Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I am trying to help 75 y.o. neighbor w/laptop has Conduit re-direct


  • Please log in to reply
12 replies to this topic

#1 zapfast

zapfast

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 06 September 2013 - 08:16 AM

Hi,
Laptop Info: Toshiba C655 3MB RAM Vista OS.
 
Windows Vista Home Premium
Service Pack 2
AMD E-240 Proc. 1.5 Ghz
3 Gig RAM
32 bit OS
 
the story: about 5 years ago I spent quite a bit of time helping my neighbor with his computer. I got him off the AOL browser ( or so I thought) by making him a webpage with his precious exported AOL bookmarks. I also convinced him to stop paying for AOL since he had Cable internet and does not need to pay for AOL mail ( which he will not leave because it has been his biz. email for years ) -that's the History.
Today he brought me his laptop, because it is running slow. First thing i do is get task manager up --it's running 100% CPU --then the task manager tabs disappear - which I know means virus/malware is likely.
I noticed a remote access software (VZAccess) that he said is part of a $200 tech support package that he bought -- he said that they told him he needs a new cable modem --FALSE --since his daughters laptop works just fine on the connection. He then tells me has used the AOL browser despite all my warnings -- I drop some well deserved WTF's on him and he leaves laptop with me.
So Checking it out I see he has PC mightyMax 2012 and My Faster PC installed- both of them are apparently malware, probably installed by clicking a bleepty AOL advertisement. ( I will put WOT and adBlock on this before I am done) I have yet to find out from him if these programs are associated with the $200 he shelled out. Also Norton Start up utility shows me that he also has the Conduit re-direct Virus.
So, In addition he has Norton's Antivirus ( currently running a scan so I can't ID the version) In my experience Norton's has always been a worthless Kluge Fest computer Molassifier POS software. The wiki page for it says the latest builds over the past few years have become much more agile and lightweight.
 
What I have done so far:
Thursday
 
1- Noticed that ( at least) two malware programs have been installed by the user:

    "PC MightyMax 2012" and "My faster PC"
 
2 - run Norton scan -- several hours --unable to finish. Unable to view log

2.5 -    Nortons startup manager shows conduit redirect infection
 
 
Friday
3 - run rkill in safe mode [8 AM] (DL from bleeping computer --moved to laptop via jumpdrive)
      rkill found no malware issues under the first several categories
      rkill found Event System not running --set to run
            found Security Center not running--set to run
            found Windows update not running -- set to run   
   

4 - uninstalled Conduit through control panel.
5 - Noticed Productivity 3.1 B2 toolbar (installed 9/3/2013)-- more Conduit Malware!
    http://forum.kaspersky.com/lofiversion/index.php/t228835.html
6 - Uninstall Productivity 3.1 B2 toolbar through control panel
     -- displays IE window
7- Backup Tbud user folder and old pictures from desktop to my brand new unused external drive.[now drive is suspect for infection]
8 -run PC mighty max uninstaller ( spawns firefox)
9-  attempt to update Nortons - No Go-- run Nortons full scan in safe mode [start 8:40]
 
     Nortons currently running with 3 security issues detected and resolved
 
I plan on purchasing and installing Malware bytes for my neighbor.
 
Any Help resolving this would be appreciated

 

~~~~~~~~~~~~

Update --The Nortons finished the scan and told me that it cleaned 3 cookies ( low threat)

Then since posting I have run the DDS tool as per the instructions found here: http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

I have the two text logs that generated

 

I also downloaded the bleeping computer DL of malware bytes and ran that and it found no malicious items. BUT I did not conect to the network to update it so the def.s are a50 days old or so. I don't want to log on where I am now because I am at work -- working on this on the side during breaks ... to log on I would need to enter the same credentials that allow me to change my direct deposit and other things that I don't want to risk comprimising.  I'll be home later and can log on to my home wireless network and update the malware bytes.

 

I also have combo fix on the laptop ready to try if advised to do so.

 

Thanks to all who have looked and to the kind person who moved this post to the appropriate spot.

 

 
 


Edited by zapfast, 06 September 2013 - 12:28 PM.
moved from Vista to the appropriate forum


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:56 AM

Posted 06 September 2013 - 11:02 AM

Please uninstall the 2 apps in your Item 1.


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • >>>
  • Last run ESET.
    • Hold down Control and click on this link to open ESET OnlineScan in a new window.
    • Click the esetonlinebtn.png button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.
    • Under scan settings, check "Scan Archives" and "Remove found threats"
    • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Click the Back button.
    • Click the Finish button.
    • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 zapfast

zapfast
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 06 September 2013 - 12:37 PM

Thanks Boopme for the detailed course of action to proceed with.

I have downlaoded the tools to my jump drive and will transfer them to the laptop and run them as you describe.

 

I will be proceeding in Safe Mode at this point. Is that correct?

 

Again thanks for the detailed instructions -- I will post again in several hours once I complete them.



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:56 AM

Posted 06 September 2013 - 12:50 PM

You're welcome, that will be fine.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 zapfast

zapfast
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 06 September 2013 - 01:29 PM

OK --I have run Minitoolbox, TDSSkiller, Junkware removal tool and AdwareCleaner and I will post the texts below:

 

I can not run the online scan now as I do not have internet access here at work because I am hesitant to log on with my credential to the institutes wireless network as they are the same to get into all my payroll and direct deposit stuff.

So I will need to wait until after 4 PM or so ( South Jersey Time) when I will be home and able to log onto my home wireless.

 

here are the logs: I will replace Tom's last name with Thumb for privacy on these logs:

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Tom Thumb (administrator) on 06-09-2013 at 13:40:58
Running from "F:\tBud"
MicrosoftÆ Windows Vistaô Home Premium  Service Pack 2 (X86)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1             localhost

127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : TomThumb-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : 1C-65-9D-EB-73-44
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{AE0AB850-629A-4979-B66B-18B969A69695}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  127.0.0.1

Ping request could not find host google.com. Please check the name and try again.Server:  UnKnown
Address:  127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.Pinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
 12 ...1c 65 9d eb 73 44 ...... Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
  1 ........................... Software Loopback Interface 1
 14 ...00 00 00 00 00 00 00 e0  isatap.{AE0AB850-629A-4979-B66B-18B969A69695}
 11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/06/2013 07:59:44 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/05/2013 05:02:08 PM) (Source: Application Error) (User: )
Description: Faulting application VZAccess Manager.exe, version 7.3.12.1, time stamp 0x4cc1e753, faulting module ntdll.dll, version 6.0.6002.18881, time stamp 0x51da3e27, exception code 0xc0000005, fault offset 0x0003952f,
process id 0xac0, application start time 0xVZAccess Manager.exe0.

Error: (09/05/2013 04:50:48 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\TOM Thumb\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\W17B0E3T.DEFAULT\CACHE\9> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (09/05/2013 04:50:36 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\TOM Thumb\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\W17B0E3T.DEFAULT\CACHE\8> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (09/05/2013 04:50:36 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\TOM Thumb\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\W17B0E3T.DEFAULT\CACHE\8> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (09/05/2013 04:50:29 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\TOM Thumb\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\W17B0E3T.DEFAULT\CACHE\7> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (09/05/2013 04:50:29 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\TOM Thumb\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\W17B0E3T.DEFAULT\CACHE\7> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (09/05/2013 04:50:21 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\TOM Thumb\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\W17B0E3T.DEFAULT\CACHE\6> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (09/05/2013 04:50:21 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\TOM Thumb\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\W17B0E3T.DEFAULT\CACHE\6> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (09/05/2013 04:50:14 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\TOM Thumb\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\W17B0E3T.DEFAULT\CACHE\5> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)


System errors:
=============
Error: (09/06/2013 08:20:52 AM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (09/06/2013 08:15:51 AM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (09/06/2013 08:09:44 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.157.1127.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.2.0223.00

    Source Path: 4.2.0223.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (09/06/2013 08:09:43 AM) (Source: DCOM) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (09/06/2013 07:59:56 AM) (Source: Service Control Manager) (User: )
Description: BHDrvx86
ccSet_N360
eeCtrl
IDSVix86
MpFilter
spldr
SRTSPX
SymIRON
SYMTDIv
Wanarpv6

Error: (09/06/2013 07:59:56 AM) (Source: Service Control Manager) (User: )
Description: Computer BrowserServer%%1068

Error: (09/06/2013 07:59:45 AM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (09/06/2013 07:59:44 AM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (09/06/2013 07:59:36 AM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (09/06/2013 07:59:21 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:56:46 AM on 9/6/2013 was unexpected.


Microsoft Office Sessions:
=========================
Error: (09/06/2013 07:59:44 AM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/05/2013 05:02:08 PM) (Source: Application Error)(User: )
Description: VZAccess Manager.exe7.3.12.14cc1e753ntdll.dll6.0.6002.1888151da3e27c00000050003952fac001ceaa7b188ab930

Error: (09/05/2013 04:50:48 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\TOM Thumb\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\W17B0E3T.DEFAULT\CACHE\9

Error: (09/05/2013 04:50:36 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\TOM Thumb\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\W17B0E3T.DEFAULT\CACHE\8

Error: (09/05/2013 04:50:36 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\TOM Thumb\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\W17B0E3T.DEFAULT\CACHE\8

Error: (09/05/2013 04:50:29 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\TOM Thumb\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\W17B0E3T.DEFAULT\CACHE\7

Error: (09/05/2013 04:50:29 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\TOM Thumb\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\W17B0E3T.DEFAULT\CACHE\7

Error: (09/05/2013 04:50:21 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\TOM Thumb\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\W17B0E3T.DEFAULT\CACHE\6

Error: (09/05/2013 04:50:21 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\TOM Thumb\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\W17B0E3T.DEFAULT\CACHE\6

Error: (09/05/2013 04:50:14 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\TOM Thumb\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\W17B0E3T.DEFAULT\CACHE\5


CodeIntegrity Errors:
===================================
  Date: 2013-09-06 11:20:00.893
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-06 11:20:00.549
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-06 11:20:00.222
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-06 11:19:59.879
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-06 11:19:59.551
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-06 11:19:59.208
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-06 11:19:57.086
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-06 11:19:56.759
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-06 11:19:56.415
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-06 11:19:56.088
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Reader X (10.1.7) (Version: 10.1.7)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Canon Easy-PhotoPrint EX
Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data
Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data
Canon Easy-WebPrint EX
Canon MG8100 series MP Drivers
Canon MG8100 series User Registration
Canon MP Navigator EX 4.0
Canon My Printer
Canon Solution Menu EX
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
DictionaryBoss Toolbar
Elevated Installer (Version: 2.1.13)
FromDocToPDF Firefox Toolbar
Garmin Communicator Plugin (Version: 4.0.4)
Garmin Express (Version: 2.1.13)
Garmin Express Tray (Version: 2.1.13)
Garmin Update Service (Version: 2.1.13)
Garmin USB Drivers (Version: 2.3.1.0)
Google Chrome (Version: 29.0.1547.62)
Google Update Helper (Version: 1.3.21.153)
Installl Converter A Toolbar (Version: 6.15.0.27)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Mozilla Firefox 19.0.2 (x86 en-US) (Version: 19.0.2)
Mozilla Maintenance Service (Version: 19.0.2)
NETGEAR WNA3100 wireless USB 2.0 adapter (Version: 1.01.206)
Norton Security Suite (Version: 20.4.0.40)
TOSHIBA Supervisor Password (Version: 2.00.03PLV)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
VZAccess Manager (Version: 7.3.12.1)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
ZTE USB Drivers (Version: 1.0.010)

========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 2662.13 MB
Available physical RAM: 1821.47 MB
Total Pagefile: 5568.85 MB
Available Pagefile: 4910.49 MB
Total Virtual: 2047.88 MB
Available Virtual: 1959.23 MB

========================= Partitions: =====================================

1 Drive c: (TI106046W0D) (Fixed) (Total:286.11 GB) (Free:220.02 GB) NTFS
4 Drive f: (Cruzer) (Removable) (Total:14.92 GB) (Free:1.83 GB) FAT32
5 Drive g: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\TOMThumb-PC

Administrator            Guest                    Tom Thumb              


**** End of log ****
 

 

 

 

13:42:30.0707 0x0694  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
13:42:30.0738 0x0694  ============================================================
13:42:30.0738 0x0694  Current date / time: 2013/09/06 13:42:30.0738
13:42:30.0738 0x0694  SystemInfo:
13:42:30.0738 0x0694  
13:42:30.0738 0x0694  OS Version: 6.0.6002 ServicePack: 2.0
13:42:30.0738 0x0694  Product type: Workstation
13:42:30.0738 0x0694  ComputerName: TOMThumb-PC
13:42:30.0738 0x0694  UserName: Tom Thumb
13:42:30.0738 0x0694  Windows directory: C:\Windows
13:42:30.0738 0x0694  System windows directory: C:\Windows
13:42:30.0738 0x0694  Processor architecture: Intel x86
13:42:30.0738 0x0694  Number of processors: 1
13:42:30.0738 0x0694  Page size: 0x1000
13:42:30.0738 0x0694  Boot type: Safe boot with network
13:42:30.0738 0x0694  ============================================================
13:42:32.0220 0x0694  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:42:32.0235 0x0694  Drive \Device\Harddisk2\DR10 - Size: 0x3BB3FFE00 (14.93 Gb), SectorSize: 0x200, Cylinders: 0x79C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:42:32.0235 0x0694  ============================================================
13:42:32.0235 0x0694  \Device\Harddisk0\DR0:
13:42:32.0235 0x0694  MBR partitions:
13:42:32.0235 0x0694  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23C37000
13:42:32.0235 0x0694  \Device\Harddisk2\DR10:
13:42:32.0251 0x0694  MBR partitions:
13:42:32.0251 0x0694  \Device\Harddisk2\DR10\Partition1: MBR, Type 0xC, StartLBA 0x34, BlocksNum 0x1DD5A92
13:42:32.0251 0x0694  ============================================================
13:42:32.0282 0x0694  C: <-> \Device\Harddisk0\DR0\Partition1
13:42:32.0282 0x0694  ============================================================
13:42:32.0282 0x0694  Initialize success
13:42:32.0282 0x0694  ============================================================
13:43:37.0131 0x0720  ============================================================
13:43:37.0131 0x0720  Scan started
13:43:37.0131 0x0720  Mode: Manual;
13:43:37.0131 0x0720  ============================================================
13:43:37.0443 0x0720  ================ Scan system memory ========================
13:43:37.0443 0x0720  System memory - ok
13:43:37.0443 0x0720  ================ Scan services =============================
13:43:37.0740 0x0720  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
13:43:37.0740 0x0720  ACPI - ok
13:43:37.0927 0x0720  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:43:37.0927 0x0720  AdobeARMservice - ok
13:43:38.0067 0x0720  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:43:38.0067 0x0720  AdobeFlashPlayerUpdateSvc - ok
13:43:38.0145 0x0720  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:43:38.0161 0x0720  adp94xx - ok
13:43:38.0208 0x0720  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:43:38.0223 0x0720  adpahci - ok
13:43:38.0270 0x0720  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
13:43:38.0270 0x0720  adpu160m - ok
13:43:38.0333 0x0720  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:43:38.0333 0x0720  adpu320 - ok
13:43:38.0411 0x0720  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:43:38.0411 0x0720  AeLookupSvc - ok
13:43:38.0504 0x0720  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
13:43:38.0520 0x0720  AFD - ok
13:43:38.0582 0x0720  [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:43:38.0582 0x0720  agp440 - ok
13:43:38.0645 0x0720  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
13:43:38.0660 0x0720  aic78xx - ok
13:43:38.0707 0x0720  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
13:43:38.0707 0x0720  ALG - ok
13:43:38.0754 0x0720  [ 90395B64600EBB4552E26E178C94B2E4 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:43:38.0754 0x0720  aliide - ok
13:43:38.0879 0x0720  [ EBCCBCBF1DF132E4775E5D6E6DEA3ED0 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:43:38.0879 0x0720  AMD External Events Utility - ok
13:43:38.0941 0x0720  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
13:43:38.0941 0x0720  amdagp - ok
13:43:38.0972 0x0720  [ 0577DF1D323FE75A739C787893D300EA ] amdide          C:\Windows\system32\drivers\amdide.sys
13:43:38.0972 0x0720  amdide - ok
13:43:39.0035 0x0720  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
13:43:39.0035 0x0720  AmdK7 - ok
13:43:39.0081 0x0720  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:43:39.0081 0x0720  AmdK8 - ok
13:43:39.0347 0x0720  [ F89643A2CA001B1162061E306F8BF267 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:43:39.0440 0x0720  amdkmdag - ok
13:43:39.0518 0x0720  [ FB68E1B9CEC598F0F69503F3AEBB45DD ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
13:43:39.0518 0x0720  amdkmdap - ok
13:43:39.0565 0x0720  AntiLog32 - ok
13:43:39.0643 0x0720  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
13:43:39.0643 0x0720  Appinfo - ok
13:43:39.0768 0x0720  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:43:39.0768 0x0720  Apple Mobile Device - ok
13:43:39.0846 0x0720  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
13:43:39.0846 0x0720  arc - ok
13:43:39.0893 0x0720  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:43:39.0893 0x0720  arcsas - ok
13:43:40.0017 0x0720  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:43:40.0017 0x0720  AsyncMac - ok
13:43:40.0080 0x0720  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:43:40.0080 0x0720  atapi - ok
13:43:40.0173 0x0720  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:43:40.0173 0x0720  AudioEndpointBuilder - ok
13:43:40.0220 0x0720  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
13:43:40.0220 0x0720  Audiosrv - ok
13:43:40.0345 0x0720  [ 601259276B934F0C938BFF4F558C5691 ] BCMH43XX        C:\Windows\system32\DRIVERS\bcmwlhigh6.sys
13:43:40.0345 0x0720  BCMH43XX - ok
13:43:40.0439 0x0720  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:43:40.0439 0x0720  Beep - ok
13:43:40.0517 0x0720  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
13:43:40.0532 0x0720  BFE - ok
13:43:40.0735 0x0720  [ 6C6AC7CA8A034C15C52B35189BAD58EE ] BHDrvx86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx86.sys
13:43:40.0735 0x0720  BHDrvx86 - ok
13:43:40.0844 0x0720  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
13:43:40.0860 0x0720  BITS - ok
13:43:40.0875 0x0720  blbdrive - ok
13:43:40.0938 0x0720  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:43:40.0953 0x0720  bowser - ok
13:43:41.0016 0x0720  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
13:43:41.0016 0x0720  BrFiltLo - ok
13:43:41.0063 0x0720  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
13:43:41.0063 0x0720  BrFiltUp - ok
13:43:41.0156 0x0720  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
13:43:41.0156 0x0720  Browser - ok
13:43:41.0219 0x0720  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
13:43:41.0219 0x0720  Brserid - ok
13:43:41.0250 0x0720  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
13:43:41.0250 0x0720  BrSerWdm - ok
13:43:41.0312 0x0720  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
13:43:41.0312 0x0720  BrUsbMdm - ok
13:43:41.0359 0x0720  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
13:43:41.0359 0x0720  BrUsbSer - ok
13:43:41.0421 0x0720  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:43:41.0421 0x0720  BTHMODEM - ok
13:43:41.0499 0x0720  [ 3BEE52611F22C9C0023A98A4425E084F ] ccSet_N360      C:\Windows\system32\drivers\N360\1404000.028\ccSetx86.sys
13:43:41.0499 0x0720  ccSet_N360 - ok
13:43:41.0593 0x0720  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:43:41.0593 0x0720  cdfs - ok
13:43:41.0671 0x0720  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:43:41.0671 0x0720  cdrom - ok
13:43:41.0749 0x0720  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:43:41.0749 0x0720  CertPropSvc - ok
13:43:41.0843 0x0720  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:43:41.0843 0x0720  circlass - ok
13:43:41.0874 0x0720  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
13:43:41.0874 0x0720  CLFS - ok
13:43:41.0983 0x0720  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:43:41.0983 0x0720  clr_optimization_v2.0.50727_32 - ok
13:43:42.0108 0x0720  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:43:42.0108 0x0720  clr_optimization_v4.0.30319_32 - ok
13:43:42.0217 0x0720  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:43:42.0217 0x0720  CmBatt - ok
13:43:42.0279 0x0720  [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:43:42.0279 0x0720  cmdide - ok
13:43:42.0295 0x0720  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:43:42.0295 0x0720  Compbatt - ok
13:43:42.0311 0x0720  COMSysApp - ok
13:43:42.0357 0x0720  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:43:42.0357 0x0720  crcdisk - ok
13:43:42.0404 0x0720  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
13:43:42.0404 0x0720  Crusoe - ok
13:43:42.0467 0x0720  [ 684C130BBC6DB681BAD4920A4C944AA5 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:43:42.0467 0x0720  CryptSvc - ok
13:43:42.0560 0x0720  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:43:42.0560 0x0720  DcomLaunch - ok
13:43:42.0654 0x0720  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:43:42.0654 0x0720  DfsC - ok
13:43:42.0794 0x0720  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
13:43:42.0810 0x0720  DFSR - ok
13:43:42.0903 0x0720  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
13:43:42.0903 0x0720  Dhcp - ok
13:43:42.0997 0x0720  [ 622FCF264119F7DF127BE353F796B319 ] DictionaryBossService C:\PROGRA~1\DICTIO~2\bar\1.bin\v4barsvc.exe
13:43:42.0997 0x0720  DictionaryBossService - ok
13:43:43.0091 0x0720  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
13:43:43.0091 0x0720  disk - ok
13:43:43.0137 0x0720  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:43:43.0153 0x0720  Dnscache - ok
13:43:43.0231 0x0720  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:43:43.0231 0x0720  dot3svc - ok
13:43:43.0340 0x0720  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
13:43:43.0340 0x0720  DPS - ok
13:43:43.0418 0x0720  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:43:43.0418 0x0720  drmkaud - ok
13:43:43.0543 0x0720  [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:43:43.0559 0x0720  DXGKrnl - ok
13:43:43.0621 0x0720  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
13:43:43.0637 0x0720  E1G60 - ok
13:43:43.0699 0x0720  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
13:43:43.0699 0x0720  EapHost - ok
13:43:43.0824 0x0720  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
13:43:43.0824 0x0720  Ecache - ok
13:43:43.0917 0x0720  [ E1E3804F7C59EA3E14637C2A763F65E2 ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
13:43:43.0917 0x0720  eeCtrl - ok
13:43:44.0042 0x0720  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:43:44.0042 0x0720  ehRecvr - ok
13:43:44.0105 0x0720  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
13:43:44.0120 0x0720  ehSched - ok
13:43:44.0167 0x0720  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
13:43:44.0167 0x0720  ehstart - ok
13:43:44.0261 0x0720  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:43:44.0276 0x0720  elxstor - ok
13:43:44.0339 0x0720  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
13:43:44.0370 0x0720  EMDMgmt - ok
13:43:44.0432 0x0720  [ 6D84DFC3B5C5052881BF50470D0C03D1 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:43:44.0432 0x0720  EraserUtilRebootDrv - ok
13:43:44.0541 0x0720  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
13:43:44.0541 0x0720  EventSystem - ok
13:43:44.0651 0x0720  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
13:43:44.0651 0x0720  exfat - ok
13:43:44.0713 0x0720  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:43:44.0713 0x0720  fastfat - ok
13:43:44.0775 0x0720  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:43:44.0775 0x0720  fdc - ok
13:43:44.0869 0x0720  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
13:43:44.0869 0x0720  fdPHost - ok
13:43:44.0916 0x0720  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:43:44.0916 0x0720  FDResPub - ok
13:43:44.0963 0x0720  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:43:44.0994 0x0720  FileInfo - ok
13:43:45.0072 0x0720  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:43:45.0072 0x0720  Filetrace - ok
13:43:45.0150 0x0720  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:43:45.0150 0x0720  flpydisk - ok
13:43:45.0259 0x0720  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:43:45.0259 0x0720  FltMgr - ok
13:43:45.0353 0x0720  [ 119ACA7CADCA75BEA6B38E999443BAA6 ] FontCache       C:\Windows\system32\FntCache.dll
13:43:45.0368 0x0720  FontCache - ok
13:43:45.0462 0x0720  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:43:45.0462 0x0720  FontCache3.0.0.0 - ok
13:43:45.0540 0x0720  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:43:45.0540 0x0720  Fs_Rec - ok
13:43:45.0633 0x0720  [ CBC22823628544735625B280665E434E ] FwLnk           C:\Windows\system32\DRIVERS\FwLnk.sys
13:43:45.0633 0x0720  FwLnk - ok
13:43:45.0711 0x0720  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:43:45.0711 0x0720  gagp30kx - ok
13:43:45.0821 0x0720  [ 2973B4EB7BE10A0D491B2037DCAAE88F ] Garmin Core Update Service C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
13:43:45.0821 0x0720  Garmin Core Update Service - ok
13:43:45.0930 0x0720  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:43:45.0945 0x0720  gpsvc - ok
13:43:46.0070 0x0720  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
13:43:46.0070 0x0720  gupdate - ok
13:43:46.0101 0x0720  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
13:43:46.0101 0x0720  gupdatem - ok
13:43:46.0179 0x0720  [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:43:46.0195 0x0720  HdAudAddService - ok
13:43:46.0226 0x0720  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:43:46.0242 0x0720  HDAudBus - ok
13:43:46.0289 0x0720  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:43:46.0289 0x0720  HidBth - ok
13:43:46.0351 0x0720  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:43:46.0351 0x0720  HidIr - ok
13:43:46.0429 0x0720  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
13:43:46.0429 0x0720  hidserv - ok
13:43:46.0491 0x0720  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:43:46.0491 0x0720  HidUsb - ok
13:43:46.0554 0x0720  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:43:46.0554 0x0720  hkmsvc - ok
13:43:46.0616 0x0720  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
13:43:46.0616 0x0720  HpCISSs - ok
13:43:46.0710 0x0720  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:43:46.0710 0x0720  HTTP - ok
13:43:46.0772 0x0720  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
13:43:46.0772 0x0720  i2omp - ok
13:43:46.0881 0x0720  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:43:46.0881 0x0720  i8042prt - ok
13:43:46.0944 0x0720  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
13:43:46.0944 0x0720  iaStorV - ok
13:43:47.0037 0x0720  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:43:47.0053 0x0720  idsvc - ok
13:43:47.0193 0x0720  [ 715941AC16A273F986733BA9A2536368 ] IDSVix86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130903.001\IDSvix86.sys
13:43:47.0193 0x0720  IDSVix86 - ok
13:43:47.0256 0x0720  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:43:47.0256 0x0720  iirsp - ok
13:43:47.0318 0x0720  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
13:43:47.0334 0x0720  IKEEXT - ok
13:43:47.0381 0x0720  [ 97469037714070E45194ED318D636401 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:43:47.0381 0x0720  intelide - ok
13:43:47.0412 0x0720  [ CE44CC04262F28216DD4341E9E36A16F ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:43:47.0412 0x0720  intelppm - ok
13:43:47.0505 0x0720  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:43:47.0505 0x0720  IPBusEnum - ok
13:43:47.0568 0x0720  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:43:47.0568 0x0720  IpFilterDriver - ok
13:43:47.0646 0x0720  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:43:47.0646 0x0720  iphlpsvc - ok
13:43:47.0661 0x0720  IpInIp - ok
13:43:47.0739 0x0720  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
13:43:47.0739 0x0720  IPMIDRV - ok
13:43:47.0817 0x0720  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
13:43:47.0817 0x0720  IPNAT - ok
13:43:47.0864 0x0720  [ E50A95179211B12946F7E035D60AF560 ] irda            C:\Windows\system32\DRIVERS\irda.sys
13:43:47.0880 0x0720  irda - ok
13:43:47.0958 0x0720  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:43:47.0958 0x0720  IRENUM - ok
13:43:48.0067 0x0720  [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon           C:\Windows\System32\irmon.dll
13:43:48.0067 0x0720  Irmon - ok
13:43:48.0161 0x0720  [ 5896B5FF6332AB2BE1582523E9656A67 ] irsir           C:\Windows\system32\DRIVERS\irsir.sys
13:43:48.0161 0x0720  irsir - ok
13:43:48.0223 0x0720  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:43:48.0223 0x0720  isapnp - ok
13:43:48.0285 0x0720  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
13:43:48.0285 0x0720  iScsiPrt - ok
13:43:48.0348 0x0720  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
13:43:48.0348 0x0720  iteatapi - ok
13:43:48.0410 0x0720  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
13:43:48.0410 0x0720  iteraid - ok
13:43:48.0504 0x0720  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:43:48.0504 0x0720  kbdclass - ok
13:43:48.0535 0x0720  [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
13:43:48.0566 0x0720  kbdhid - ok
13:43:48.0582 0x0720  keycrypt - ok
13:43:48.0644 0x0720  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
13:43:48.0644 0x0720  KeyIso - ok
13:43:48.0722 0x0720  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:43:48.0722 0x0720  KSecDD - ok
13:43:48.0847 0x0720  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:43:48.0847 0x0720  KtmRm - ok
13:43:48.0941 0x0720  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:43:48.0941 0x0720  LanmanServer - ok
13:43:49.0034 0x0720  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:43:49.0034 0x0720  LanmanWorkstation - ok
13:43:49.0128 0x0720  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:43:49.0128 0x0720  lltdio - ok
13:43:49.0190 0x0720  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:43:49.0190 0x0720  lltdsvc - ok
13:43:49.0221 0x0720  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:43:49.0221 0x0720  lmhosts - ok
13:43:49.0315 0x0720  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:43:49.0315 0x0720  LSI_FC - ok
13:43:49.0331 0x0720  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:43:49.0331 0x0720  LSI_SAS - ok
13:43:49.0409 0x0720  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:43:49.0409 0x0720  LSI_SCSI - ok
13:43:49.0471 0x0720  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
13:43:49.0471 0x0720  luafv - ok
13:43:49.0580 0x0720  [ 082EA07B461D1D184A82FDCB8B38A753 ] massfilter      C:\Windows\system32\drivers\massfilter.sys
13:43:49.0580 0x0720  massfilter - ok
13:43:49.0658 0x0720  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:43:49.0658 0x0720  MBAMProtector - ok
13:43:49.0752 0x0720  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:43:49.0752 0x0720  MBAMScheduler - ok
13:43:49.0814 0x0720  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:43:49.0830 0x0720  MBAMService - ok
13:43:49.0892 0x0720  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:43:49.0892 0x0720  Mcx2Svc - ok
13:43:50.0017 0x0720  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
13:43:50.0033 0x0720  MDM - ok
13:43:50.0095 0x0720  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
13:43:50.0095 0x0720  megasas - ok
13:43:50.0157 0x0720  [ 6708AD7D9ABDD6FDE1EB9B54FFE426B0 ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
13:43:50.0157 0x0720  mfeapfk - ok
13:43:50.0220 0x0720  [ 875452ECDF4AEBE12B8C2EFD8599A36F ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
13:43:50.0251 0x0720  mfehidk - ok
13:43:50.0329 0x0720  [ D66A1A16166897A5F7D04961F582F03B ] mfevtp          C:\Windows\system32\mfevtps.exe
13:43:50.0345 0x0720  mfevtp - ok
13:43:50.0391 0x0720  [ 28A9A52052006AC4B5EF1992C2984252 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
13:43:50.0391 0x0720  mfewfpk - ok
13:43:50.0454 0x0720  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
13:43:50.0454 0x0720  MMCSS - ok
13:43:50.0501 0x0720  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
13:43:50.0501 0x0720  Modem - ok
13:43:50.0579 0x0720  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:43:50.0579 0x0720  monitor - ok
13:43:50.0641 0x0720  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:43:50.0641 0x0720  mouclass - ok
13:43:50.0703 0x0720  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:43:50.0703 0x0720  mouhid - ok
13:43:50.0750 0x0720  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
13:43:50.0750 0x0720  MountMgr - ok
13:43:50.0828 0x0720  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:43:50.0828 0x0720  MozillaMaintenance - ok
13:43:50.0906 0x0720  [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
13:43:50.0906 0x0720  MpFilter - ok
13:43:50.0969 0x0720  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:43:50.0969 0x0720  mpio - ok
13:43:51.0062 0x0720  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:43:51.0062 0x0720  mpsdrv - ok
13:43:51.0140 0x0720  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:43:51.0156 0x0720  MpsSvc - ok
13:43:51.0203 0x0720  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
13:43:51.0203 0x0720  Mraid35x - ok
13:43:51.0265 0x0720  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:43:51.0265 0x0720  MRxDAV - ok
13:43:51.0327 0x0720  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:43:51.0327 0x0720  mrxsmb - ok
13:43:51.0390 0x0720  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:43:51.0390 0x0720  mrxsmb10 - ok
13:43:51.0452 0x0720  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:43:51.0452 0x0720  mrxsmb20 - ok
13:43:51.0561 0x0720  [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:43:51.0561 0x0720  msahci - ok
13:43:51.0624 0x0720  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:43:51.0624 0x0720  msdsm - ok
13:43:51.0686 0x0720  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
13:43:51.0686 0x0720  MSDTC - ok
13:43:51.0717 0x0720  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:43:51.0749 0x0720  Msfs - ok
13:43:51.0827 0x0720  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:43:51.0827 0x0720  msisadrv - ok
13:43:51.0889 0x0720  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:43:51.0889 0x0720  MSiSCSI - ok
13:43:51.0936 0x0720  msiserver - ok
13:43:51.0967 0x0720  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:43:51.0998 0x0720  MSKSSRV - ok
13:43:52.0076 0x0720  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:43:52.0076 0x0720  MsMpSvc - ok
13:43:52.0123 0x0720  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:43:52.0123 0x0720  MSPCLOCK - ok
13:43:52.0154 0x0720  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:43:52.0185 0x0720  MSPQM - ok
13:43:52.0248 0x0720  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:43:52.0248 0x0720  MsRPC - ok
13:43:52.0326 0x0720  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:43:52.0326 0x0720  mssmbios - ok
13:43:52.0388 0x0720  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:43:52.0388 0x0720  MSTEE - ok
13:43:52.0435 0x0720  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
13:43:52.0435 0x0720  Mup - ok
13:43:52.0529 0x0720  [ 1BF9D6476061B31CD7FC2BF848529A56 ] N360            C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
13:43:52.0529 0x0720  N360 - ok
13:43:52.0622 0x0720  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
13:43:52.0622 0x0720  napagent - ok
13:43:52.0653 0x0720  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:43:52.0653 0x0720  NativeWifiP - ok
13:43:52.0763 0x0720  [ 81E928EE3751FAF725C87CC17726C05D ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130904.003\NAVENG.SYS
13:43:52.0763 0x0720  NAVENG - ok
13:43:52.0856 0x0720  [ E0C39FA6C76AE8ED53ABF043F35ECDFF ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130904.003\NAVEX15.SYS
13:43:52.0872 0x0720  NAVEX15 - ok
13:43:52.0965 0x0720  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:43:52.0965 0x0720  NDIS - ok
13:43:53.0059 0x0720  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:43:53.0059 0x0720  NdisTapi - ok
13:43:53.0075 0x0720  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:43:53.0090 0x0720  Ndisuio - ok
13:43:53.0153 0x0720  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:43:53.0168 0x0720  NdisWan - ok
13:43:53.0246 0x0720  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:43:53.0246 0x0720  NDProxy - ok
13:43:53.0277 0x0720  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:43:53.0277 0x0720  NetBIOS - ok
13:43:53.0371 0x0720  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
13:43:53.0371 0x0720  netbt - ok
13:43:53.0402 0x0720  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
13:43:53.0402 0x0720  Netlogon - ok
13:43:53.0496 0x0720  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
13:43:53.0496 0x0720  Netman - ok
13:43:53.0527 0x0720  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
13:43:53.0527 0x0720  netprofm - ok
13:43:53.0589 0x0720  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:43:53.0589 0x0720  NetTcpPortSharing - ok
13:43:53.0683 0x0720  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:43:53.0683 0x0720  nfrd960 - ok
13:43:53.0745 0x0720  [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:43:53.0745 0x0720  NisDrv - ok
13:43:53.0777 0x0720  [ E570ECA850F30EB740C2E9699DF3D2BD ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
13:43:53.0777 0x0720  NisSrv - ok
13:43:53.0870 0x0720  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:43:53.0870 0x0720  NlaSvc - ok
13:43:53.0901 0x0720  [ B9730495E0CF674680121E34BD95A73B ] NPF             C:\Windows\system32\DRIVERS\npf.sys
13:43:53.0933 0x0720  NPF - ok
13:43:53.0995 0x0720  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:43:53.0995 0x0720  Npfs - ok
13:43:54.0057 0x0720  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
13:43:54.0057 0x0720  nsi - ok
13:43:54.0073 0x0720  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:43:54.0073 0x0720  nsiproxy - ok
13:43:54.0198 0x0720  [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:43:54.0213 0x0720  Ntfs - ok
13:43:54.0260 0x0720  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
13:43:54.0260 0x0720  ntrigdigi - ok
13:43:54.0323 0x0720  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
13:43:54.0323 0x0720  Null - ok
13:43:54.0369 0x0720  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:43:54.0369 0x0720  nvraid - ok
13:43:54.0401 0x0720  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:43:54.0401 0x0720  nvstor - ok
13:43:54.0463 0x0720  [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:43:54.0463 0x0720  nv_agp - ok
13:43:54.0494 0x0720  NwlnkFlt - ok
13:43:54.0510 0x0720  NwlnkFwd - ok
13:43:54.0572 0x0720  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:43:54.0572 0x0720  ohci1394 - ok
13:43:54.0635 0x0720  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:43:54.0635 0x0720  ose - ok
13:43:54.0744 0x0720  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
13:43:54.0759 0x0720  p2pimsvc - ok
13:43:54.0806 0x0720  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:43:54.0806 0x0720  p2psvc - ok
13:43:54.0869 0x0720  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
13:43:54.0869 0x0720  Parport - ok
13:43:54.0931 0x0720  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:43:54.0931 0x0720  partmgr - ok
13:43:54.0993 0x0720  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
13:43:54.0993 0x0720  Parvdm - ok
13:43:55.0056 0x0720  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:43:55.0056 0x0720  PcaSvc - ok
13:43:55.0118 0x0720  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
13:43:55.0118 0x0720  pci - ok
13:43:55.0149 0x0720  [ 3B1901E401473E03EB8C874271E50C26 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:43:55.0149 0x0720  pciide - ok
13:43:55.0196 0x0720  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:43:55.0212 0x0720  pcmcia - ok
13:43:55.0321 0x0720  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:43:55.0321 0x0720  PEAUTH - ok
13:43:55.0461 0x0720  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
13:43:55.0477 0x0720  pla - ok
13:43:55.0555 0x0720  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:43:55.0555 0x0720  PlugPlay - ok
13:43:55.0617 0x0720  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
13:43:55.0633 0x0720  PNRPAutoReg - ok
13:43:55.0649 0x0720  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
13:43:55.0680 0x0720  PNRPsvc - ok
13:43:55.0773 0x0720  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:43:55.0773 0x0720  PolicyAgent - ok
13:43:55.0867 0x0720  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:43:55.0867 0x0720  PptpMiniport - ok
13:43:55.0929 0x0720  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:43:55.0929 0x0720  Processor - ok
13:43:55.0992 0x0720  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:43:55.0992 0x0720  ProfSvc - ok
13:43:56.0023 0x0720  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:43:56.0023 0x0720  ProtectedStorage - ok
13:43:56.0117 0x0720  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
13:43:56.0117 0x0720  PSched - ok
13:43:56.0210 0x0720  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:43:56.0210 0x0720  ql2300 - ok
13:43:56.0273 0x0720  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:43:56.0273 0x0720  ql40xx - ok
13:43:56.0366 0x0720  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
13:43:56.0366 0x0720  QWAVE - ok
13:43:56.0397 0x0720  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:43:56.0397 0x0720  QWAVEdrv - ok
13:43:56.0444 0x0720  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:43:56.0444 0x0720  RasAcd - ok
13:43:56.0507 0x0720  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
13:43:56.0507 0x0720  RasAuto - ok
13:43:56.0569 0x0720  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:43:56.0569 0x0720  Rasl2tp - ok
13:43:56.0631 0x0720  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
13:43:56.0647 0x0720  RasMan - ok
13:43:56.0694 0x0720  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:43:56.0694 0x0720  RasPppoe - ok
13:43:56.0741 0x0720  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:43:56.0741 0x0720  RasSstp - ok
13:43:56.0803 0x0720  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:43:56.0803 0x0720  rdbss - ok
13:43:56.0881 0x0720  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:43:56.0881 0x0720  RDPCDD - ok
13:43:56.0943 0x0720  [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
13:43:56.0943 0x0720  rdpdr - ok
13:43:57.0006 0x0720  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:43:57.0006 0x0720  RDPENCDD - ok
13:43:57.0084 0x0720  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:43:57.0084 0x0720  RDPWD - ok
13:43:57.0177 0x0720  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:43:57.0177 0x0720  RemoteAccess - ok
13:43:57.0240 0x0720  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:43:57.0240 0x0720  RemoteRegistry - ok
13:43:57.0302 0x0720  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
13:43:57.0302 0x0720  RpcLocator - ok
13:43:57.0365 0x0720  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
13:43:57.0380 0x0720  RpcSs - ok
13:43:57.0443 0x0720  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:43:57.0443 0x0720  rspndr - ok
13:43:57.0521 0x0720  [ 74C55C17EA292FB27DC6F34DA7A2A8D0 ] RTL8192Ce       C:\Windows\system32\DRIVERS\rtl8192Ce.sys
13:43:57.0536 0x0720  RTL8192Ce - ok
13:43:57.0552 0x0720  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
13:43:57.0552 0x0720  SamSs - ok
13:43:57.0614 0x0720  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:43:57.0614 0x0720  sbp2port - ok
13:43:57.0677 0x0720  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:43:57.0677 0x0720  SCardSvr - ok
13:43:57.0755 0x0720  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
13:43:57.0755 0x0720  Schedule - ok
13:43:57.0817 0x0720  [ 3B68015683C27CB00C7A6B60A37CBCFD ] SCMNdisP        C:\Windows\system32\DRIVERS\scmndisp.sys
13:43:57.0817 0x0720  SCMNdisP - ok
13:43:57.0864 0x0720  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:43:57.0864 0x0720  SCPolicySvc - ok
13:43:57.0926 0x0720  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:43:57.0926 0x0720  SDRSVC - ok
13:43:57.0989 0x0720  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:43:57.0989 0x0720  secdrv - ok
13:43:58.0004 0x0720  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
13:43:58.0004 0x0720  seclogon - ok
13:43:58.0051 0x0720  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
13:43:58.0051 0x0720  SENS - ok
13:43:58.0082 0x0720  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:43:58.0082 0x0720  Serenum - ok
13:43:58.0176 0x0720  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
13:43:58.0176 0x0720  Serial - ok
13:43:58.0238 0x0720  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:43:58.0238 0x0720  sermouse - ok
13:43:58.0316 0x0720  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:43:58.0316 0x0720  SessionEnv - ok
13:43:58.0379 0x0720  [ 103B79418DA647736EE95645F305F68A ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:43:58.0379 0x0720  sffdisk - ok
13:43:58.0425 0x0720  [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:43:58.0425 0x0720  sffp_mmc - ok
13:43:58.0457 0x0720  [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:43:58.0457 0x0720  sffp_sd - ok
13:43:58.0519 0x0720  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:43:58.0519 0x0720  sfloppy - ok
13:43:58.0613 0x0720  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:43:58.0613 0x0720  SharedAccess - ok
13:43:58.0691 0x0720  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:43:58.0706 0x0720  ShellHWDetection - ok
13:43:58.0753 0x0720  [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
13:43:58.0753 0x0720  sisagp - ok
13:43:58.0815 0x0720  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
13:43:58.0815 0x0720  SiSRaid2 - ok
13:43:58.0862 0x0720  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:43:58.0862 0x0720  SiSRaid4 - ok
13:43:58.0987 0x0720  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
13:43:59.0018 0x0720  slsvc - ok
13:43:59.0081 0x0720  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
13:43:59.0112 0x0720  SLUINotify - ok
13:43:59.0143 0x0720  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:43:59.0143 0x0720  Smb - ok
13:43:59.0237 0x0720  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:43:59.0237 0x0720  SNMPTRAP - ok
13:43:59.0299 0x0720  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
13:43:59.0299 0x0720  spldr - ok
13:43:59.0361 0x0720  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
13:43:59.0361 0x0720  Spooler - ok
13:43:59.0424 0x0720  [ C743E384E9EFCA10B41C60D406DE39C0 ] SRTSP           C:\Windows\System32\Drivers\N360\1404000.028\SRTSP.SYS
13:43:59.0424 0x0720  SRTSP - ok
13:43:59.0486 0x0720  [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX          C:\Windows\system32\drivers\N360\1404000.028\SRTSPX.SYS
13:43:59.0486 0x0720  SRTSPX - ok
13:43:59.0549 0x0720  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:43:59.0549 0x0720  srv - ok
13:43:59.0642 0x0720  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:43:59.0642 0x0720  srv2 - ok
13:43:59.0673 0x0720  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:43:59.0689 0x0720  srvnet - ok
13:43:59.0751 0x0720  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:43:59.0767 0x0720  SSDPSRV - ok
13:43:59.0861 0x0720  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:43:59.0861 0x0720  SstpSvc - ok
13:43:59.0939 0x0720  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
13:43:59.0954 0x0720  stisvc - ok
13:43:59.0985 0x0720  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:44:00.0001 0x0720  swenum - ok
13:44:00.0063 0x0720  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
13:44:00.0079 0x0720  swprv - ok
13:44:00.0141 0x0720  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
13:44:00.0141 0x0720  Symc8xx - ok
13:44:00.0204 0x0720  [ 5A193E5E0F0A776430E5D62A051C1E16 ] SymDS           C:\Windows\system32\drivers\N360\1404000.028\SYMDS.SYS
13:44:00.0204 0x0720  SymDS - ok
13:44:00.0297 0x0720  [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA          C:\Windows\system32\drivers\N360\1404000.028\SYMEFA.SYS
13:44:00.0313 0x0720  SymEFA - ok
13:44:00.0391 0x0720  [ F50D81D3E0C7A353F205562B89CD06D6 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
13:44:00.0391 0x0720  SymEvent - ok
13:44:00.0453 0x0720  [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON         C:\Windows\system32\drivers\N360\1404000.028\Ironx86.SYS
13:44:00.0453 0x0720  SymIRON - ok
13:44:00.0547 0x0720  [ C834343C3A23DC9BC3AA752F0CAFD04B ] SYMTDIv         C:\Windows\System32\Drivers\N360\1404000.028\SYMTDIV.SYS
13:44:00.0547 0x0720  SYMTDIv - ok
13:44:00.0609 0x0720  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
13:44:00.0609 0x0720  Sym_hi - ok
13:44:00.0641 0x0720  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
13:44:00.0641 0x0720  Sym_u3 - ok
13:44:00.0734 0x0720  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
13:44:00.0750 0x0720  SysMain - ok
13:44:00.0797 0x0720  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:44:00.0797 0x0720  TabletInputService - ok
13:44:00.0875 0x0720  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:44:00.0890 0x0720  TapiSrv - ok
13:44:00.0953 0x0720  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
13:44:00.0984 0x0720  TBS - ok
13:44:01.0046 0x0720  [ 6D0D344F643E28B31262AC2682109A3C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:44:01.0062 0x0720  Tcpip - ok
13:44:01.0109 0x0720  [ 6D0D344F643E28B31262AC2682109A3C ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
13:44:01.0124 0x0720  Tcpip6 - ok
13:44:01.0171 0x0720  [ 5877A786EF27E42C4E84D1356F922302 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:44:01.0171 0x0720  tcpipreg - ok
13:44:01.0202 0x0720  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:44:01.0202 0x0720  TDPIPE - ok
13:44:01.0265 0x0720  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:44:01.0265 0x0720  TDTCP - ok
13:44:01.0327 0x0720  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:44:01.0327 0x0720  tdx - ok
13:44:01.0436 0x0720  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:44:01.0436 0x0720  TermDD - ok
13:44:01.0514 0x0720  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
13:44:01.0545 0x0720  TermService - ok
13:44:01.0577 0x0720  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
13:44:01.0577 0x0720  Themes - ok
13:44:01.0623 0x0720  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
13:44:01.0623 0x0720  THREADORDER - ok
13:44:01.0686 0x0720  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
13:44:01.0686 0x0720  TrkWks - ok
13:44:01.0779 0x0720  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:44:01.0779 0x0720  TrustedInstaller - ok
13:44:01.0826 0x0720  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:44:01.0826 0x0720  tssecsrv - ok
13:44:01.0935 0x0720  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
13:44:01.0935 0x0720  tunmp - ok
13:44:01.0982 0x0720  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:44:01.0982 0x0720  tunnel - ok
13:44:02.0060 0x0720  [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
13:44:02.0060 0x0720  TVALZ - ok
13:44:02.0107 0x0720  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:44:02.0107 0x0720  uagp35 - ok
13:44:02.0169 0x0720  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:44:02.0169 0x0720  udfs - ok
13:44:02.0247 0x0720  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:44:02.0247 0x0720  UI0Detect - ok
13:44:02.0294 0x0720  [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:44:02.0294 0x0720  uliagpkx - ok
13:44:02.0357 0x0720  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci         C:\Windows\system32\drivers\uliahci.sys
13:44:02.0357 0x0720  uliahci - ok
13:44:02.0388 0x0720  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
13:44:02.0388 0x0720  UlSata - ok
13:44:02.0481 0x0720  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
13:44:02.0481 0x0720  ulsata2 - ok
13:44:02.0544 0x0720  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:44:02.0544 0x0720  umbus - ok
13:44:02.0606 0x0720  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
13:44:02.0622 0x0720  upnphost - ok
13:44:02.0684 0x0720  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:44:02.0700 0x0720  usbccgp - ok
13:44:02.0762 0x0720  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:44:02.0762 0x0720  usbcir - ok
13:44:02.0825 0x0720  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:44:02.0825 0x0720  usbehci - ok
13:44:02.0887 0x0720  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:44:02.0887 0x0720  usbhub - ok
13:44:02.0934 0x0720  [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:44:02.0934 0x0720  usbohci - ok
13:44:02.0996 0x0720  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:44:02.0996 0x0720  usbprint - ok
13:44:03.0059 0x0720  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:44:03.0059 0x0720  usbscan - ok
13:44:03.0105 0x0720  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:44:03.0105 0x0720  USBSTOR - ok
13:44:03.0168 0x0720  [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:44:03.0168 0x0720  usbuhci - ok
13:44:03.0230 0x0720  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
13:44:03.0230 0x0720  UxSms - ok
13:44:03.0261 0x0720  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
13:44:03.0261 0x0720  vds - ok
13:44:03.0355 0x0720  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:44:03.0355 0x0720  vga - ok
13:44:03.0417 0x0720  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:44:03.0417 0x0720  VgaSave - ok
13:44:03.0480 0x0720  [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp          C:\Windows\system32\drivers\viaagp.sys
13:44:03.0480 0x0720  viaagp - ok
13:44:03.0511 0x0720  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
13:44:03.0511 0x0720  ViaC7 - ok
13:44:03.0573 0x0720  [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide          C:\Windows\system32\drivers\viaide.sys
13:44:03.0573 0x0720  viaide - ok
13:44:03.0620 0x0720  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:44:03.0620 0x0720  volmgr - ok
13:44:03.0683 0x0720  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:44:03.0698 0x0720  volmgrx - ok
13:44:03.0761 0x0720  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:44:03.0761 0x0720  volsnap - ok
13:44:03.0854 0x0720  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:44:03.0854 0x0720  vsmraid - ok
13:44:03.0917 0x0720  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
13:44:03.0932 0x0720  VSS - ok
13:44:04.0010 0x0720  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
13:44:04.0010 0x0720  W32Time - ok
13:44:04.0073 0x0720  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:44:04.0073 0x0720  WacomPen - ok
13:44:04.0166 0x0720  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
13:44:04.0166 0x0720  Wanarp - ok
13:44:04.0182 0x0720  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:44:04.0182 0x0720  Wanarpv6 - ok
13:44:04.0260 0x0720  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:44:04.0260 0x0720  wcncsvc - ok
13:44:04.0322 0x0720  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:44:04.0322 0x0720  WcsPlugInService - ok
13:44:04.0385 0x0720  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
13:44:04.0416 0x0720  Wd - ok
13:44:04.0478 0x0720  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:44:04.0494 0x0720  Wdf01000 - ok
13:44:04.0556 0x0720  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:44:04.0556 0x0720  WdiServiceHost - ok
13:44:04.0572 0x0720  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:44:04.0603 0x0720  WdiSystemHost - ok
13:44:04.0665 0x0720  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
13:44:04.0665 0x0720  WebClient - ok
13:44:04.0728 0x0720  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:44:04.0728 0x0720  Wecsvc - ok
13:44:04.0790 0x0720  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:44:04.0790 0x0720  wercplsupport - ok
13:44:04.0853 0x0720  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:44:04.0853 0x0720  WerSvc - ok
13:44:04.0962 0x0720  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
13:44:04.0962 0x0720  WinDefend - ok
13:44:04.0993 0x0720  WinHttpAutoProxySvc - ok
13:44:05.0087 0x0720  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:44:05.0102 0x0720  Winmgmt - ok
13:44:05.0180 0x0720  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:44:05.0196 0x0720  WinRM - ok
13:44:05.0321 0x0720  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:44:05.0336 0x0720  Wlansvc - ok
13:44:05.0367 0x0720  [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:44:05.0383 0x0720  WmiAcpi - ok
13:44:05.0477 0x0720  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:44:05.0477 0x0720  wmiApSrv - ok
13:44:05.0586 0x0720  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
13:44:05.0601 0x0720  WMPNetworkSvc - ok
13:44:05.0664 0x0720  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:44:05.0664 0x0720  WPCSvc - ok
13:44:05.0726 0x0720  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:44:05.0726 0x0720  WPDBusEnum - ok
13:44:05.0789 0x0720  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
13:44:05.0789 0x0720  WpdUsb - ok
13:44:05.0898 0x0720  [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:44:05.0913 0x0720  WPFFontCache_v0400 - ok
13:44:05.0976 0x0720  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:44:05.0976 0x0720  ws2ifsl - ok
13:44:06.0038 0x0720  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
13:44:06.0038 0x0720  wscsvc - ok
13:44:06.0054 0x0720  WSearch - ok
13:44:06.0163 0x0720  [ D0697918519A4CF059C2C7E3B9E93A53 ] WSWNA3100       C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
13:44:06.0163 0x0720  WSWNA3100 - ok
13:44:06.0303 0x0720  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
13:44:06.0319 0x0720  wuauserv - ok
13:44:06.0381 0x0720  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:44:06.0381 0x0720  WudfPf - ok
13:44:06.0428 0x0720  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:44:06.0428 0x0720  WUDFRd - ok
13:44:06.0506 0x0720  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:44:06.0506 0x0720  wudfsvc - ok
13:44:06.0600 0x0720  [ D1D32A7FB32603F922F233F86A019C9F ] ZTEusbgps       C:\Windows\system32\DRIVERS\ZTEusbgps.sys
13:44:06.0600 0x0720  ZTEusbgps - ok
13:44:06.0631 0x0720  [ D1D32A7FB32603F922F233F86A019C9F ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
13:44:06.0662 0x0720  ZTEusbmdm6k - ok
13:44:06.0678 0x0720  [ D1D32A7FB32603F922F233F86A019C9F ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
13:44:06.0693 0x0720  ZTEusbnmea - ok
13:44:06.0725 0x0720  [ D1D32A7FB32603F922F233F86A019C9F ] ZTEusbnmeaext   C:\Windows\system32\DRIVERS\ZTEusbnmeaext.sys
13:44:06.0725 0x0720  ZTEusbnmeaext - ok
13:44:06.0787 0x0720  [ D1D32A7FB32603F922F233F86A019C9F ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
13:44:06.0787 0x0720  ZTEusbser6k - ok
13:44:06.0865 0x0720  ================ Scan global ===============================
13:44:06.0927 0x0720  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
13:44:07.0005 0x0720  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
13:44:07.0037 0x0720  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
13:44:07.0130 0x0720  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
13:44:07.0130 0x0720  [Global] - ok
13:44:07.0161 0x0720  ================ Scan MBR ==================================
13:44:07.0177 0x0720  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
13:44:07.0567 0x0720  \Device\Harddisk0\DR0 - ok
13:44:07.0598 0x0720  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR10
13:44:07.0707 0x0720  \Device\Harddisk2\DR10 - ok
13:44:07.0707 0x0720  ================ Scan VBR ==================================
13:44:07.0723 0x0720  [ AE1B3EB2700E434027852AF44E0AC9D4 ] \Device\Harddisk0\DR0\Partition1
13:44:07.0723 0x0720  \Device\Harddisk0\DR0\Partition1 - ok
13:44:07.0739 0x0720  [ B2A0CAC1AE5AE766F3E6D481702317CF ] \Device\Harddisk2\DR10\Partition1
13:44:07.0754 0x0720  \Device\Harddisk2\DR10\Partition1 - ok
13:44:07.0754 0x0720  ============================================================
13:44:07.0754 0x0720  Scan finished
13:44:07.0754 0x0720  ============================================================
13:44:07.0801 0x07dc  Detected object count: 0
13:44:07.0801 0x07dc  Actual detected object count: 0
 

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.8 (09.05.2013:1)
OS: Windows Vista ™ Home Premium x86
Ran by Tom Thumb on Fri 09/06/2013 at 13:51:55.91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1485691448-735088278-2850230456-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\f
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoods.dskbnd
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoods.dskbnd.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoodsapp.appcore
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoodsapp.appcore.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{13119113-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{33119133-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4B6677C4-9583-4D60-9623-33044CE442D7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{23119123-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{03119103-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wiseconvert_b
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3297930
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3297947
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3311834
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0FA20011-6541-442D-80B8-B22B8C4CFECB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{56BA3EEE-5B25-810E-B1B2-3FB3EB050FBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{632617EA-56D6-6460-27B8-3B488108B675}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}



~~~ Files

Successfully deleted: [File] C:\Windows\System32\Tasks\DealPly
Successfully deleted: [File] "C:\Users\Tom Thumb\appdata\local\funmoods-speeddial.crx"
Successfully deleted: [File] "C:\Program Files\mozilla firefox\nsprotector.js"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ammyy"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\speedmaxpc"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Tom Thumb\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Tom Thumb\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\Tom Thumb\AppData\Roaming\speedmaxpc"
Successfully deleted: [Folder] "C:\Users\Tom Thumb\appdata\local\babylon"
Successfully deleted: [Folder] "C:\Users\Tom Thumb\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Tom Thumb\appdata\local\dictionaryboss"
Successfully deleted: [Folder] "C:\Users\Tom Thumb\appdata\local\iac"
Successfully deleted: [Folder] "C:\Users\Tom Thumb\appdata\local\pc mightymax 2012"
Successfully deleted: [Folder] "C:\Users\Tom Thumb\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\Tom Thumb\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Tom Thumb\appdata\locallow\dictionaryboss"
Successfully deleted: [Folder] "C:\Users\Tom Thumb\appdata\locallow\iac"
Successfully deleted: [Folder] "C:\Users\Tom Thumb\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\dictionaryboss"
Successfully deleted: [Folder] "C:\Program Files\wiseconvert"
Successfully deleted: [Folder] "C:\Program Files\wiseconvert_b"



~~~ FireFox

Successfully deleted: [File] C:\user.js



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 09/06/2013 at 13:56:29.51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

 

 

# AdwCleaner v3.002 - Report created 06/09/2013 at 14:02:19
# Updated 01/09/2013 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Tom Thumb - TOMThumb-PC
# Running from : C:\Users\Tom Thumb\Desktop\RAF-FixTools\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Users\Tom Thumb\AppData\Roaming\Mozilla\Firefox\Profiles\w17b0e3t.default\Extensions\65ffxtbr@FromDocToPDF_65.com
Folder Found C:\Program Files\FromDocToPDF_65
Folder Found C:\Program Files\Installl_Converter_A
Folder Found C:\Users\Tom Thumb\AppData\Local\FromDocToPDF_65
Folder Found C:\Users\Tom Thumb\AppData\LocalLow\FromDocToPDF_65
Folder Found C:\Users\Tom Thumb\AppData\LocalLow\Installl_Converter_A

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\FromDocToPDF_65
Key Found : HKCU\Software\AppDataLow\Software\Installl_Converter_A
Key Found : HKCU\Software\FromDocToPDF_65
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FromDocToPDF_65bar Uninstall Firefox
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Installl_Converter_A Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F84DB37A-AE6F-423B-9F51-14B5EC10C879}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F84DB37A-AE6F-423B-9F51-14B5EC10C879}
Key Found : HKCU\Software\SpeedMaxPC
Key Found : HKLM\SOFTWARE\Classes\CLSID\{017D68F2-19B3-41AE-9D8A-8B09DBD25479}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2BD4465D-669A-42E6-B449-636B0B10EBB8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3700B685-D795-4E17-9B78-73BCEE5D4086}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3E6260AC-BC6F-44B4-942B-1568C367543A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{504B4AA9-9952-4490-B0E1-80A5321C35F7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{72D05120-DF65-4C27-921E-899B5267FEF2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8AD40E5E-9FD9-4F5E-B4D1-DDF2C921DCE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A0CF6CB9-2276-4F30-B841-05A67067ACE0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE84501A-2CB6-41D6-B3A7-9679BDBDFA0B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AFA196F4-80E5-47AD-B7BC-C671487D36FB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B7FD68F7-D28B-431E-9EE8-E45D915B7F17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CBBEA4B9-B183-47AC-8B1F-FD526AC99A8D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD1D181E-C654-4CA5-9D09-B3648537FD7D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E0C3A839-0E5E-4EBC-9F8F-E56F8FC732CE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E1C4699E-5E74-4F30-A4A2-378E45D44F07}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F42DAACA-52CC-40DB-834D-784AA791C537}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F84DB37A-AE6F-423B-9F51-14B5EC10C879}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F96EE2EF-FE15-4878-AECD-BC367F12C70F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FC2B119B-2352-4E7A-9197-B9E1BBADE61B}
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.DynamicBarButton
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.DynamicBarButton.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.FeedManager
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.FeedManager.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLMenu
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLMenu.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLPanel
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLPanel.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.MultipleButton
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.MultipleButton.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.PseudoTransparentPlugin
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.PseudoTransparentPlugin.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.Radio
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.Radio.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.RadioSettings
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.RadioSettings.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ScriptButton
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ScriptButton.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.SettingsPlugin
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.SettingsPlugin.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.SkinLauncher
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.SkinLauncher.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.SkinLauncherSettings
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.SkinLauncherSettings.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ThirdPartyInstaller
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ThirdPartyInstaller.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ToolbarProtector
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ToolbarProtector.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.UrlAlertButton
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.UrlAlertButton.1
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.XMLSessionPlugin
Key Found : HKLM\SOFTWARE\Classes\FromDocToPDF_65.XMLSessionPlugin.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{36B445BF-1B84-466A-A623-A360A8CFF8C3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6CBF5C01-C876-481B-867E-111CB1D2A7D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D97143C2-4282-496B-BDC4-7EC852F1497C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1747AE4D-0A83-4336-84D4-48500BF1554F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2C9D27D8-C81E-4968-8026-E725E01650C1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3BB1BA04-1B88-4690-9AD3-0D38412F5FF1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3EFEC319-72E8-42AA-AC38-8CF8A0661CDD}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D8AEB1D-4ED4-44AC-A039-4775B2575DB0}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{542EAC56-BF4B-46A7-943E-0A4C2CBA34EA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6191571E-F7EE-47C3-B229-2DFAC70DB5D2}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74C02D12-FAEE-4834-80D2-5B7D2480AD61}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{840AE8AE-D547-433E-985C-6BF6C74F5084}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A85ACA7E-5CD2-461B-877A-994CCCCF491C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BF6FDBB8-7CD5-402D-AB4F-E4F13D3490C8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E3CDDB72-3ADC-4920-B42B-68A8C29FA942}
Key Found : HKLM\Software\FromDocToPDF_65
Key Found : HKLM\Software\Installl_Converter_A
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0DAFCED3-6D93-4F6C-89C4-6573F8BD1167}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FD27DA1-F284-475C-AD26-862BF358B15D}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D97143C2-4282-496B-BDC4-7EC852F1497C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0C3A839-0E5E-4EBC-9F8F-E56F8FC732CE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Dealply
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\Dealply
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F84DB37A-AE6F-423B-9F51-14B5EC10C879}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2BD4465D-669A-42E6-B449-636B0B10EBB8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8AD40E5E-9FD9-4F5E-B4D1-DDF2C921DCE3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CBBEA4B9-B183-47AC-8B1F-FD526AC99A8D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E1C4699E-5E74-4F30-A4A2-378E45D44F07}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F42DAACA-52CC-40DB-834D-784AA791C537}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FC2B119B-2352-4E7A-9197-B9E1BBADE61B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FromDocToPDF_65bar Uninstall Firefox
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Installl_Converter_A Toolbar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@FromDocToPDF_65.com/Plugin
Key Found : HKLM\Software\SpeedMaxPC
Product Found : Google Update Helper
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{F84DB37A-AE6F-423B-9F51-14B5EC10C879}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F84DB37A-AE6F-423B-9F51-14B5EC10C879}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F84DB37A-AE6F-423B-9F51-14B5EC10C879}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{F84DB37A-AE6F-423B-9F51-14B5EC10C879}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [65ffxtbr@FromDocToPDF_65.com]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16502

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [SearchAssistant] - hxxp://www2.inbox.com/search/ie.aspx?tbid=80314&lng=en
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch] - hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80314
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://www2.inbox.com/search/ie.aspx?tbid=80314&lng=en
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] - hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80314

-\\ Mozilla Firefox v19.0.2 (en-US)

[ File : C:\Users\Tom Thumb\AppData\Roaming\Mozilla\Firefox\Profiles\w17b0e3t.default\prefs.js ]


-\\ Google Chrome v29.0.1547.62

[ File : C:\Users\Tom Thumb\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [11911 octets] - [06/09/2013 14:02:19]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [11972 octets] ##########
 

~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~

 

OK that's it so far --- I'll run the online tool later when I get home.   Once again in Safe mode with networking i assume.

 

Thanks again for your help --this site has helped me out in the past and I appreciate it very much.

I am less than 20 years younger than the guy I'm helping out here, so my computer wizard stick is not what it used to be back in my Tandy Dos CoCo Glory days!



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:56 AM

Posted 06 September 2013 - 02:06 PM

Ok, good yes run ESET later,it can be in Normal.
I'm on north Jersey time :)

After ESET do this to clean what ADWcleaner found
Double click on AdwCleaner.exe to run the tool again.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 zapfast

zapfast
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 06 September 2013 - 07:21 PM

OK -- I have got the ESET scanner installed and ran -- it took several hours and found 1 item --the fastPC adware

 

I followed the steps you outlined for ESET and then ran the Adcleaner again - I went through the "clean" procedure and it prompted a restart --after which a txt log came up showing it had removed a google update helper.

 

I now hit ctrl alt delete to bring up task manager and I still have the "tabless" version showing only the pane with "image name""user name""CPU" "Memory" and "description"

 

I have Run the update for malware bytes so I may run that next.

 

after that, if I don't hear back, I suppose I will go back to safe mode and run the steps that you outlined for me above again.

This Is wht I remember doing last time I battled spyware and adware and viruses.

 

With my last encounter with the conduit redirect it was spybot Search and destroy that finally killed the cooties.

Of course some of the programs that you had me run may be just as effective.

 

Again thanks for your patience and help, the computer is accesing the web and I have installed adblock and Web of trust on firefx and chrome and and created an AOL shortcut that goes to AOL via firefox.

 

It turns out my friend had NOT installed the AOL browser on this Laptop as he "confessed" to having done!



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:56 AM

Posted 06 September 2013 - 08:11 PM

There were some evidence of file corruption so... 

Please run SFC (System File Checker)
Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files

NOTE for Vista/WIN 7 users..The command needs to be run from an Elevated Command Prompt.Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'


You will need your operating system CD handy.

Open Windows Task Manager....by pressing CTRL+SHIFT+ESC

Then click File.. then New Task(Run)

In the box that opens type sfc /scannow ......There is a space between c and /

Click OK
Let it run and insert the CD when asked.

Edited by boopme, 06 September 2013 - 08:13 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 zapfast

zapfast
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 07 September 2013 - 06:39 PM

Hello Boopme,

 

Thanks for the way forward you have detailed for me.

 

I spent today working towards getting my pool covered tomorrow and only spent a bit of time re-running the various scan tools I have -- I did download the newer version of the adCleaner and "discovered" that what I thought was an empty result window is in fact tabbed (duh!) so in baby step fasion, I figured out how to see what the problems were that it detected. I realize those results are in the report also, but learning this detail, my virtual "computer wizard stick" grew a cm or two (~):-]

 

I contacted my neighbor buddy and asked about the Win Vista disc, and it turns out he does not have it.

 

A relative of his had "upgraded" his Win 7 that the toshiba came with to Vista for him.

(?? Is that an upgrade????)

 

I have also done windows updates and updated flash player.

Also updated the MSE to a newer build.

 

I will need to decide whether to remove Nortons ( ver 20.4.0.40 ) which is currently Active, but in "no protection" mode for the benifit of the various scans. I think the Nortons may be a Comcast freebie. It is still there giving me ocasional "CPU is working too hard messages. I am leaning towards an Uninstall here with the Nortons,

 

What do you ( or anyone else reading)  think about uninstalling Nortons at this point?

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I will also see if my techie son might have a  Vista disk, but I know I will recieve flak for not installing Linux

( his answer to every computer problem)

and for helping this guy out at all  because "He won't listen"  -- When my son was still at home as a teen he had a history of barter with the laptop owner -- my neighbor helped my son out with some very hands on repair work on his very first automobile(s) many moons ago in exchange for comp tech support way back then.

 

~~~~

 

I imagine I might be able to find the Vista install ISO out there "in the wild" on the intertoobz

 

~~~~~~~~~~~~~~~

 

--> I am going to proceed with sfc.exe after reading the "how to" page you linked to without the install disk and see where it takes me and then I'll reply again here.

 

So, thanks for reading all this.

I just wanted to let you know I'm still moving forward, although slowly.

I will report back when I have made some progress

Your help here at bleeping C is very much apreciated!

 

Thanks,

 

zapfastnet


Edited by zapfast, 07 September 2013 - 06:46 PM.


#10 zapfast

zapfast
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 08 September 2013 - 05:42 PM

Hello,
 
I just tried to proceed with the SFC.exe instructions
 
>NOTE for Vista/WIN 7 users..The command needs to be run from an Elevated Command Prompt.

>Click Start, type cmd into the Start/Search box,
>right-click cmd.exe in the list above and select 'Run as Administrator'
 
 
When I go to Start and then Search and enter cmd the only result is TDSSkiller.
Note: I have no windows Vista disk
 
So beyond that the next direction you supplied is also problematic as task manager is not functioning properly.
 
>Open Windows Task Manager....by pressing CTRL+SHIFT+ESC
>Then click File.. then New Task(Run)
 
What I see is only the Task Manager pane with "image name""username" "cpu" Memory and "description" --it has an "end process" button and a "show proccesses from all users" but no tabs! also no X in the corner to close it.

I use alt F4 to close this limited task manager.

 

--edit ---

I can use the Start  Run command line to type SFE.exe ---something runs and disapears in DOS

I tried the /P but that did not pause it.

I think it says something like --- "you need to be in administrator mode you knuclehead"

 

I see no other way to switch to admin

 

I added this as it may be relevant

 

--end edit--
 
Any Ideas?
 
I think the way forward may be to go and get a Win 7 disk a friend of mine has, and revert this laptop to it's original Windows 7 OS

I am told by the disk owner that I will lose all installed software, but that I can expect to retain files such as .jpgs -- I have backed up everything to an external HD at this point.
 
This laptop has a Win 7 sticker on the bottom.
 
Do you have any Opinion on keeping or losing the Nortons ver. 20.4.0.40?
 
Thanks for the help,
 
zapfastnet


Edited by zapfast, 08 September 2013 - 07:14 PM.


#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:56 AM

Posted 09 September 2013 - 04:10 PM

I feel that going to 7 may be best as you seem to have a lot of corruption.

 

I can only say many here find Norton a resource hog and avoid it. I have never used it.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 zapfast

zapfast
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 09 September 2013 - 09:47 PM

Thanks for your help -- I will proceed with the Win 7 install.
 
My source for the Win7 says that it is 64 bit and that I need to determine if the Toshiba laptop is 64 bit capable before I proceed.
The Win 7 is on a stick drive and I will need to burn it to a disk as an ISO
( I will need to reseach what that means - altough a computer tech i quizzed at work says that if i burn the files to CD on a Win 7 computer, the computer will do the right thing)
 
it is a Toshiba C655D-S5126 with AMD E-240 Proc. 1.5 Ghz and 3 Gig RAM.
It has the Win 7 Home premium OA sticker on the bottom.
I may do a bit of googling to answer to this question.
 
--- edit to add---
 
based on this page:
http://www.notebookcheck.net/AMD-E-240-Notebook-Processor.40950.0.html
 and this one
http://www.cpu-world.com/CPUs/Bobcat/AMD-E%20Series%20E-450.html
It looks the CPU is 64 bit so I can proceed.
 
---- end edit ----
 
 
I will definetly lose the Nortons,
 
Thanks for walking me through the process to clean this machine.
Bleepingcomputers is a huge help.

 

I guess you can mark this thread as Solved if you have such a thing.

 

any comments on the questions I raised about Win 7 and "burning an ISO disk" are welcome but not expected.

 

Thanks again

zapfastnet


Edited by zapfast, 10 September 2013 - 10:32 AM.


#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:56 AM

Posted 10 September 2013 - 09:24 AM

Ask in Win7 above ...they will confirm anything.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users