29:15.0375 0x0cfc  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
18:29:15.0375 0x0cfc  hkmsvc - ok
18:29:15.0391 0x0cfc  hpn - ok
18:29:15.0422 0x0cfc  [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
18:29:15.0422 0x0cfc  HTTP - ok
18:29:15.0438 0x0cfc  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
18:29:15.0438 0x0cfc  HTTPFilter - ok
18:29:15.0454 0x0cfc  i2omgmt - ok
18:29:15.0454 0x0cfc  i2omp - ok
18:29:15.0454 0x0cfc  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
18:29:15.0469 0x0cfc  i8042prt - ok
18:29:15.0500 0x0cfc  [ 5A8E05F1D5C36ABD58CFFA111EB325EA ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
18:29:15.0532 0x0cfc  ialm - ok
18:29:15.0625 0x0cfc  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:29:15.0625 0x0cfc  idsvc - ok
18:29:15.0672 0x0cfc  [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130813.001\IDSxpx86.sys
18:29:15.0672 0x0cfc  IDSxpx86 - ok
18:29:15.0688 0x0cfc  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
18:29:15.0688 0x0cfc  Imapi - ok
18:29:15.0704 0x0cfc  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
18:29:15.0704 0x0cfc  ImapiService - ok
18:29:15.0719 0x0cfc  ini910u - ok
18:29:15.0719 0x0cfc  IntelIde - ok
18:29:15.0735 0x0cfc  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:29:15.0735 0x0cfc  intelppm - ok
18:29:15.0750 0x0cfc  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
18:29:15.0750 0x0cfc  Ip6Fw - ok
18:29:15.0766 0x0cfc  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:29:15.0766 0x0cfc  IpFilterDriver - ok
18:29:15.0782 0x0cfc  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:29:15.0782 0x0cfc  IpInIp - ok
18:29:15.0797 0x0cfc  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:29:15.0797 0x0cfc  IpNat - ok
18:29:15.0829 0x0cfc  [ FE56897B27ED266F9C4E7D90A0B5DA47 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:29:15.0844 0x0cfc  iPod Service - ok
18:29:15.0860 0x0cfc  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:29:15.0860 0x0cfc  IPSec - ok
18:29:15.0875 0x0cfc  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
18:29:15.0875 0x0cfc  IRENUM - ok
18:29:15.0891 0x0cfc  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:29:15.0891 0x0cfc  isapnp - ok
18:29:15.0922 0x0cfc  [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
18:29:15.0922 0x0cfc  JavaQuickStarterService - ok
18:29:15.0938 0x0cfc  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:29:15.0938 0x0cfc  Kbdclass - ok
18:29:15.0954 0x0cfc  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:29:15.0954 0x0cfc  kbdhid - ok
18:29:15.0985 0x0cfc  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
18:29:15.0985 0x0cfc  kmixer - ok
18:29:15.0985 0x0cfc  [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
18:29:15.0985 0x0cfc  KSecDD - ok
18:29:16.0016 0x0cfc  [ F385F4B02C535BFFE1D70CAB80838123 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
18:29:16.0016 0x0cfc  LanmanServer - ok
18:29:16.0032 0x0cfc  [ 1B67B632786FEF1C1BBAEF46C2F3F2E6 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:29:16.0032 0x0cfc  lanmanworkstation - ok
18:29:16.0032 0x0cfc  lbrtfdc - ok
18:29:16.0063 0x0cfc  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
18:29:16.0063 0x0cfc  LmHosts - ok
18:29:16.0079 0x0cfc  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
18:29:16.0079 0x0cfc  Messenger - ok
18:29:16.0079 0x0cfc  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
18:29:16.0079 0x0cfc  mnmdd - ok
18:29:16.0110 0x0cfc  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
18:29:16.0110 0x0cfc  mnmsrvc - ok
18:29:16.0125 0x0cfc  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
18:29:16.0125 0x0cfc  Modem - ok
18:29:16.0141 0x0cfc  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:29:16.0141 0x0cfc  Mouclass - ok
18:29:16.0157 0x0cfc  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:29:16.0157 0x0cfc  mouhid - ok
18:29:16.0157 0x0cfc  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
18:29:16.0172 0x0cfc  MountMgr - ok
18:29:16.0188 0x0cfc  [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:29:16.0188 0x0cfc  MozillaMaintenance - ok
18:29:16.0188 0x0cfc  mraid35x - ok
18:29:16.0204 0x0cfc  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:29:16.0204 0x0cfc  MRxDAV - ok
18:29:16.0235 0x0cfc  [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:29:16.0235 0x0cfc  MRxSmb - ok
18:29:16.0250 0x0cfc  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
18:29:16.0250 0x0cfc  MSDTC - ok
18:29:16.0266 0x0cfc  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:29:16.0266 0x0cfc  Msfs - ok
18:29:16.0282 0x0cfc  MSIServer - ok
18:29:16.0297 0x0cfc  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:29:16.0297 0x0cfc  MSKSSRV - ok
18:29:16.0297 0x0cfc  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:29:16.0297 0x0cfc  MSPCLOCK - ok
18:29:16.0313 0x0cfc  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:29:16.0313 0x0cfc  MSPQM - ok
18:29:16.0329 0x0cfc  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:29:16.0329 0x0cfc  mssmbios - ok
18:29:16.0329 0x0cfc  [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
18:29:16.0329 0x0cfc  Mup - ok
18:29:16.0360 0x0cfc  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
18:29:16.0360 0x0cfc  napagent - ok
18:29:16.0391 0x0cfc  [ CE2156DF796D41614AB60E68D107D573 ] NAVENG          C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130819.017\NAVENG.SYS
18:29:16.0391 0x0cfc  NAVENG - ok
18:29:16.0422 0x0cfc  [ 19CEB8F4EC8C800A53D0B67E658E0367 ] NAVEX15         C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130819.017\NAVEX15.SYS
18:29:16.0454 0x0cfc  NAVEX15 - ok
18:29:16.0469 0x0cfc  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
18:29:16.0469 0x0cfc  NDIS - ok
18:29:16.0485 0x0cfc  [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:29:16.0485 0x0cfc  NdisTapi - ok
18:29:16.0500 0x0cfc  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:29:16.0500 0x0cfc  Ndisuio - ok
18:29:16.0516 0x0cfc  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:29:16.0516 0x0cfc  NdisWan - ok
18:29:16.0532 0x0cfc  [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:29:16.0532 0x0cfc  NDProxy - ok
18:29:16.0532 0x0cfc  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:29:16.0532 0x0cfc  NetBIOS - ok
18:29:16.0547 0x0cfc  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:29:16.0563 0x0cfc  NetBT - ok
18:29:16.0579 0x0cfc  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
18:29:16.0579 0x0cfc  NetDDE - ok
18:29:16.0594 0x0cfc  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
18:29:16.0594 0x0cfc  NetDDEdsdm - ok
18:29:16.0610 0x0cfc  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:29:16.0610 0x0cfc  Netlogon - ok
18:29:16.0625 0x0cfc  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
18:29:16.0625 0x0cfc  Netman - ok
18:29:16.0672 0x0cfc  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:29:16.0672 0x0cfc  NetTcpPortSharing - ok
18:29:16.0688 0x0cfc  [ 1BF9D6476061B31CD7FC2BF848529A56 ] NIS             C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
18:29:16.0688 0x0cfc  NIS - ok
18:29:16.0719 0x0cfc  [ B4138E99236F0F57D4CF49BAE98A0746 ] Nla             C:\WINDOWS\System32\mswsock.dll
18:29:16.0719 0x0cfc  Nla - ok
18:29:16.0735 0x0cfc  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:29:16.0735 0x0cfc  Npfs - ok
18:29:16.0750 0x0cfc  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:29:16.0766 0x0cfc  Ntfs - ok
18:29:16.0766 0x0cfc  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
18:29:16.0766 0x0cfc  NtLmSsp - ok
18:29:16.0797 0x0cfc  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
18:29:16.0813 0x0cfc  NtmsSvc - ok
18:29:16.0813 0x0cfc  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:29:16.0813 0x0cfc  Null - ok
18:29:16.0844 0x0cfc  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:29:16.0844 0x0cfc  NwlnkFlt - ok
18:29:16.0860 0x0cfc  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:29:16.0860 0x0cfc  NwlnkFwd - ok
18:29:16.0875 0x0cfc  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
18:29:16.0875 0x0cfc  Parport - ok
18:29:16.0891 0x0cfc  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
18:29:16.0891 0x0cfc  PartMgr - ok
18:29:16.0907 0x0cfc  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
18:29:16.0907 0x0cfc  ParVdm - ok
18:29:16.0907 0x0cfc  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
18:29:16.0922 0x0cfc  PCI - ok
18:29:16.0922 0x0cfc  PCIDump - ok
18:29:16.0922 0x0cfc  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
18:29:16.0922 0x0cfc  PCIIde - ok
18:29:16.0954 0x0cfc  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
18:29:16.0954 0x0cfc  Pcmcia - ok
18:29:16.0954 0x0cfc  PDCOMP - ok
18:29:16.0969 0x0cfc  PDFRAME - ok
18:29:16.0969 0x0cfc  PDRELI - ok
18:29:16.0969 0x0cfc  PDRFRAME - ok
18:29:16.0985 0x0cfc  perc2 - ok
18:29:16.0985 0x0cfc  perc2hib - ok
18:29:17.0016 0x0cfc  [ 0E776ED5F7CC9F94299E70461B7B8185 ] PlugPlay        C:\WINDOWS\system32\services.exe
18:29:17.0016 0x0cfc  PlugPlay - ok
18:29:17.0032 0x0cfc  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
18:29:17.0032 0x0cfc  PolicyAgent - ok
18:29:17.0032 0x0cfc  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:29:17.0032 0x0cfc  PptpMiniport - ok
18:29:17.0047 0x0cfc  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:29:17.0047 0x0cfc  ProtectedStorage - ok
18:29:17.0047 0x0cfc  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
18:29:17.0063 0x0cfc  PSched - ok
18:29:17.0063 0x0cfc  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:29:17.0063 0x0cfc  Ptilink - ok
18:29:17.0079 0x0cfc  ql1080 - ok
18:29:17.0079 0x0cfc  Ql10wnt - ok
18:29:17.0079 0x0cfc  ql12160 - ok
18:29:17.0094 0x0cfc  ql1240 - ok
18:29:17.0094 0x0cfc  ql1280 - ok
18:29:17.0110 0x0cfc  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:29:17.0110 0x0cfc  RasAcd - ok
18:29:17.0125 0x0cfc  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:29:17.0125 0x0cfc  RasAuto - ok
18:29:17.0141 0x0cfc  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:29:17.0141 0x0cfc  Rasl2tp - ok
18:29:17.0157 0x0cfc  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:29:17.0172 0x0cfc  RasMan - ok
18:29:17.0172 0x0cfc  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:29:17.0172 0x0cfc  RasPppoe - ok
18:29:17.0188 0x0cfc  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
18:29:17.0188 0x0cfc  Raspti - ok
18:29:17.0188 0x0cfc  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:29:17.0204 0x0cfc  Rdbss - ok
18:29:17.0204 0x0cfc  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:29:17.0204 0x0cfc  RDPCDD - ok
18:29:17.0219 0x0cfc  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:29:17.0219 0x0cfc  rdpdr - ok
18:29:17.0250 0x0cfc  [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
18:29:17.0250 0x0cfc  RDPWD - ok
18:29:17.0266 0x0cfc  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
18:29:17.0266 0x0cfc  RDSessMgr - ok
18:29:17.0282 0x0cfc  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
18:29:17.0282 0x0cfc  redbook - ok
18:29:17.0313 0x0cfc  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:29:17.0313 0x0cfc  RemoteAccess - ok
18:29:17.0313 0x0cfc  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:29:17.0329 0x0cfc  RemoteRegistry - ok
18:29:17.0344 0x0cfc  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:29:17.0344 0x0cfc  RpcLocator - ok
18:29:17.0360 0x0cfc  [ 2589FE6015A316C0F5D5112B4DA7B509 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:29:17.0360 0x0cfc  RpcSs - ok
18:29:17.0391 0x0cfc  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
18:29:17.0407 0x0cfc  RSVP - ok
18:29:17.0407 0x0cfc  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:29:17.0422 0x0cfc  SamSs - ok
18:29:17.0438 0x0cfc  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
18:29:17.0438 0x0cfc  SCardSvr - ok
18:29:17.0454 0x0cfc  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:29:17.0454 0x0cfc  Schedule - ok
18:29:17.0469 0x0cfc  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:29:17.0469 0x0cfc  Secdrv - ok
18:29:17.0500 0x0cfc  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
18:29:17.0500 0x0cfc  seclogon - ok
18:29:17.0516 0x0cfc  [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] senfilt         C:\WINDOWS\system32\drivers\senfilt.sys
18:29:17.0532 0x0cfc  senfilt - ok
18:29:17.0547 0x0cfc  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
18:29:17.0563 0x0cfc  SENS - ok
18:29:17.0563 0x0cfc  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
18:29:17.0563 0x0cfc  serenum - ok
18:29:17.0594 0x0cfc  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
18:29:17.0594 0x0cfc  Serial - ok
18:29:17.0610 0x0cfc  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
18:29:17.0610 0x0cfc  Sfloppy - ok
18:29:17.0641 0x0cfc  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:29:17.0641 0x0cfc  SharedAccess - ok
18:29:17.0657 0x0cfc  [ 1926899BF9FFE2602B63074971700412 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:29:17.0657 0x0cfc  ShellHWDetection - ok
18:29:17.0672 0x0cfc  Simbad - ok
18:29:17.0704 0x0cfc  [ C6D9959E493682F872A639B6EC1B4A08 ] smwdm           C:\WINDOWS\system32\drivers\smwdm.sys
18:29:17.0704 0x0cfc  smwdm - ok
18:29:17.0704 0x0cfc  Sparrow - ok
18:29:17.0719 0x0cfc  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
18:29:17.0719 0x0cfc  splitter - ok
18:29:17.0735 0x0cfc  [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B ] Spooler         C:\WINDOWS\system32\spoolsv.exe
18:29:17.0735 0x0cfc  Spooler - ok
18:29:17.0750 0x0cfc  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
18:29:17.0750 0x0cfc  sr - ok
18:29:17.0766 0x0cfc  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
18:29:17.0782 0x0cfc  srservice - ok
18:29:17.0797 0x0cfc  [ C743E384E9EFCA10B41C60D406DE39C0 ] SRTSP           C:\WINDOWS\system32\drivers\NIS\1404000.028\SRTSP.SYS
18:29:17.0813 0x0cfc  SRTSP - ok
18:29:17.0813 0x0cfc  [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX          C:\WINDOWS\system32\drivers\NIS\1404000.028\SRTSPX.SYS
18:29:17.0813 0x0cfc  SRTSPX - ok
18:29:17.0829 0x0cfc  [ 5252605079810904E31C332E241CD59B ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:29:17.0829 0x0cfc  Srv - ok
18:29:17.0844 0x0cfc  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:29:17.0844 0x0cfc  SSDPSRV - ok
18:29:17.0875 0x0cfc  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
18:29:17.0891 0x0cfc  stisvc - ok
18:29:17.0891 0x0cfc  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
18:29:17.0891 0x0cfc  swenum - ok
18:29:17.0907 0x0cfc  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
18:29:17.0907 0x0cfc  swmidi - ok
18:29:17.0922 0x0cfc  SwPrv - ok
18:29:17.0922 0x0cfc  symc810 - ok
18:29:17.0922 0x0cfc  symc8xx - ok
18:29:17.0938 0x0cfc  [ 5A193E5E0F0A776430E5D62A051C1E16 ] SymDS           C:\WINDOWS\system32\drivers\NIS\1404000.028\SYMDS.SYS
18:29:17.0954 0x0cfc  SymDS - ok
18:29:17.0985 0x0cfc  [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA          C:\WINDOWS\system32\drivers\NIS\1404000.028\SYMEFA.SYS
18:29:18.0000 0x0cfc  SymEFA - ok
18:29:18.0016 0x0cfc  [ F50D81D3E0C7A353F205562B89CD06D6 ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
18:29:18.0016 0x0cfc  SymEvent - ok
18:29:18.0032 0x0cfc  [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON         C:\WINDOWS\system32\drivers\NIS\1404000.028\Ironx86.SYS
18:29:18.0032 0x0cfc  SymIRON - ok
18:29:18.0047 0x0cfc  [ E9C316262C48BF299E02FC8B1CE2B925 ] SYMTDI          C:\WINDOWS\system32\drivers\NIS\1404000.028\SYMTDI.SYS
18:29:18.0047 0x0cfc  SYMTDI - ok
18:29:18.0063 0x0cfc  sym_hi - ok
18:29:18.0063 0x0cfc  sym_u3 - ok
18:29:18.0079 0x0cfc  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
18:29:18.0079 0x0cfc  sysaudio - ok
18:29:18.0094 0x0cfc  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
18:29:18.0110 0x0cfc  SysmonLog - ok
18:29:18.0141 0x0cfc  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:29:18.0141 0x0cfc  TapiSrv - ok
18:29:18.0157 0x0cfc  [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:29:18.0157 0x0cfc  Tcpip - ok
18:29:18.0172 0x0cfc  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
18:29:18.0172 0x0cfc  TDPIPE - ok
18:29:18.0188 0x0cfc  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
18:29:18.0188 0x0cfc  TDTCP - ok
18:29:18.0204 0x0cfc  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
18:29:18.0204 0x0cfc  TermDD - ok
18:29:18.0219 0x0cfc  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
18:29:18.0219 0x0cfc  TermService - ok
18:29:18.0235 0x0cfc  [ 1926899BF9FFE2602B63074971700412 ] Themes          C:\WINDOWS\System32\shsvcs.dll
18:29:18.0235 0x0cfc  Themes - ok
18:29:18.0250 0x0cfc  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
18:29:18.0250 0x0cfc  TlntSvr - ok
18:29:18.0266 0x0cfc  TosIde - ok
18:29:18.0282 0x0cfc  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
18:29:18.0282 0x0cfc  TrkWks - ok
18:29:18.0297 0x0cfc  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
18:29:18.0313 0x0cfc  Udfs - ok
18:29:18.0313 0x0cfc  ultra - ok
18:29:18.0329 0x0cfc  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
18:29:18.0329 0x0cfc  Update - ok
18:29:18.0344 0x0cfc  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:29:18.0360 0x0cfc  upnphost - ok
18:29:18.0360 0x0cfc  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
18:29:18.0375 0x0cfc  UPS - ok
18:29:18.0391 0x0cfc  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
18:29:18.0391 0x0cfc  USBAAPL - ok
18:29:18.0407 0x0cfc  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:29:18.0407 0x0cfc  usbccgp - ok
18:29:18.0422 0x0cfc  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:29:18.0422 0x0cfc  usbehci - ok
18:29:18.0422 0x0cfc  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:29:18.0438 0x0cfc  usbhub - ok
18:29:18.0454 0x0cfc  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:29:18.0454 0x0cfc  usbscan - ok
18:29:18.0469 0x0cfc  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:29:18.0469 0x0cfc  USBSTOR - ok
18:29:18.0485 0x0cfc  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:29:18.0485 0x0cfc  usbuhci - ok
18:29:18.0485 0x0cfc  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
18:29:18.0485 0x0cfc  VgaSave - ok
18:29:18.0500 0x0cfc  ViaIde - ok
18:29:18.0500 0x0cfc  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
18:29:18.0516 0x0cfc  VolSnap - ok
18:29:18.0563 0x0cfc  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
18:29:18.0563 0x0cfc  VSS - ok
18:29:18.0625 0x0cfc  [ 2F208AD0E44992E5FF1CB7C6B699C263 ] vToolbarUpdater15.4.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe
18:29:18.0657 0x0cfc  vToolbarUpdater15.4.0 - ok
18:29:18.0688 0x0cfc  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
18:29:18.0688 0x0cfc  W32Time - ok
18:29:18.0704 0x0cfc  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:29:18.0704 0x0cfc  Wanarp - ok
18:29:18.0704 0x0cfc  WDICA - ok
18:29:18.0735 0x0cfc  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
18:29:18.0735 0x0cfc  wdmaud - ok
18:29:18.0750 0x0cfc  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:29:18.0750 0x0cfc  WebClient - ok
18:29:18.0782 0x0cfc  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:29:18.0797 0x0cfc  winmgmt - ok
18:29:18.0813 0x0cfc  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
18:29:18.0829 0x0cfc  WmdmPmSN - ok
18:29:18.0844 0x0cfc  [ BAB489A5FE26F2D0C910CF7AF7E4CF92 ] Wmi             C:\WINDOWS\System32\advapi32.dll
18:29:18.0844 0x0cfc  Wmi - ok
18:29:18.0875 0x0cfc  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:29:18.0875 0x0cfc  WmiApSrv - ok
18:29:18.0922 0x0cfc  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
18:29:18.0954 0x0cfc  WMPNetworkSvc - ok
18:29:18.0985 0x0cfc  [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:29:19.0000 0x0cfc  WPFFontCache_v0400 - ok
18:29:19.0016 0x0cfc  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
18:29:19.0032 0x0cfc  wscsvc - ok
18:29:19.0047 0x0cfc  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
18:29:19.0047 0x0cfc  wuauserv - ok
18:29:19.0063 0x0cfc  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:29:19.0063 0x0cfc  WudfPf - ok
18:29:19.0079 0x0cfc  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:29:19.0079 0x0cfc  WudfRd - ok
18:29:19.0094 0x0cfc  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
18:29:19.0094 0x0cfc  WudfSvc - ok
18:29:19.0110 0x0cfc  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
18:29:19.0125 0x0cfc  WZCSVC - ok
18:29:19.0141 0x0cfc  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
18:29:19.0157 0x0cfc  xmlprov - ok
18:29:19.0172 0x0cfc  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
18:29:19.0188 0x0cfc  YahooAUService - ok
18:29:19.0188 0x0cfc  ================ Scan global ===============================
18:29:19.0204 0x0cfc  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
18:29:19.0204 0x0cfc  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
18:29:19.0219 0x0cfc  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
18:29:19.0235 0x0cfc  [ 0E776ED5F7CC9F94299E70461B7B8185 ] C:\WINDOWS\system32\services.exe
18:29:19.0235 0x0cfc  [Global] - ok
18:29:19.0235 0x0cfc  ================ Scan MBR ==================================
18:29:19.0250 0x0cfc  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
18:29:19.0360 0x0cfc  \Device\Harddisk0\DR0 - ok
18:29:19.0360 0x0cfc  ================ Scan VBR ==================================
18:29:19.0360 0x0cfc  [ AF3157BA8B2453006A0FBFD87F061EC0 ] \Device\Harddisk0\DR0\Partition1
18:29:19.0375 0x0cfc  \Device\Harddisk0\DR0\Partition1 - ok
18:29:19.0375 0x0cfc  ============================================================
18:29:19.0375 0x0cfc  Scan finished
18:29:19.0375 0x0cfc  ============================================================
18:29:19.0391 0x0e6c  Detected object count: 0
18:29:19.0391 0x0e6c  Actual detected object count: 0
18:29:53.0251 0x0efc  ============================================================
18:29:53.0251 0x0efc  Scan started
18:29:53.0251 0x0efc  Mode: Manual; TDLFS;
18:29:53.0251 0x0efc  ============================================================
18:29:53.0329 0x0efc  ================ Scan system memory ========================
18:29:53.0329 0x0efc  System memory - ok
18:29:53.0329 0x0efc  ================ Scan services =============================
18:29:53.0376 0x0efc  Abiosdsk - ok
18:29:53.0376 0x0efc  abp480n5 - ok
18:29:53.0391 0x0efc  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:29:53.0407 0x0efc  ACPI - ok
18:29:53.0423 0x0efc  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
18:29:53.0423 0x0efc  ACPIEC - ok
18:29:53.0423 0x0efc  adpu160m - ok
18:29:53.0438 0x0efc  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
18:29:53.0438 0x0efc  aec - ok
18:29:53.0469 0x0efc  [ 322D0E36693D6E24A2398BEE62A268CD ] AFD             C:\WINDOWS\System32\drivers\afd.sys
18:29:53.0469 0x0efc  AFD - ok
18:29:53.0469 0x0efc  Aha154x - ok
18:29:53.0485 0x0efc  aic78u2 - ok
18:29:53.0485 0x0efc  aic78xx - ok
18:29:53.0501 0x0efc  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
18:29:53.0501 0x0efc  Alerter - ok
18:29:53.0516 0x0efc  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
18:29:53.0516 0x0efc  ALG - ok
18:29:53.0516 0x0efc  AliIde - ok
18:29:53.0532 0x0efc  amsint - ok
18:29:53.0563 0x0efc  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:29:53.0579 0x0efc  Apple Mobile Device - ok
18:29:53.0594 0x0efc  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
18:29:53.0594 0x0efc  AppMgmt - ok
18:29:53.0594 0x0efc  asc - ok
18:29:53.0610 0x0efc  asc3350p - ok
18:29:53.0610 0x0efc  asc3550 - ok
18:29:53.0688 0x0efc  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:29:53.0688 0x0efc  aspnet_state - ok
18:29:53.0704 0x0efc  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:29:53.0704 0x0efc  AsyncMac - ok
18:29:53.0719 0x0efc  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
18:29:53.0719 0x0efc  atapi - ok
18:29:53.0719 0x0efc  Atdisk - ok
18:29:53.0735 0x0efc  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:29:53.0735 0x0efc  Atmarpc - ok
18:29:53.0751 0x0efc  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
18:29:53.0751 0x0efc  AudioSrv - ok
18:29:53.0766 0x0efc  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
18:29:53.0766 0x0efc  audstub - ok
18:29:53.0798 0x0efc  [ F798F61B3B5642D7086B96A891B129D2 ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys
18:29:53.0798 0x0efc  avgtp - ok
18:29:53.0813 0x0efc  [ 241474D01380E9ED41D4C07F4F5FD401 ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys
18:29:53.0813 0x0efc  b57w2k - ok
18:29:53.0829 0x0efc  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:29:53.0829 0x0efc  Beep - ok
18:29:53.0891 0x0efc  [ 6C6AC7CA8A034C15C52B35189BAD58EE ] BHDrvx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130715.001\BHDrvx86.sys
18:29:53.0891 0x0efc  BHDrvx86 - ok
18:29:53.0923 0x0efc  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
18:29:53.0923 0x0efc  BITS - ok
18:29:53.0938 0x0efc  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:29:53.0938 0x0efc  Bonjour Service - ok
18:29:53.0969 0x0efc  [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser         C:\WINDOWS\System32\browser.dll
18:29:53.0969 0x0efc  Browser - ok
18:29:53.0985 0x0efc  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
18:29:53.0985 0x0efc  cbidf2k - ok
18:29:54.0001 0x0efc  [ 3BEE52611F22C9C0023A98A4425E084F ] ccSet_NIS       C:\WINDOWS\system32\drivers\NIS\1404000.028\ccSetx86.sys
18:29:54.0001 0x0efc  ccSet_NIS - ok
18:29:54.0016 0x0efc  cd20xrnt - ok
18:29:54.0032 0x0efc  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
18:29:54.0032 0x0efc  Cdaudio - ok
18:29:54.0048 0x0efc  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
18:29:54.0048 0x0efc  Cdfs - ok
18:29:54.0079 0x0efc  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:29:54.0079 0x0efc  Cdrom - ok
18:29:54.0079 0x0efc  cerc6 - ok
18:29:54.0079 0x0efc  Changer - ok
18:29:54.0094 0x0efc  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
18:29:54.0094 0x0efc  CiSvc - ok
18:29:54.0110 0x0efc  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
18:29:54.0110 0x0efc  ClipSrv - ok
18:29:54.0141 0x0efc  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:29:54.0141 0x0efc  clr_optimization_v2.0.50727_32 - ok
18:29:54.0173 0x0efc  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:29:54.0173 0x0efc  clr_optimization_v4.0.30319_32 - ok
18:29:54.0173 0x0efc  CmdIde - ok
18:29:54.0188 0x0efc  COMSysApp - ok
18:29:54.0188 0x0efc  Cpqarray - ok
18:29:54.0219 0x0efc  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
18:29:54.0219 0x0efc  CryptSvc - ok
18:29:54.0219 0x0efc  dac2w2k - ok
18:29:54.0235 0x0efc  dac960nt - ok
18:29:54.0251 0x0efc  [ 2589FE6015A316C0F5D5112B4DA7B509 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:29:54.0266 0x0efc  DcomLaunch - ok
18:29:54.0282 0x0efc  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
18:29:54.0282 0x0efc  Dhcp - ok
18:29:54.0298 0x0efc  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
18:29:54.0298 0x0efc  Disk - ok
18:29:54.0298 0x0efc  dmadmin - ok
18:29:54.0329 0x0efc  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
18:29:54.0329 0x0efc  dmboot - ok
18:29:54.0360 0x0efc  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\DRIVERS\dmio.sys
18:29:54.0360 0x0efc  dmio - ok
18:29:54.0360 0x0efc  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
18:29:54.0360 0x0efc  dmload - ok
18:29:54.0376 0x0efc  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
18:29:54.0376 0x0efc  dmserver - ok
18:29:54.0391 0x0efc  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
18:29:54.0391 0x0efc  DMusic - ok
18:29:54.0423 0x0efc  [ 474B4DC3983173E4B4C9740B0DAC98A6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:29:54.0423 0x0efc  Dnscache - ok
18:29:54.0438 0x0efc  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:29:54.0438 0x0efc  Dot3svc - ok
18:29:54.0438 0x0efc  dpti2o - ok
18:29:54.0454 0x0efc  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:29:54.0454 0x0efc  drmkaud - ok
18:29:54.0469 0x0efc  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
18:29:54.0469 0x0efc  EapHost - ok
18:29:54.0501 0x0efc  [ 031F3DC72315C7C9E2CFE7F9AE3AC239 ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
18:29:54.0501 0x0efc  eeCtrl - ok
18:29:54.0516 0x0efc  [ 1530CE335048994396D27A91980D2F6A ] EraserUtilDrv11310 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys
18:29:54.0516 0x0efc  EraserUtilDrv11310 - ok
18:29:54.0532 0x0efc  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:29:54.0532 0x0efc  EraserUtilRebootDrv - ok
18:29:54.0548 0x0efc  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
18:29:54.0548 0x0efc  ERSvc - ok
18:29:54.0579 0x0efc  [ 0E776ED5F7CC9F94299E70461B7B8185 ] Eventlog        C:\WINDOWS\system32\services.exe
18:29:54.0579 0x0efc  Eventlog - ok
18:29:54.0594 0x0efc  [ 19A799805B24990867B00C120D300C3A ] EventSystem     C:\WINDOWS\system32\es.dll
18:29:54.0594 0x0efc  EventSystem - ok
18:29:54.0610 0x0efc  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
18:29:54.0610 0x0efc  Fastfat - ok
18:29:54.0626 0x0efc  [ 1926899BF9FFE2602B63074971700412 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:29:54.0626 0x0efc  FastUserSwitchingCompatibility - ok
18:29:54.0641 0x0efc  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
18:29:54.0641 0x0efc  Fdc - ok
18:29:54.0657 0x0efc  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
18:29:54.0657 0x0efc  Fips - ok
18:29:54.0673 0x0efc  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:29:54.0673 0x0efc  Flpydisk - ok
18:29:54.0688 0x0efc  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
18:29:54.0688 0x0efc  FltMgr - ok
18:29:54.0719 0x0efc  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:29:54.0719 0x0efc  FontCache3.0.0.0 - ok
18:29:54.0735 0x0efc  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:29:54.0735 0x0efc  Fs_Rec - ok
18:29:54.0751 0x0efc  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:29:54.0751 0x0efc  Ftdisk - ok
18:29:54.0766 0x0efc  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:29:54.0766 0x0efc  GEARAspiWDM - ok
18:29:54.0798 0x0efc  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:29:54.0798 0x0efc  Gpc - ok
18:29:54.0829 0x0efc  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:29:54.0829 0x0efc  helpsvc - ok
18:29:54.0844 0x0efc  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
18:29:54.0844 0x0efc  HidServ - ok
18:29:54.0860 0x0efc  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:29:54.0860 0x0efc  hidusb - ok
18:29:54.0876 0x0efc  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
18:29:54.0891 0x0efc  hkmsvc - ok
18:29:54.0891 0x0efc  hpn - ok
18:29:54.0923 0x0efc  [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
18:29:54.0923 0x0efc  HTTP - ok
18:29:54.0938 0x0efc  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
18:29:54.0938 0x0efc  HTTPFilter - ok
18:29:54.0938 0x0efc  i2omgmt - ok
18:29:54.0954 0x0efc  i2omp - ok
18:29:54.0954 0x0efc  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
18:29:54.0954 0x0efc  i8042prt - ok
18:29:55.0001 0x0efc  [ 5A8E05F1D5C36ABD58CFFA111EB325EA ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
18:29:55.0001 0x0efc  ialm - ok
18:29:55.0094 0x0efc  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:29:55.0094 0x0efc  idsvc - ok
18:29:55.0126 0x0efc  [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130813.001\IDSxpx86.sys
18:29:55.0126 0x0efc  IDSxpx86 - ok
18:29:55.0141 0x0efc  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
18:29:55.0141 0x0efc  Imapi - ok
18:29:55.0173 0x0efc  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
18:29:55.0173 0x0efc  ImapiService - ok
18:29:55.0173 0x0efc  ini910u - ok
18:29:55.0188 0x0efc  IntelIde - ok
18:29:55.0188 0x0efc  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:29:55.0204 0x0efc  intelppm - ok
18:29:55.0204 0x0efc  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
18:29:55.0204 0x0efc  Ip6Fw - ok
18:29:55.0219 0x0efc  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:29:55.0219 0x0efc  IpFilterDriver - ok
18:29:55.0235 0x0efc  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:29:55.0235 0x0efc  IpInIp - ok
18:29:55.0266 0x0efc  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:29:55.0266 0x0efc  IpNat - ok
18:29:55.0298 0x0efc  [ FE56897B27ED266F9C4E7D90A0B5DA47 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:29:55.0298 0x0efc  iPod Service - ok
18:29:55.0329 0x0efc  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:29:55.0329 0x0efc  IPSec - ok
18:29:55.0344 0x0efc  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
18:29:55.0344 0x0efc  IRENUM - ok
18:29:55.0360 0x0efc  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:29:55.0360 0x0efc  isapnp - ok
18:29:55.0391 0x0efc  [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
18:29:55.0391 0x0efc  JavaQuickStarterService - ok
18:29:55.0407 0x0efc  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:29:55.0407 0x0efc  Kbdclass - ok
18:29:55.0423 0x0efc  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:29:55.0438 0x0efc  kbdhid - ok
18:29:55.0454 0x0efc  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
18:29:55.0454 0x0efc  kmixer - ok
18:29:55.0469 0x0efc  [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
18:29:55.0469 0x0efc  KSecDD - ok
18:29:55.0485 0x0efc  [ F385F4B02C535BFFE1D70CAB80838123 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
18:29:55.0485 0x0efc  LanmanServer - ok
18:29:55.0501 0x0efc  [ 1B67B632786FEF1C1BBAEF46C2F3F2E6 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:29:55.0501 0x0efc  lanmanworkstation - ok
18:29:55.0516 0x0efc  lbrtfdc - ok
18:29:55.0532 0x0efc  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
18:29:55.0532 0x0efc  LmHosts - ok
18:29:55.0548 0x0efc  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
18:29:55.0563 0x0efc  Messenger - ok
18:29:55.0563 0x0efc  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
18:29:55.0563 0x0efc  mnmdd - ok
18:29:55.0579 0x0efc  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
18:29:55.0594 0x0efc  mnmsrvc - ok
18:29:55.0610 0x0efc  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
18:29:55.0610 0x0efc  Modem - ok
18:29:55.0610 0x0efc  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:29:55.0610 0x0efc  Mouclass - ok
18:29:55.0626 0x0efc  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:29:55.0626 0x0efc  mouhid - ok
18:29:55.0641 0x0efc  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
18:29:55.0641 0x0efc  MountMgr - ok
18:29:55.0657 0x0efc  [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:29:55.0657 0x0efc  MozillaMaintenance - ok
18:29:55.0673 0x0efc  mraid35x - ok
18:29:55.0673 0x0efc  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:29:55.0688 0x0efc  MRxDAV - ok
18:29:55.0704 0x0efc  [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:29:55.0704 0x0efc  MRxSmb - ok
18:29:55.0719 0x0efc  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
18:29:55.0719 0x0efc  MSDTC - ok
18:29:55.0735 0x0efc  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:29:55.0735 0x0efc  Msfs - ok
18:29:55.0751 0x0efc  MSIServer - ok
18:29:55.0766 0x0efc  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:29:55.0766 0x0efc  MSKSSRV - ok
18:29:55.0766 0x0efc  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:29:55.0766 0x0efc  MSPCLOCK - ok
18:29:55.0782 0x0efc  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:29:55.0782 0x0efc  MSPQM - ok
18:29:55.0798 0x0efc  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:29:55.0798 0x0efc  mssmbios - ok
18:29:55.0798 0x0efc  [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
18:29:55.0798 0x0efc  Mup - ok
18:29:55.0829 0x0efc  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
18:29:55.0829 0x0efc  napagent - ok
18:29:55.0860 0x0efc  [ CE2156DF796D41614AB60E68D107D573 ] NAVENG          C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130819.017\NAVENG.SYS
18:29:55.0860 0x0efc  NAVENG - ok
18:29:55.0891 0x0efc  [ 19CEB8F4EC8C800A53D0B67E658E0367 ] NAVEX15         C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130819.017\NAVEX15.SYS
18:29:55.0907 0x0efc  NAVEX15 - ok
18:29:55.0923 0x0efc  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
18:29:55.0923 0x0efc  NDIS - ok
18:29:55.0938 0x0efc  [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:29:55.0938 0x0efc  NdisTapi - ok
18:29:55.0954 0x0efc  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:29:55.0954 0x0efc  Ndisuio - ok
18:29:55.0969 0x0efc  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:29:55.0969 0x0efc  NdisWan - ok
18:29:55.0985 0x0efc  [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:29:55.0985 0x0efc  NDProxy - ok
18:29:56.0001 0x0efc  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:29:56.0001 0x0efc  NetBIOS - ok
18:29:56.0016 0x0efc  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:29:56.0016 0x0efc  NetBT - ok
18:29:56.0048 0x0efc  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
18:29:56.0048 0x0efc  NetDDE - ok
18:29:56.0048 0x0efc  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
18:29:56.0063 0x0efc  NetDDEdsdm - ok
18:29:56.0063 0x0efc  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:29:56.0079 0x0efc  Netlogon - ok
18:29:56.0079 0x0efc  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
18:29:56.0094 0x0efc  Netman - ok
18:29:56.0110 0x0efc  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:29:56.0126 0x0efc  NetTcpPortSharing - ok
18:29:56.0141 0x0efc  [ 1BF9D6476061B31CD7FC2BF848529A56 ] NIS             C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
18:29:56.0141 0x0efc  NIS - ok
18:29:56.0173 0x0efc  [ B4138E99236F0F57D4CF49BAE98A0746 ] Nla             C:\WINDOWS\System32\mswsock.dll
18:29:56.0173 0x0efc  Nla - ok
18:29:56.0188 0x0efc  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:29:56.0188 0x0efc  Npfs - ok
18:29:56.0204 0x0efc  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:29:56.0204 0x0efc  Ntfs - ok
18:29:56.0219 0x0efc  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
18:29:56.0219 0x0efc  NtLmSsp - ok
18:29:56.0251 0x0efc  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
18:29:56.0251 0x0efc  NtmsSvc - ok
18:29:56.0266 0x0efc  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:29:56.0266 0x0efc  Null - ok
18:29:56.0298 0x0efc  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:29:56.0298 0x0efc  NwlnkFlt - ok
18:29:56.0313 0x0efc  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:29:56.0313 0x0efc  NwlnkFwd - ok
18:29:56.0329 0x0efc  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
18:29:56.0329 0x0efc  Parport - ok
18:29:56.0329 0x0efc  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
18:29:56.0344 0x0efc  PartMgr - ok
18:29:56.0360 0x0efc  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
18:29:56.0360 0x0efc  ParVdm - ok
18:29:56.0376 0x0efc  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
18:29:56.0376 0x0efc  PCI - ok
18:29:56.0376 0x0efc  PCIDump - ok
18:29:56.0391 0x0efc  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
18:29:56.0391 0x0efc  PCIIde - ok
18:29:56.0407 0x0efc  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
18:29:56.0407 0x0efc  Pcmcia - ok
18:29:56.0423 0x0efc  PDCOMP - ok
18:29:56.0423 0x0efc  PDFRAME - ok
18:29:56.0438 0x0efc  PDRELI - ok
18:29:56.0438 0x0efc  PDRFRAME - ok
18:29:56.0438 0x0efc  perc2 - ok
18:29:56.0454 0x0efc  perc2hib - ok
18:29:56.0469 0x0efc  [ 0E776ED5F7CC9F94299E70461B7B8185 ] PlugPlay        C:\WINDOWS\system32\services.exe
18:29:56.0485 0x0efc  PlugPlay - ok
18:29:56.0485 0x0efc  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
18:29:56.0485 0x0efc  PolicyAgent - ok
18:29:56.0501 0x0efc  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:29:56.0501 0x0efc  PptpMiniport - ok
18:29:56.0501 0x0efc  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:29:56.0501 0x0efc  ProtectedStorage - ok
18:29:56.0516 0x0efc  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
18:29:56.0516 0x0efc  PSched - ok
18:29:56.0532 0x0efc  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:29:56.0532 0x0efc  Ptilink - ok
18:29:56.0532 0x0efc  ql1080 - ok
18:29:56.0548 0x0efc  Ql10wnt - ok
18:29:56.0548 0x0efc  ql12160 - ok
18:29:56.0548 0x0efc  ql1240 - ok
18:29:56.0563 0x0efc  ql1280 - ok
18:29:56.0563 0x0efc  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:29:56.0579 0x0efc  RasAcd - ok
18:29:56.0594 0x0efc  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:29:56.0594 0x0efc  RasAuto - ok
18:29:56.0594 0x0efc  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:29:56.0594 0x0efc  Rasl2tp - ok
18:29:56.0626 0x0efc  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:29:56.0626 0x0efc  RasMan - ok
18:29:56.0641 0x0efc  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:29:56.0641 0x0efc  RasPppoe - ok
18:29:56.0641 0x0efc  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
18:29:56.0641 0x0efc  Raspti - ok
18:29:56.0657 0x0efc  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:29:56.0657 0x0efc  Rdbss - ok
18:29:56.0673 0x0efc  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:29:56.0673 0x0efc  RDPCDD - ok
18:29:56.0688 0x0efc  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:29:56.0688 0x0efc  rdpdr - ok
18:29:56.0719 0x0efc  [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
18:29:56.0719 0x0efc  RDPWD - ok
18:29:56.0735 0x0efc  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
18:29:56.0735 0x0efc  RDSessMgr - ok
18:29:56.0735 0x0efc  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
18:29:56.0735 0x0efc  redbook - ok
18:29:56.0766 0x0efc  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:29:56.0766 0x0efc  RemoteAccess - ok
18:29:56.0782 0x0efc  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:29:56.0782 0x0efc  RemoteRegistry - ok
18:29:56.0798 0x0efc  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:29:56.0798 0x0efc  RpcLocator - ok
18:29:56.0829 0x0efc  [ 2589FE6015A316C0F5D5112B4DA7B509 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:29:56.0829 0x0efc  RpcSs - ok
18:29:56.0860 0x0efc  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
18:29:56.0860 0x0efc  RSVP - ok
18:29:56.0876 0x0efc  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:29:56.0876 0x0efc  SamSs - ok
18:29:56.0891 0x0efc  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
18:29:56.0891 0x0efc  SCardSvr - ok
18:29:56.0907 0x0efc  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:29:56.0923 0x0efc  Schedule - ok
18:29:56.0923 0x0efc  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:29:56.0923 0x0efc  Secdrv - ok
18:29:56.0954 0x0efc  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
18:29:56.0954 0x0efc  seclogon - ok
18:29:56.0985 0x0efc  [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] senfilt         C:\WINDOWS\system32\drivers\senfilt.sys
18:29:56.0985 0x0efc  senfilt - ok
18:29:57.0016 0x0efc  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
18:29:57.0016 0x0efc  SENS - ok
18:29:57.0032 0x0efc  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
18:29:57.0032 0x0efc  serenum - ok
18:29:57.0032 0x0efc  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
18:29:57.0032 0x0efc  Serial - ok
18:29:57.0063 0x0efc  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
18:29:57.0063 0x0efc  Sfloppy - ok
18:29:57.0094 0x0efc  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:29:57.0094 0x0efc  SharedAccess - ok
18:29:57.0110 0x0efc  [ 1926899BF9FFE2602B63074971700412 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:29:57.0110 0x0efc  ShellHWDetection - ok
18:29:57.0126 0x0efc  Simbad - ok
18:29:57.0157 0x0efc  [ C6D9959E493682F872A639B6EC1B4A08 ] smwdm           C:\WINDOWS\system32\drivers\smwdm.sys
18:29:57.0157 0x0efc  smwdm - ok
18:29:57.0157 0x0efc  Sparrow - ok
18:29:57.0173 0x0efc  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
18:29:57.0173 0x0efc  splitter - ok
18:29:57.0188 0x0efc  [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B ] Spooler         C:\WINDOWS\system32\spoolsv.exe
18:29:57.0188 0x0efc  Spooler - ok
18:29:57.0204 0x0efc  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
18:29:57.0204 0x0efc  sr - ok
18:29:57.0219 0x0efc  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
18:29:57.0235 0x0efc  srservice - ok
18:29:57.0251 0x0efc  [ C743E384E9EFCA10B41C60D406DE39C0 ] SRTSP           C:\WINDOWS\system32\drivers\NIS\1404000.028\SRTSP.SYS
18:29:57.0266 0x0efc  SRTSP - ok
18:29:57.0282 0x0efc  [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX          C:\WINDOWS\system32\drivers\NIS\1404000.028\SRTSPX.SYS
18:29:57.0282 0x0efc  SRTSPX - ok
18:29:57.0298 0x0efc  [ 5252605079810904E31C332E241CD59B ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:29:57.0298 0x0efc  Srv - ok
18:29:57.0313 0x0efc  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:29:57.0313 0x0efc  SSDPSRV - ok
18:29:57.0329 0x0efc  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
18:29:57.0329 0x0efc  stisvc - ok
18:29:57.0360 0x0efc  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
18:29:57.0360 0x0efc  swenum - ok
18:29:57.0376 0x0efc  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
18:29:57.0376 0x0efc  swmidi - ok
18:29:57.0376 0x0efc  SwPrv - ok
18:29:57.0391 0x0efc  symc810 - ok
18:29:57.0391 0x0efc  symc8xx - ok
18:29:57.0407 0x0efc  [ 5A193E5E0F0A776430E5D62A051C1E16 ] SymDS           C:\WINDOWS\system32\drivers\NIS\1404000.028\SYMDS.SYS
18:29:57.0407 0x0efc  SymDS - ok
18:29:57.0438 0x0efc  [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA          C:\WINDOWS\system32\drivers\NIS\1404000.028\SYMEFA.SYS
18:29:57.0438 0x0efc  SymEFA - ok
18:29:57.0454 0x0efc  [ F50D81D3E0C7A353F205562B89CD06D6 ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
18:29:57.0454 0x0efc  SymEvent - ok
18:29:57.0469 0x0efc  [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON         C:\WINDOWS\system32\drivers\NIS\1404000.028\Ironx86.SYS
18:29:57.0469 0x0efc  SymIRON - ok
18:29:57.0485 0x0efc  [ E9C316262C48BF299E02FC8B1CE2B925 ] SYMTDI          C:\WINDOWS\system32\drivers\NIS\1404000.028\SYMTDI.SYS
18:29:57.0501 0x0efc  SYMTDI - ok
18:29:57.0501 0x0efc  sym_hi - ok
18:29:57.0501 0x0efc  sym_u3 - ok
18:29:57.0532 0x0efc  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
18:29:57.0532 0x0efc  sysaudio - ok
18:29:57.0563 0x0efc  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
18:29:57.0563 0x0efc  SysmonLog - ok
18:29:57.0594 0x0efc  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:29:57.0594 0x0efc  TapiSrv - ok
18:29:57.0610 0x0efc  [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:29:57.0610 0x0efc  Tcpip - ok
18:29:57.0641 0x0efc  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
18:29:57.0641 0x0efc  TDPIPE - ok
18:29:57.0641 0x0efc  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
18:29:57.0641 0x0efc  TDTCP - ok
18:29:57.0657 0x0efc  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
18:29:57.0657 0x0efc  TermDD - ok
18:29:57.0673 0x0efc  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
18:29:57.0673 0x0efc  TermService - ok
18:29:57.0688 0x0efc  [ 1926899BF9FFE2602B63074971700412 ] Themes          C:\WINDOWS\System32\shsvcs.dll
18:29:57.0688 0x0efc  Themes - ok
18:29:57.0719 0x0efc  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
18:29:57.0719 0x0efc  TlntSvr - ok
18:29:57.0719 0x0efc  TosIde - ok
18:29:57.0735 0x0efc  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
18:29:57.0735 0x0efc  TrkWks - ok
18:29:57.0766 0x0efc  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
18:29:57.0766 0x0efc  Udfs - ok
18:29:57.0766 0x0efc  ultra - ok
18:29:57.0782 0x0efc  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
18:29:57.0782 0x0efc  Update - ok
18:29:57.0813 0x0efc  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:29:57.0813 0x0efc  upnphost - ok
18:29:57.0829 0x0efc  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
18:29:57.0829 0x0efc  UPS - ok
18:29:57.0844 0x0efc  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
18:29:57.0844 0x0efc  USBAAPL - ok
18:29:57.0860 0x0efc  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:29:57.0860 0x0efc  usbccgp - ok
18:29:57.0876 0x0efc  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:29:57.0876 0x0efc  usbehci - ok
18:29:57.0891 0x0efc  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:29:57.0891 0x0efc  usbhub - ok
18:29:57.0907 0x0efc  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:29:57.0907 0x0efc  usbscan - ok
18:29:57.0923 0x0efc  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:29:57.0923 0x0efc  USBSTOR - ok
18:29:57.0938 0x0efc  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:29:57.0938 0x0efc  usbuhci - ok
18:29:57.0954 0x0efc  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
18:29:57.0954 0x0efc  VgaSave - ok
18:29:57.0954 0x0efc  ViaIde - ok
18:29:57.0969 0x0efc  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
18:29:57.0969 0x0efc  VolSnap - ok
18:29:58.0001 0x0efc  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
18:29:58.0001 0x0efc  VSS - ok
18:29:58.0048 0x0efc  [ 2F208AD0E44992E5FF1CB7C6B699C263 ] vToolbarUpdater15.4.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe
18:29:58.0063 0x0efc  vToolbarUpdater15.4.0 - ok
18:29:58.0079 0x0efc  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
18:29:58.0079 0x0efc  W32Time - ok
18:29:58.0094 0x0efc  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:29:58.0094 0x0efc  Wanarp - ok
18:29:58.0110 0x0efc  WDICA - ok
18:29:58.0126 0x0efc  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
18:29:58.0126 0x0efc  wdmaud - ok
18:29:58.0141 0x0efc  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:29:58.0141 0x0efc  WebClient - ok
18:29:58.0188 0x0efc  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:29:58.0188 0x0efc  winmgmt - ok
18:29:58.0219 0x0efc  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
18:29:58.0219 0x0efc  WmdmPmSN - ok
18:29:58.0235 0x0efc  [ BAB489A5FE26F2D0C910CF7AF7E4CF92 ] Wmi             C:\WINDOWS\System32\advapi32.dll
18:29:58.0251 0x0efc  Wmi - ok
18:29:58.0266 0x0efc  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:29:58.0266 0x0efc  WmiApSrv - ok
18:29:58.0298 0x0efc  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
18:29:58.0298 0x0efc  WMPNetworkSvc - ok
18:29:58.0344 0x0efc  [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:29:58.0344 0x0efc  WPFFontCache_v0400 - ok
18:29:58.0376 0x0efc  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
18:29:58.0376 0x0efc  wscsvc - ok
18:29:58.0391 0x0efc  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
18:29:58.0391 0x0efc  wuauserv - ok
18:29:58.0407 0x0efc  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:29:58.0407 0x0efc  WudfPf - ok
18:29:58.0423 0x0efc  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:29:58.0423 0x0efc  WudfRd - ok
18:29:58.0423 0x0efc  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
18:29:58.0438 0x0efc  WudfSvc - ok
18:29:58.0454 0x0efc  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
18:29:58.0454 0x0efc  WZCSVC - ok
18:29:58.0485 0x0efc  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
18:29:58.0485 0x0efc  xmlprov - ok
18:29:58.0501 0x0efc  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
18:29:58.0516 0x0efc  YahooAUService - ok
18:29:58.0516 0x0efc  ================ Scan global ===============================
18:29:58.0532 0x0efc  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
18:29:58.0548 0x0efc  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
18:29:58.0563 0x0efc  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
18:29:58.0579 0x0efc  [ 0E776ED5F7CC9F94299E70461B7B8185 ] C:\WINDOWS\system32\services.exe
18:29:58.0579 0x0efc  [Global] - ok
18:29:58.0579 0x0efc  ================ Scan MBR ==================================
18:29:58.0594 0x0efc  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
18:29:58.0735 0x0efc  \Device\Harddisk0\DR0 - ok
18:29:58.0735 0x0efc  ================ Scan VBR ==================================
18:29:58.0735 0x0efc  [ AF3157BA8B2453006A0FBFD87F061EC0 ] \Device\Harddisk0\DR0\Partition1
18:29:58.0735 0x0efc  \Device\Harddisk0\DR0\Partition1 - ok
18:29:58.0735 0x0efc  ============================================================
18:29:58.0735 0x0efc  Scan finished
18:29:58.0735 0x0efc  ============================================================
18:29:58.0751 0x0bf8  Detected object count: 0
18:29:58.0751 0x0bf8  Actual detected object count: 0
18:33:07.0049 0x0380  Deinitialize success
 



#5 goclagoc

goclagoc
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:51 PM

Posted 20 August 2013 - 12:15 AM

here's the report from AdwCleaner

# AdwCleaner v2.306 - Logfile created 08/19/2013 at 18:33:25
# Updated 19/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : user - 3NDGW71
# Boot Mode : Normal
# Running from : C:\Documents and Settings\user\My Documents\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search

***** [Registry] *****

Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

[OK] Registry is clean.

-\\ Mozilla Firefox v23.0.1 (en-US)

File : C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\1azazu05.default\prefs.js

C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\1azazu05.default\user.js ... Deleted !

Deleted : user_pref("yahoo.ytff.toolbar.orignaldefaultenginename", "AVG Secure Search");
Deleted : user_pref("yahoo.ytff.toolbar.orignalselectedEngine", "AVG Secure Search");

*************************

AdwCleaner[S1].txt - [4927 octets] - [19/08/2013 18:33:25]

########## EOF - C:\AdwCleaner[S1].txt - [4987 octets] ##########
 



#6 goclagoc

goclagoc
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:51 PM

Posted 20 August 2013 - 12:50 AM

esets found nothing



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:51 PM

Posted 22 August 2013 - 10:40 AM

Sorry, I almost lost this topic.

What was relling you that you had an FLV virus and is it still?

In Control Panel, Uninstall... Java 7 Update 17 (Version: 7.0.170)

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 goclagoc

goclagoc
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:51 PM

Posted 22 August 2013 - 10:24 PM

every time i open a new page, i get another page telling me i have to download FLV player... PU blocker has no effect

i'm reading this at work now and will have to try it when i get home.

thanks



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:51 PM

Posted 22 August 2013 - 10:29 PM

Hmm, lets get a deeper look and see where this is hidden.

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 goclagoc

goclagoc
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:51 PM

Posted 23 August 2013 - 09:49 AM

i ran the old timer's program and the thing is still there.  i did a screen capture of what get when i change pages.  it's not always the same thing, but it's always some video player.

 

flv_zpscff3bf2c.jpg


Edited by goclagoc, 23 August 2013 - 09:51 AM.


#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:51 PM

Posted 23 August 2013 - 12:45 PM

Yep, stat the new topic, named cant remove FLV.
Run the DDS log in the GUIDE above.
Include this link back here

http://www.bleepingcomputer.com/forums/t/504889/flv-virus/#entry3134408
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users