Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Infected with Trojan


  • Please log in to reply
7 replies to this topic

#1 NaviLink

NaviLink

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:27 PM

Posted 25 September 2013 - 10:40 AM

I was using an older version of Mozilla Firefox.

I made mistake by installing Skymonk.exe causing my firefox browser to change my background and pop-ups which is really a bad sign. I quickly uninstall the programs than run some antivirus many threats were detected and deleted. My computer maybe running awkward slow then before. I'll post MiniToolBox log here I apologize if I'm doing this too early.

 

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Nini (administrator) on 25-09-2013 at 07:42:32
Running from "C:\Users\Nini\Downloads"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================




127.0.0.1       localhost

========================= IP Configuration: ================================

D-Link DWA-125 Wireless 150 USB Adapter = Wireless Network Connection (Connected)
Intel® 82566DC-2 Gigabit Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Nini-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : att.net

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : att.net
   Description . . . . . . . . . . . : D-Link DWA-125 Wireless 150 USB Adapter
   Physical Address. . . . . . . . . : 00-26-5A-6A-CD-2D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4581:6977:23a7:8aaf%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.69(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, September 25, 2013 6:16:48 AM
   Lease Expires . . . . . . . . . . : Thursday, September 26, 2013 6:16:47 AM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 251668058
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-D1-28-E6-00-1D-09-2A-9B-2C
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® 82566DC-2 Gigabit Network Connection
   Physical Address. . . . . . . . . : 00-1D-09-2A-9B-2C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{BC288011-71AB-4877-8B1E-DE5A0B75CB28}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:386c:ef6:3f57:feba(Preferred)
   Link-local IPv6 Address . . . . . : fe80::386c:ef6:3f57:feba%9(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 10:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.gateway.2wire.net
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : att.net
   Description . . . . . . . . . . . : isatap.att.net
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dsldevice.att.net
Address:  192.168.1.254

Name:    google.com
Addresses:  2607:f8b0:4010:801::100e
      74.125.239.40
      74.125.239.34
      74.125.239.46
      74.125.239.35
      74.125.239.39
      74.125.239.36
      74.125.239.38
      74.125.239.41
      74.125.239.33
      74.125.239.37
      74.125.239.32



Pinging google.com [74.125.239.102] with 32 bytes of data:

Reply from 74.125.239.102: bytes=32 time=30ms TTL=54

Reply from 74.125.239.102: bytes=32 time=30ms TTL=54



Ping statistics for 74.125.239.102:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 30ms, Maximum = 30ms, Average = 30ms

Server:  dsldevice.att.net
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  98.138.253.109
      206.190.36.45
      98.139.183.24



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=72ms TTL=50

Reply from 206.190.36.45: bytes=32 time=79ms TTL=50



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 72ms, Maximum = 79ms, Average = 75ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 10 ...00 26 5a 6a cd 2d ...... D-Link DWA-125 Wireless 150 USB Adapter
  8 ...00 1d 09 2a 9b 2c ...... Intel® 82566DC-2 Gigabit Network Connection
  1 ........................... Software Loopback Interface 1
 14 ...00 00 00 00 00 00 00 e0  isatap.{BC288011-71AB-4877-8B1E-DE5A0B75CB28}
  9 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 15 ...00 00 00 00 00 00 00 e0  isatap.gateway.2wire.net
 16 ...00 00 00 00 00 00 00 e0  isatap.att.net
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.69     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.69    281
     192.168.1.69  255.255.255.255         On-link      192.168.1.69    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.69    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.69    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.69    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  9     18 ::/0                     On-link
  1    306 ::1/128                  On-link
  9     18 2001::/32                On-link
  9    266 2001:0:5ef5:79fd:386c:ef6:3f57:feba/128
                                    On-link
 10    281 fe80::/64                On-link
  9    266 fe80::/64                On-link
  9    266 fe80::386c:ef6:3f57:feba/128
                                    On-link
 10    281 fe80::4581:6977:23a7:8aaf/128
                                    On-link
  1    306 ff00::/8                 On-link
  9    266 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/25/2013 05:55:28 AM) (Source: System Restore) (User: )
Description: Failed to create restore point on volume (Process = C:\Users\Nini\Downloads\HitmanPro.exe /updated:"C:\Users\Nini\AppData\Local\Temp\HitmanPro.exe"; Descripton = ???????????? ???????A?A A  ?????????? ?a????????????????????????????????Aaaaaaaaaaaaaaaaaaaaaaa??; Hr = 0x80070057).

Error: (09/25/2013 05:33:50 AM) (Source: MsiInstaller) (User: Nini-PC)
Description: Product: Roxio Creator DE -- Error 1706. An installation package for the product Roxio Creator DE cannot be found. Try the installation again using a valid copy of the installation package 'RCPCORE.msi'.

Error: (09/24/2013 05:41:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1849610

Error: (09/24/2013 05:41:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1849610

Error: (09/24/2013 05:41:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/23/2013 07:51:54 PM) (Source: Microsoft-Windows-RestartManager) (User: Nini-PC)
Description: 0C:\Program Files\JRT Studio\iSyncr\iSyncr.exeiSyncr0211771240

Error: (09/23/2013 00:26:13 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1301345

Error: (09/23/2013 00:26:13 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1301345

Error: (09/23/2013 00:26:13 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/23/2013 00:26:12 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1300331


System errors:
=============
Error: (09/25/2013 06:16:38 AM) (Source: Service Control Manager) (User: )
Description: dyyr
kfksa
OMCI
rudpmfl

Error: (09/25/2013 06:14:53 AM) (Source: Service Control Manager) (User: )
Description: ScRegSetValueExWFailureActions%%5

Error: (09/25/2013 05:31:54 AM) (Source: Service Control Manager) (User: )
Description: dyyr
kfksa
OMCI
rudpmfl

Error: (09/25/2013 05:26:31 AM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart

Error: (09/25/2013 05:23:59 AM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart

Error: (09/25/2013 05:17:02 AM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart

Error: (09/25/2013 05:12:08 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

    Feature: %%835

    Error Code: 0x80004005

    Error description: Unspecified error

    Reason: %%842

Error: (09/25/2013 05:12:02 AM) (Source: Service Control Manager) (User: )
Description: dyyr
kfksa
OMCI
rudpmfl

Error: (09/25/2013 05:09:52 AM) (Source: Service Control Manager) (User: )
Description: ScRegSetValueExWFailureActions%%5

Error: (09/25/2013 04:49:55 AM) (Source: Service Control Manager) (User: )
Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X86


Microsoft Office Sessions:
=========================
Error: (07/21/2013 10:02:42 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 606 seconds with 480 seconds of active time.  This session ended with a crash.

Error: (04/13/2013 08:08:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1357 seconds with 540 seconds of active time.  This session ended with a crash.

Error: (11/14/2012 00:07:18 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1001 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (09/11/2012 01:11:48 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 749 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (09/11/2012 00:19:51 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1361 seconds with 960 seconds of active time.  This session ended with a crash.

Error: (04/11/2012 11:43:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 261 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (10/11/2011 06:11:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1117 seconds with 720 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-09-25 07:18:55.187
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-25 07:18:55.012
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-25 07:18:54.780
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-25 07:18:54.591
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-25 07:18:52.426
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-25 07:18:52.236
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-25 07:18:52.039
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-25 07:18:51.785
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-25 07:18:50.117
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-25 07:18:49.902
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 2.0.2.12610)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (Version: 11.8.800.168)
Adobe Reader X (10.1.8) (Version: 10.1.8)
AIM 7
AMD APP SDK Runtime (Version: 10.0.831.4)
AMD Catalyst Install Manager (Version: 3.0.855.0)
ANIWZCS2 Service
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
AVG 2013 (Version: 13.0.3222)
AVG 2013 (Version: 13.0.3408)
AVG 2013 (Version: 2013.0.3408)
Bandisoft MPEG-1 Decoder
Bigasoft Total Video Converter 3.7.6.4626
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.1109.2212.39826)
Catalyst Control Center Graphics Previews Common (Version: 2011.1109.2212.39826)
Catalyst Control Center InstallProxy (Version: 2011.1109.2212.39826)
CCC Help English (Version: 2011.1109.2211.39826)
ccc-utility (Version: 2011.1109.2212.39826)
CCleaner (Version: 3.15)
D3DX10 (Version: 15.4.2368.0902)
Dell Resource CD (Version: 1.10.0000)
dj_sf_software_req (Version: 90.0.235.000)
D-Link Wireless 150 USB Adapter DWA-125 (Version: 1.00.0000)
erLT (Version: 1.20.0137)
ESET Online Scanner v3
ffdshow [rev 3154] [2009-12-09] (Version: 1.0)
HP Deskjet Printer Driver Software 9.0 (Version: 9.0)
iFunbox (v2.5.2365.747), iFunbox DevTeam (Version: v2.5.2365.747)
Intel® PRO Network Connections Drivers
iTunes (Version: 11.1.0.126)
Java 7 Update 25 (Version: 7.0.250)
K-Lite Codec Pack 6.2.0 (Basic) (Version: 6.2.0)
LockHunter 2.0 beta 2, 32 bit
Logitech SetPoint 5.20 (Version: 5.20)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Media Go Video Playback Engine 1.96.117.08260 (Version: 1.96.117.08260)
Media Player Classic - Home Cinema v. 1.3.1249.0
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft LifeCam (Version: 3.60.253.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nexon Game Manager
Norton Internet Security (Version: 18.7.2.3)
Novacomd (Version: 1.0.0.73)
OpenOffice.org 3.2 (Version: 3.2.9502)
Origin (Version: 9.1.15.109)
PlayStation®Network Downloader (Version: 2.07.00849)
PlayStation®Store (Version: 4.12.6.14870)
PunkBuster Services (Version: 0.990)
QuickTime (Version: 7.66.73.0)
Roxio Creator Audio (Version: 3.3.0)
Roxio Creator Copy (Version: 3.3.0)
Roxio Creator Data (Version: 3.3.0)
Roxio Creator DE (Version: 3.3.0)
Roxio Creator Tools (Version: 3.3.0)
Roxio Drag-to-Disc (Version: 9.0)
Roxio Express Labeler (Version: 2.1.0)
Roxio MyDVD DE (Version: 9.0.117)
Roxio Update Manager (Version: 3.0.0)
Segoe UI (Version: 15.4.2271.0615)
Sonic Activation Module (Version: 1.0)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.6.1032)
System Requirements Lab CYRI (Version: 5.0.6.0)
Toolbox (Version: 90.0.146.000)
Tweaking.com - Windows Repair (All in One) (Version: 1.9.17)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
User's Guides (Version: 1.20.0000)
VLC media player 1.1.3 (Version: 1.1.3)
Windows Driver Package - Palm (WinUSB) Palm Devices  (10/09/2009 1.0.1) (Version: 10/09/2009 1.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
WinRAR archiver
Yahoo! Axis
Yahoo! Messenger
Yahoo! Toolbar
YGOPro DevPro version 1.8.6 (Version: 1.8.6)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 87%
Total physical RAM: 3069.22 MB
Available physical RAM: 377.09 MB
Total Pagefile: 6353.45 MB
Available Pagefile: 3802.03 MB
Total Virtual: 2047.88 MB
Available Virtual: 1944.06 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.76 GB) (Free:298.15 GB) NTFS
2 Drive d: (OS) (Fixed) (Total:283.04 GB) (Free:206.33 GB) NTFS
4 Drive f: (RECOVERY) (Fixed) (Total:15 GB) (Free:5.05 GB) NTFS

========================= Users: ========================================

User accounts for \\NINI-PC

Administrator            Guest                    Joe                      
Nini                     


**** End of log ****
 

09:03:18.0436 3488  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:03:19.0488 3488  ============================================================
09:03:19.0488 3488  Current date / time: 2013/09/25 09:03:19.0488
09:03:19.0488 3488  SystemInfo:
09:03:19.0488 3488  
09:03:19.0488 3488  OS Version: 6.0.6002 ServicePack: 2.0
09:03:19.0488 3488  Product type: Workstation
09:03:19.0488 3488  ComputerName: NINI-PC
09:03:19.0489 3488  UserName: Nini
09:03:19.0489 3488  Windows directory: C:\Windows
09:03:19.0489 3488  System windows directory: C:\Windows
09:03:19.0489 3488  Processor architecture: Intel x86
09:03:19.0489 3488  Number of processors: 4
09:03:19.0489 3488  Page size: 0x1000
09:03:19.0489 3488  Boot type: Normal boot
09:03:19.0489 3488  ============================================================
09:03:30.0070 3488  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:03:30.0102 3488  Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:03:30.0164 3488  ============================================================
09:03:30.0164 3488  \Device\Harddisk0\DR0:
09:03:30.0164 3488  MBR partitions:
09:03:30.0164 3488  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
09:03:30.0164 3488  \Device\Harddisk1\DR1:
09:03:30.0168 3488  MBR partitions:
09:03:30.0168 3488  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x18000, BlocksNum 0x1E00000
09:03:30.0168 3488  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1E18000, BlocksNum 0x23616000
09:03:30.0168 3488  ============================================================
09:03:30.0224 3488  C: <-> \Device\Harddisk0\DR0\Partition1
09:03:30.0279 3488  D: <-> \Device\Harddisk1\DR1\Partition2
09:03:30.0309 3488  F: <-> \Device\Harddisk1\DR1\Partition1
09:03:30.0383 3488  ============================================================
09:03:30.0383 3488  Initialize success
09:03:30.0383 3488  ============================================================
09:04:18.0953 7660  ============================================================
09:04:18.0953 7660  Scan started
09:04:18.0953 7660  Mode: Manual;
09:04:18.0953 7660  ============================================================
09:04:19.0285 7660  ================ Scan system memory ========================
09:04:19.0285 7660  System memory - ok
09:04:19.0286 7660  ================ Scan services =============================
09:04:19.0437 7660  [ 9EBE730D4B5E3FF25EAAF5A59BA6CCFF ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
09:04:19.0720 7660  !SASCORE - ok
09:04:19.0948 7660  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
09:04:19.0952 7660  ACPI - ok
09:04:20.0045 7660  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:04:20.0048 7660  AdobeARMservice - ok
09:04:20.0159 7660  [ 24A0876D07EF356DCBC1D7A7929354AB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:04:20.0192 7660  AdobeFlashPlayerUpdateSvc - ok
09:04:20.0219 7660  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:04:20.0225 7660  adp94xx - ok
09:04:20.0247 7660  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:04:20.0253 7660  adpahci - ok
09:04:20.0291 7660  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
09:04:20.0294 7660  adpu160m - ok
09:04:20.0314 7660  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:04:20.0317 7660  adpu320 - ok
09:04:20.0370 7660  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:04:20.0372 7660  AeLookupSvc - ok
09:04:20.0469 7660  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
09:04:20.0483 7660  AFD - ok
09:04:20.0548 7660  [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440          C:\Windows\system32\drivers\agp440.sys
09:04:20.0551 7660  agp440 - ok
09:04:20.0563 7660  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
09:04:20.0565 7660  aic78xx - ok
09:04:20.0593 7660  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
09:04:20.0597 7660  ALG - ok
09:04:20.0654 7660  [ 3A99CB23A2D326FD532618705D6E3048 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:04:20.0657 7660  aliide - ok
09:04:20.0691 7660  [ F970EA885AEFEB1B9EB97CA7F1EB226D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:04:20.0708 7660  AMD External Events Utility - ok
09:04:20.0748 7660  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
09:04:20.0754 7660  amdagp - ok
09:04:20.0770 7660  [ 4333C133DBD71C7D7FE4FB1B83F9EE3E ] amdide          C:\Windows\system32\drivers\amdide.sys
09:04:20.0772 7660  amdide - ok
09:04:20.0784 7660  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
09:04:20.0786 7660  AmdK7 - ok
09:04:20.0795 7660  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:04:20.0798 7660  AmdK8 - ok
09:04:21.0524 7660  [ AB70F110143892EB41AA46500AA5CF00 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
09:04:21.0876 7660  amdkmdag - ok
09:04:21.0955 7660  [ 32D68D05B871EED5572D0C2C764EA4EC ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
09:04:21.0959 7660  amdkmdap - ok
09:04:22.0046 7660  [ 6E6971B22C8ECCFD27FE67CC135CA23F ] androidusb      C:\Windows\system32\Drivers\wsadb.sys
09:04:22.0048 7660  androidusb - ok
09:04:22.0075 7660  [ 48E008CF2EDCF8FC91A9D3507865A51D ] anodlwf         C:\Windows\system32\DRIVERS\anodlwf.sys
09:04:22.0077 7660  anodlwf - ok
09:04:22.0107 7660  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
09:04:22.0108 7660  Appinfo - ok
09:04:22.0170 7660  [ 30E3850F303EAE5C364782EA78579CC9 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:04:22.0174 7660  Apple Mobile Device - ok
09:04:22.0283 7660  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
09:04:22.0291 7660  arc - ok
09:04:22.0302 7660  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:04:22.0308 7660  arcsas - ok
09:04:22.0333 7660  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:04:22.0335 7660  AsyncMac - ok
09:04:22.0365 7660  [ A779CA2C76DA4FCB595E692C05E8E4EB ] atapi           C:\Windows\system32\drivers\atapi.sys
09:04:22.0366 7660  atapi - ok
09:04:22.0402 7660  athur - ok
09:04:22.0637 7660  [ AB70F110143892EB41AA46500AA5CF00 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
09:04:22.0693 7660  atikmdag - ok
09:04:22.0726 7660  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:04:22.0743 7660  AudioEndpointBuilder - ok
09:04:22.0785 7660  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
09:04:22.0787 7660  Audiosrv - ok
09:04:23.0127 7660  [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
09:04:24.0028 7660  AVGIDSAgent - ok
09:04:24.0118 7660  [ 4D7E34E36E586EA26F171A258341BD80 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
09:04:24.0152 7660  AVGIDSDriver - ok
09:04:24.0179 7660  [ 7C8E88549BCDAAC965B1B724C175F7A9 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
09:04:24.0181 7660  AVGIDSHX - ok
09:04:24.0199 7660  [ 2717EBC35166B8793DBFFB4390B8F2E7 ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
09:04:24.0206 7660  AVGIDSShim - ok
09:04:24.0217 7660  [ 2018C4E9A40B122408763A5635CF14D9 ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
09:04:24.0221 7660  Avgldx86 - ok
09:04:24.0301 7660  [ E2B9CF2CF787C6978E7CC898E9684E48 ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
09:04:24.0311 7660  Avglogx - ok
09:04:24.0340 7660  [ 3F59750A3AA55C46663801E7C2FD1E2B ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
09:04:24.0348 7660  Avgmfx86 - ok
09:04:24.0362 7660  [ CBCE8ED318DB8EA431F9D25AC9B7FF41 ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
09:04:24.0364 7660  Avgrkx86 - ok
09:04:24.0389 7660  [ 14370FB29526F593C04FA48B5D69F7F0 ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
09:04:24.0392 7660  Avgtdix - ok
09:04:24.0427 7660  [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
09:04:24.0444 7660  avgwd - ok
09:04:24.0476 7660  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:04:24.0482 7660  Beep - ok
09:04:24.0601 7660  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
09:04:24.0616 7660  BFE - ok
09:04:24.0792 7660  [ 6C6AC7CA8A034C15C52B35189BAD58EE ] BHDrvx86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20130702.001\BHDrvx86.sys
09:04:24.0803 7660  BHDrvx86 - ok
09:04:24.0852 7660  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\system32\qmgr.dll
09:04:24.0897 7660  BITS - ok
09:04:24.0901 7660  blbdrive - ok
09:04:24.0990 7660  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:04:25.0016 7660  Bonjour Service - ok
09:04:25.0051 7660  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:04:25.0055 7660  bowser - ok
09:04:25.0106 7660  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
09:04:25.0107 7660  BrFiltLo - ok
09:04:25.0121 7660  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
09:04:25.0123 7660  BrFiltUp - ok
09:04:25.0170 7660  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
09:04:25.0176 7660  Browser - ok
09:04:25.0191 7660  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
09:04:25.0197 7660  Brserid - ok
09:04:25.0213 7660  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
09:04:25.0216 7660  BrSerWdm - ok
09:04:25.0244 7660  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
09:04:25.0248 7660  BrUsbMdm - ok
09:04:25.0265 7660  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
09:04:25.0268 7660  BrUsbSer - ok
09:04:25.0282 7660  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
09:04:25.0289 7660  BTHMODEM - ok
09:04:25.0508 7660  catchme - ok
09:04:25.0591 7660  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:04:25.0598 7660  cdfs - ok
09:04:25.0628 7660  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:04:25.0630 7660  cdrom - ok
09:04:25.0672 7660  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:04:25.0673 7660  CertPropSvc - ok
09:04:25.0695 7660  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\drivers\circlass.sys
09:04:25.0697 7660  circlass - ok
09:04:25.0732 7660  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
09:04:25.0749 7660  CLFS - ok
09:04:25.0918 7660  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:04:25.0949 7660  clr_optimization_v2.0.50727_32 - ok
09:04:26.0020 7660  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:04:26.0115 7660  clr_optimization_v4.0.30319_32 - ok
09:04:26.0135 7660  [ DFB94A6FC3A26972B0461AB5F1D8272B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:04:26.0137 7660  cmdide - ok
09:04:26.0156 7660  [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
09:04:26.0162 7660  Compbatt - ok
09:04:26.0166 7660  COMSysApp - ok
09:04:26.0181 7660  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:04:26.0183 7660  crcdisk - ok
09:04:26.0225 7660  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
09:04:26.0226 7660  Crusoe - ok
09:04:26.0298 7660  [ 684C130BBC6DB681BAD4920A4C944AA5 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:04:26.0300 7660  CryptSvc - ok
09:04:26.0367 7660  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:04:26.0401 7660  DcomLaunch - ok
09:04:26.0408 7660  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:04:26.0410 7660  DfsC - ok
09:04:26.0563 7660  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
09:04:26.0664 7660  DFSR - ok
09:04:26.0752 7660  [ 919F338FD36F47D860775368D0748780 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
09:04:26.0754 7660  dg_ssudbus - ok
09:04:26.0789 7660  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
09:04:26.0806 7660  Dhcp - ok
09:04:26.0860 7660  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
09:04:26.0861 7660  disk - ok
09:04:26.0898 7660  [ A53723176D0002FEB486EFF8E17812F2 ] DLABMFSM        C:\Windows\system32\DLA\DLABMFSM.SYS
09:04:26.0900 7660  DLABMFSM - ok
09:04:26.0912 7660  [ D4587063ACEA776699251E177D719586 ] DLABOIOM        C:\Windows\system32\DLA\DLABOIOM.SYS
09:04:26.0914 7660  DLABOIOM - ok
09:04:26.0927 7660  [ 5230CDB7E715F3A3B4A882E254CDD35D ] DLACDBHM        C:\Windows\system32\Drivers\DLACDBHM.SYS
09:04:26.0929 7660  DLACDBHM - ok
09:04:26.0942 7660  [ C950C2E7B9ED1A4FC4A2AC7EC044F1D6 ] DLADResM        C:\Windows\system32\DLA\DLADResM.SYS
09:04:26.0949 7660  DLADResM - ok
09:04:27.0042 7660  [ 24400137E387A24410C52A591F3CFB4D ] DLAIFS_M        C:\Windows\system32\DLA\DLAIFS_M.SYS
09:04:27.0047 7660  DLAIFS_M - ok
09:04:27.0057 7660  [ 29A303FECEB28641ECEBDAE89EB71C63 ] DLAOPIOM        C:\Windows\system32\DLA\DLAOPIOM.SYS
09:04:27.0059 7660  DLAOPIOM - ok
09:04:27.0074 7660  [ C93E33A22A1AE0C5508F3FB1F6D0A50C ] DLAPoolM        C:\Windows\system32\DLA\DLAPoolM.SYS
09:04:27.0078 7660  DLAPoolM - ok
09:04:27.0089 7660  [ 77FE51F0F8D86804CB81F6EF6BFB86DD ] DLARTL_M        C:\Windows\system32\Drivers\DLARTL_M.SYS
09:04:27.0091 7660  DLARTL_M - ok
09:04:27.0106 7660  [ B953498C35A31E5AC98F49ADBCF3E627 ] DLAUDFAM        C:\Windows\system32\DLA\DLAUDFAM.SYS
09:04:27.0109 7660  DLAUDFAM - ok
09:04:27.0114 7660  [ 4897704C093C1F59CE58FC65E1E1EF1E ] DLAUDF_M        C:\Windows\system32\DLA\DLAUDF_M.SYS
09:04:27.0116 7660  DLAUDF_M - ok
09:04:27.0147 7660  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:04:27.0150 7660  Dnscache - ok
09:04:27.0185 7660  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:04:27.0189 7660  dot3svc - ok
09:04:27.0211 7660  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
09:04:27.0213 7660  DPS - ok
09:04:27.0244 7660  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:04:27.0249 7660  drmkaud - ok
09:04:27.0261 7660  [ C00440385CF9F3D142917C63F989E244 ] DRVMCDB         C:\Windows\system32\Drivers\DRVMCDB.SYS
09:04:27.0264 7660  DRVMCDB - ok
09:04:27.0293 7660  [ FFC371525AA55D1BAE18715EBCB8797C ] DRVNDDM         C:\Windows\system32\Drivers\DRVNDDM.SYS
09:04:27.0295 7660  DRVNDDM - ok
09:04:27.0391 7660  [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:04:27.0450 7660  DXGKrnl - ok
09:04:27.0454 7660  dyyr - ok
09:04:27.0492 7660  [ 04944F4FC4F0477185F5D26AE0DDB90E ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
09:04:27.0496 7660  e1express - ok
09:04:27.0552 7660  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
09:04:27.0557 7660  E1G60 - ok
09:04:27.0586 7660  EagleNT - ok
09:04:27.0623 7660  EagleXNt - ok
09:04:27.0655 7660  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
09:04:27.0660 7660  EapHost - ok
09:04:27.0685 7660  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
09:04:27.0701 7660  Ecache - ok
09:04:27.0820 7660  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
09:04:27.0862 7660  eeCtrl - ok
09:04:27.0964 7660  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:04:27.0980 7660  ehRecvr - ok
09:04:28.0018 7660  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
09:04:28.0024 7660  ehSched - ok
09:04:28.0035 7660  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
09:04:28.0041 7660  ehstart - ok
09:04:28.0093 7660  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:04:28.0135 7660  elxstor - ok
09:04:28.0253 7660  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
09:04:28.0296 7660  EMDMgmt - ok
09:04:28.0343 7660  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:04:28.0350 7660  EraserUtilRebootDrv - ok
09:04:28.0441 7660  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
09:04:28.0458 7660  EventSystem - ok
09:04:28.0496 7660  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
09:04:28.0499 7660  exfat - ok
09:04:28.0527 7660  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:04:28.0543 7660  fastfat - ok
09:04:28.0559 7660  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
09:04:28.0566 7660  fdc - ok
09:04:28.0575 7660  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
09:04:28.0576 7660  fdPHost - ok
09:04:28.0594 7660  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:04:28.0601 7660  FDResPub - ok
09:04:28.0622 7660  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:04:28.0627 7660  FileInfo - ok
09:04:28.0645 7660  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:04:28.0647 7660  Filetrace - ok
09:04:28.0660 7660  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
09:04:28.0662 7660  flpydisk - ok
09:04:28.0732 7660  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:04:28.0742 7660  FltMgr - ok
09:04:28.0810 7660  [ 119ACA7CADCA75BEA6B38E999443BAA6 ] FontCache       C:\Windows\system32\FntCache.dll
09:04:28.0867 7660  FontCache - ok
09:04:28.0910 7660  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:04:28.0917 7660  FontCache3.0.0.0 - ok
09:04:28.0975 7660  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:04:28.0977 7660  Fs_Rec - ok
09:04:29.0000 7660  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:04:29.0002 7660  gagp30kx - ok
09:04:29.0032 7660  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:04:29.0034 7660  GEARAspiWDM - ok
09:04:29.0095 7660  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:04:29.0121 7660  gpsvc - ok
09:04:29.0169 7660  [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:04:29.0186 7660  HdAudAddService - ok
09:04:29.0230 7660  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:04:29.0247 7660  HDAudBus - ok
09:04:29.0277 7660  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:04:29.0279 7660  HidBth - ok
09:04:29.0295 7660  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:04:29.0301 7660  HidIr - ok
09:04:29.0352 7660  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\System32\hidserv.dll
09:04:29.0354 7660  hidserv - ok
09:04:29.0374 7660  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:04:29.0378 7660  HidUsb - ok
09:04:29.0418 7660  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:04:29.0421 7660  hkmsvc - ok
09:04:29.0431 7660  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
09:04:29.0434 7660  HpCISSs - ok
09:04:29.0471 7660  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:04:29.0503 7660  HTTP - ok
09:04:29.0519 7660  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
09:04:29.0527 7660  i2omp - ok
09:04:29.0542 7660  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:04:29.0543 7660  i8042prt - ok
09:04:29.0554 7660  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
09:04:29.0556 7660  iaStorV - ok
09:04:29.0622 7660  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:04:29.0678 7660  idsvc - ok
09:04:29.0789 7660  [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20130713.001\IDSvix86.sys
09:04:29.0831 7660  IDSVix86 - ok
09:04:29.0906 7660  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:04:29.0909 7660  iirsp - ok
09:04:30.0082 7660  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
09:04:30.0099 7660  IKEEXT - ok
09:04:30.0127 7660  [ 1C60617D54BC9F035671A44B75D9F7CC ] intelide        C:\Windows\system32\drivers\intelide.sys
09:04:30.0129 7660  intelide - ok
09:04:30.0148 7660  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:04:30.0150 7660  intelppm - ok
09:04:30.0174 7660  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:04:30.0176 7660  IPBusEnum - ok
09:04:30.0200 7660  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:04:30.0202 7660  IpFilterDriver - ok
09:04:30.0226 7660  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:04:30.0229 7660  iphlpsvc - ok
09:04:30.0254 7660  IpInIp - ok
09:04:30.0302 7660  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
09:04:30.0305 7660  IPMIDRV - ok
09:04:30.0333 7660  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
09:04:30.0336 7660  IPNAT - ok
09:04:30.0492 7660  [ C00149A7027081539A66DC5A46695EAD ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:04:30.0592 7660  iPod Service - ok
09:04:30.0617 7660  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:04:30.0622 7660  IRENUM - ok
09:04:30.0662 7660  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:04:30.0667 7660  isapnp - ok
09:04:30.0704 7660  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
09:04:30.0707 7660  iScsiPrt - ok
09:04:30.0719 7660  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
09:04:30.0720 7660  iteatapi - ok
09:04:30.0729 7660  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
09:04:30.0731 7660  iteraid - ok
09:04:30.0758 7660  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:04:30.0764 7660  kbdclass - ok
09:04:30.0782 7660  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:04:30.0784 7660  kbdhid - ok
09:04:30.0806 7660  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
09:04:30.0809 7660  KeyIso - ok
09:04:30.0838 7660  kfksa - ok
09:04:30.0990 7660  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:04:31.0009 7660  KSecDD - ok
09:04:31.0077 7660  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:04:31.0083 7660  KtmRm - ok
09:04:31.0127 7660  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\System32\srvsvc.dll
09:04:31.0129 7660  LanmanServer - ok
09:04:31.0166 7660  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:04:31.0170 7660  LanmanWorkstation - ok
09:04:31.0186 7660  [ 7F9C7B28CF1C859E1C42619EEA946DC8 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
09:04:31.0188 7660  LHidFilt - ok
09:04:31.0212 7660  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:04:31.0214 7660  lltdio - ok
09:04:31.0237 7660  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:04:31.0241 7660  lltdsvc - ok
09:04:31.0260 7660  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:04:31.0262 7660  lmhosts - ok
09:04:31.0293 7660  [ AB33792A87285344F43B5CE23421BAB0 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
09:04:31.0295 7660  LMouFilt - ok
09:04:31.0339 7660  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:04:31.0341 7660  LSI_FC - ok
09:04:31.0369 7660  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:04:31.0372 7660  LSI_SAS - ok
09:04:31.0381 7660  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:04:31.0384 7660  LSI_SCSI - ok
09:04:31.0409 7660  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
09:04:31.0411 7660  luafv - ok
09:04:31.0423 7660  [ 77030525CD86A93F1AF34FA9B96D33CE ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys
09:04:31.0425 7660  LUsbFilt - ok
09:04:31.0470 7660  [ D6767D36902E4B9F9EBB2DDD3BBF1A35 ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
09:04:31.0472 7660  mbamchameleon - ok
09:04:31.0532 7660  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
09:04:31.0534 7660  MBAMProtector - ok
09:04:31.0641 7660  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:04:31.0649 7660  MBAMScheduler - ok
09:04:31.0703 7660  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:04:31.0712 7660  MBAMService - ok
09:04:31.0785 7660  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:04:31.0788 7660  Mcx2Svc - ok
09:04:31.0815 7660  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
09:04:31.0822 7660  megasas - ok
09:04:31.0964 7660  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
09:04:31.0968 7660  Microsoft Office Groove Audit Service - ok
09:04:31.0977 7660  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
09:04:31.0982 7660  MMCSS - ok
09:04:32.0012 7660  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
09:04:32.0013 7660  Modem - ok
09:04:32.0111 7660  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:04:32.0114 7660  monitor - ok
09:04:32.0157 7660  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:04:32.0159 7660  mouclass - ok
09:04:32.0189 7660  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:04:32.0191 7660  mouhid - ok
09:04:32.0231 7660  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
09:04:32.0233 7660  MountMgr - ok
09:04:32.0398 7660  [ 0329A45C849C9D77901094B8FFE8BBB9 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:04:32.0403 7660  MozillaMaintenance - ok
09:04:32.0469 7660  [ FEE0BADED54222E9F1DAE9541212AAB1 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
09:04:32.0503 7660  MpFilter - ok
09:04:32.0524 7660  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:04:32.0527 7660  mpio - ok
09:04:32.0622 7660  [ 06D4F934E09C359B0EFBFB3146F1D910 ] MpKsl38b00b19   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DBF76B55-411A-47E2-A69A-F23D0A80CCAE}\MpKsl38b00b19.sys
09:04:32.0624 7660  MpKsl38b00b19 - ok
09:04:32.0650 7660  [ 2C3489660D4A8D514C123C3F0D67DF46 ] MpNWMon         C:\Windows\system32\DRIVERS\MpNWMon.sys
09:04:32.0652 7660  MpNWMon - ok
09:04:32.0725 7660  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:04:32.0726 7660  mpsdrv - ok
09:04:32.0870 7660  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:04:32.0875 7660  MpsSvc - ok
09:04:32.0888 7660  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
09:04:32.0891 7660  Mraid35x - ok
09:04:32.0914 7660  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:04:32.0915 7660  MRxDAV - ok
09:04:32.0939 7660  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:04:32.0940 7660  mrxsmb - ok
09:04:32.0969 7660  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:04:32.0970 7660  mrxsmb10 - ok
09:04:32.0996 7660  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:04:32.0997 7660  mrxsmb20 - ok
09:04:33.0043 7660  [ F0EC3A4E0693A34B148723B4DA31668C ] msahci          C:\Windows\system32\drivers\msahci.sys
09:04:33.0045 7660  msahci - ok
09:04:33.0129 7660  [ B03E3F64B70F8031E65EB26DA23DE91A ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS32.exe
09:04:33.0135 7660  MSCamSvc - ok
09:04:33.0158 7660  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:04:33.0166 7660  msdsm - ok
09:04:33.0189 7660  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
09:04:33.0195 7660  MSDTC - ok
09:04:33.0218 7660  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:04:33.0220 7660  Msfs - ok
09:04:33.0269 7660  [ 956741C67ABAA78B19AADC5474936842 ] MSHUSBVideo     C:\Windows\system32\Drivers\nx6000.sys
09:04:33.0272 7660  MSHUSBVideo - ok
09:04:33.0290 7660  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:04:33.0292 7660  msisadrv - ok
09:04:33.0311 7660  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:04:33.0315 7660  MSiSCSI - ok
09:04:33.0319 7660  msiserver - ok
09:04:33.0356 7660  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:04:33.0358 7660  MSKSSRV - ok
09:04:33.0502 7660  [ CFCE43B70CA0CC4DCC8ADB62B792B173 ] MsMpSvc         c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
09:04:33.0503 7660  MsMpSvc - ok
09:04:33.0578 7660  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:04:33.0579 7660  MSPCLOCK - ok
09:04:33.0609 7660  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:04:33.0614 7660  MSPQM - ok
09:04:33.0673 7660  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:04:33.0676 7660  MsRPC - ok
09:04:33.0696 7660  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
09:04:33.0698 7660  mssmbios - ok
09:04:33.0702 7660  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:04:33.0703 7660  MSTEE - ok
09:04:33.0743 7660  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
09:04:33.0745 7660  Mup - ok
09:04:33.0761 7660  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
09:04:33.0766 7660  napagent - ok
09:04:33.0794 7660  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:04:33.0797 7660  NativeWifiP - ok
09:04:33.0862 7660  [ CE2156DF796D41614AB60E68D107D573 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20130715.021\NAVENG.SYS
09:04:33.0873 7660  NAVENG - ok
09:04:33.0928 7660  [ 19CEB8F4EC8C800A53D0B67E658E0367 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20130715.021\NAVEX15.SYS
09:04:33.0961 7660  NAVEX15 - ok
09:04:34.0040 7660  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:04:34.0107 7660  NDIS - ok
09:04:34.0124 7660  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:04:34.0125 7660  NdisTapi - ok
09:04:34.0147 7660  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:04:34.0149 7660  Ndisuio - ok
09:04:34.0175 7660  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:04:34.0178 7660  NdisWan - ok
09:04:34.0231 7660  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:04:34.0233 7660  NDProxy - ok
09:04:34.0242 7660  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:04:34.0244 7660  NetBIOS - ok
09:04:34.0296 7660  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
09:04:34.0299 7660  netbt - ok
09:04:34.0336 7660  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
09:04:34.0338 7660  Netlogon - ok
09:04:34.0383 7660  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
09:04:34.0425 7660  Netman - ok
09:04:34.0447 7660  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
09:04:34.0489 7660  netprofm - ok
09:04:34.0572 7660  [ 4131E8F614EC61868996503A168219BC ] netr28u         C:\Windows\system32\DRIVERS\Dnetr28u.sys
09:04:34.0714 7660  netr28u - ok
09:04:34.0758 7660  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:04:34.0761 7660  NetTcpPortSharing - ok
09:04:34.0819 7660  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:04:34.0821 7660  nfrd960 - ok
09:04:35.0036 7660  [ E78A365CC3E0FBFC018A33DCE01909F8 ] NIS             C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
09:04:35.0038 7660  NIS - ok
09:04:35.0068 7660  [ 7B01C6172CFD0B10116175E09200D4B4 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:04:35.0073 7660  NisDrv - ok
09:04:35.0107 7660  [ A5CB074F34BBD89948E34A630D459C0C ] NisSrv          c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
09:04:35.0123 7660  NisSrv - ok
09:04:35.0190 7660  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:04:35.0208 7660  NlaSvc - ok
09:04:35.0232 7660  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:04:35.0233 7660  Npfs - ok
09:04:35.0273 7660  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
09:04:35.0275 7660  nsi - ok
09:04:35.0297 7660  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:04:35.0297 7660  nsiproxy - ok
09:04:35.0397 7660  [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:04:35.0455 7660  Ntfs - ok
09:04:35.0469 7660  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
09:04:35.0471 7660  ntrigdigi - ok
09:04:35.0479 7660  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
09:04:35.0481 7660  Null - ok
09:04:35.0497 7660  [ 6F785DB62A6D8F3FAFD3E5695277E849 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:04:35.0500 7660  nvraid - ok
09:04:35.0511 7660  [ 4A5FCAB82D9BF6AF8A023A66802FE9E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:04:35.0513 7660  nvstor - ok
09:04:35.0524 7660  [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:04:35.0527 7660  nv_agp - ok
09:04:35.0550 7660  NwlnkFlt - ok
09:04:35.0555 7660  NwlnkFwd - ok
09:04:35.0633 7660  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:04:35.0640 7660  odserv - ok
09:04:35.0665 7660  [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
09:04:35.0667 7660  ohci1394 - ok
09:04:35.0670 7660  OMCI - ok
09:04:35.0720 7660  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:04:35.0723 7660  ose - ok
09:04:35.0762 7660  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
09:04:35.0770 7660  p2pimsvc - ok
09:04:35.0780 7660  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:04:35.0786 7660  p2psvc - ok
09:04:35.0804 7660  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
09:04:35.0807 7660  Parport - ok
09:04:35.0824 7660  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:04:35.0826 7660  partmgr - ok
09:04:35.0836 7660  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
09:04:35.0838 7660  Parvdm - ok
09:04:35.0865 7660  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:04:35.0869 7660  PcaSvc - ok
09:04:35.0898 7660  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
09:04:35.0900 7660  pci - ok
09:04:35.0922 7660  [ 20B869152448F80AC49CF10264E91F5E ] pciide          C:\Windows\system32\drivers\pciide.sys
09:04:35.0924 7660  pciide - ok
09:04:35.0935 7660  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:04:35.0937 7660  pcmcia - ok
09:04:35.0962 7660  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:04:35.0973 7660  PEAUTH - ok
09:04:36.0029 7660  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
09:04:36.0054 7660  pla - ok
09:04:36.0076 7660  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:04:36.0080 7660  PlugPlay - ok
09:04:36.0107 7660  [ 1713D9DE407313138118D501B0E3C05B ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
09:04:36.0111 7660  PnkBstrA - ok
09:04:36.0128 7660  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
09:04:36.0134 7660  PNRPAutoReg - ok
09:04:36.0143 7660  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
09:04:36.0149 7660  PNRPsvc - ok
09:04:36.0175 7660  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:04:36.0180 7660  PolicyAgent - ok
09:04:36.0199 7660  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:04:36.0201 7660  PptpMiniport - ok
09:04:36.0219 7660  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
09:04:36.0221 7660  Processor - ok
09:04:36.0232 7660  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:04:36.0236 7660  ProfSvc - ok
09:04:36.0242 7660  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
09:04:36.0244 7660  ProtectedStorage - ok
09:04:36.0271 7660  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
09:04:36.0273 7660  PSched - ok
09:04:36.0325 7660  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:04:36.0336 7660  ql2300 - ok
09:04:36.0347 7660  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:04:36.0350 7660  ql40xx - ok
09:04:36.0381 7660  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
09:04:36.0386 7660  QWAVE - ok
09:04:36.0406 7660  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:04:36.0408 7660  QWAVEdrv - ok
09:04:36.0424 7660  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:04:36.0425 7660  RasAcd - ok
09:04:36.0474 7660  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
09:04:36.0479 7660  RasAuto - ok
09:04:36.0512 7660  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:04:36.0515 7660  Rasl2tp - ok
09:04:36.0566 7660  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
09:04:36.0600 7660  RasMan - ok
09:04:36.0639 7660  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:04:36.0641 7660  RasPppoe - ok
09:04:36.0698 7660  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:04:36.0702 7660  RasSstp - ok
09:04:36.0766 7660  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:04:36.0807 7660  rdbss - ok
09:04:36.0836 7660  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:04:36.0838 7660  RDPCDD - ok
09:04:36.0913 7660  [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
09:04:36.0965 7660  rdpdr - ok
09:04:36.0997 7660  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:04:36.0998 7660  RDPENCDD - ok
09:04:37.0044 7660  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:04:37.0045 7660  RDPWD - ok
09:04:37.0138 7660  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:04:37.0145 7660  RemoteAccess - ok
09:04:37.0191 7660  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:04:37.0199 7660  RemoteRegistry - ok
09:04:37.0233 7660  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
09:04:37.0235 7660  RpcLocator - ok
09:04:37.0333 7660  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\System32\rpcss.dll
09:04:37.0338 7660  RpcSs - ok
09:04:37.0395 7660  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:04:37.0397 7660  rspndr - ok
09:04:37.0401 7660  rudpmfl - ok
09:04:37.0405 7660  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
09:04:37.0406 7660  SamSs - ok
09:04:37.0461 7660  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
09:04:37.0463 7660  SASDIFSV - ok
09:04:37.0506 7660  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
09:04:37.0508 7660  SASKUTIL - ok
09:04:37.0568 7660  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:04:37.0570 7660  sbp2port - ok
09:04:37.0601 7660  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:04:37.0604 7660  SCardSvr - ok
09:04:37.0633 7660  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
09:04:37.0642 7660  Schedule - ok
09:04:37.0651 7660  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:04:37.0652 7660  SCPolicySvc - ok
09:04:37.0663 7660  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:04:37.0667 7660  SDRSVC - ok
09:04:37.0701 7660  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:04:37.0703 7660  secdrv - ok
09:04:37.0723 7660  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
09:04:37.0726 7660  seclogon - ok
09:04:37.0732 7660  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\system32\sens.dll
09:04:37.0735 7660  SENS - ok
09:04:37.0745 7660  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
09:04:37.0747 7660  Serenum - ok
09:04:37.0765 7660  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
09:04:37.0768 7660  Serial - ok
09:04:37.0790 7660  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:04:37.0793 7660  sermouse - ok
09:04:37.0855 7660  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:04:37.0857 7660  SessionEnv - ok
09:04:37.0871 7660  [ 103B79418DA647736EE95645F305F68A ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:04:37.0873 7660  sffdisk - ok
09:04:37.0884 7660  [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:04:37.0886 7660  sffp_mmc - ok
09:04:37.0895 7660  [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:04:37.0898 7660  sffp_sd - ok
09:04:37.0902 7660  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:04:37.0903 7660  sfloppy - ok
09:04:37.0959 7660  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:04:37.0962 7660  SharedAccess - ok
09:04:37.0998 7660  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:04:38.0001 7660  ShellHWDetection - ok
09:04:38.0013 7660  [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
09:04:38.0016 7660  sisagp - ok
09:04:38.0025 7660  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
09:04:38.0027 7660  SiSRaid2 - ok
09:04:38.0048 7660  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:04:38.0050 7660  SiSRaid4 - ok
09:04:38.0135 7660  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
09:04:38.0183 7660  slsvc - ok
09:04:38.0212 7660  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
09:04:38.0215 7660  SLUINotify - ok
09:04:38.0243 7660  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:04:38.0246 7660  Smb - ok
09:04:38.0298 7660  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:04:38.0301 7660  SNMPTRAP - ok
09:04:38.0347 7660  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
09:04:38.0348 7660  spldr - ok
09:04:38.0375 7660  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
09:04:38.0379 7660  Spooler - ok
09:04:38.0430 7660  [ 83726CF02ECED69138948083E06B6EAC ] SRTSP           C:\Windows\System32\Drivers\NIS\1207020.003\SRTSP.SYS
09:04:38.0438 7660  SRTSP - ok
09:04:38.0451 7660  [ 4E7EAB2E5615D39CF1F1DF9C71E5E225 ] SRTSPX          C:\Windows\system32\drivers\NIS\1207020.003\SRTSPX.SYS
09:04:38.0453 7660  SRTSPX - ok
09:04:38.0481 7660  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:04:38.0485 7660  srv - ok
09:04:38.0532 7660  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:04:38.0534 7660  srv2 - ok
09:04:38.0602 7660  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:04:38.0603 7660  srvnet - ok
09:04:38.0703 7660  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:04:38.0706 7660  SSDPSRV - ok
09:04:38.0749 7660  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:04:38.0754 7660  SstpSvc - ok
09:04:38.0804 7660  Steam Client Service - ok
09:04:38.0933 7660  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
09:04:39.0000 7660  stisvc - ok
09:04:39.0029 7660  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
09:04:39.0031 7660  swenum - ok
09:04:39.0109 7660  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
09:04:39.0141 7660  swprv - ok
09:04:39.0201 7660  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
09:04:39.0206 7660  Symc8xx - ok
09:04:39.0276 7660  [ 9BBEB8C6258E72D62E7560E6667AAD39 ] SymDS           C:\Windows\system32\drivers\NIS\1207020.003\SYMDS.SYS
09:04:39.0345 7660  SymDS - ok
09:04:39.0422 7660  [ D5C02629C02A820A7E71BCA3D44294A3 ] SymEFA          C:\Windows\system32\drivers\NIS\1207020.003\SYMEFA.SYS
09:04:39.0510 7660  SymEFA - ok
09:04:39.0552 7660  [ AB33C3B196197CA467CBDDA717860DBA ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
09:04:39.0555 7660  SymEvent - ok
09:04:39.0611 7660  [ 8D49CDBB93C3E58E1BFC39FB29444C0A ] SymIM           C:\Windows\system32\DRIVERS\SymIMv.sys
09:04:39.0614 7660  SymIM - ok
09:04:39.0624 7660  [ A73399804D5D4A8B20BA60FCF70C9F1F ] SymIRON         C:\Windows\system32\drivers\NIS\1207020.003\Ironx86.SYS
09:04:39.0627 7660  SymIRON - ok
09:04:39.0644 7660  [ D42A7229E333AF725F1445F785E4658D ] SYMTDIv         C:\Windows\System32\Drivers\NIS\1207020.003\SYMTDIV.SYS
09:04:39.0648 7660  SYMTDIv - ok
09:04:39.0671 7660  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
09:04:39.0673 7660  Sym_hi - ok
09:04:39.0686 7660  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
09:04:39.0688 7660  Sym_u3 - ok
09:04:39.0744 7660  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
09:04:39.0752 7660  SysMain - ok
09:04:39.0766 7660  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:04:39.0769 7660  TabletInputService - ok
09:04:39.0795 7660  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:04:39.0800 7660  TapiSrv - ok
09:04:39.0827 7660  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
09:04:39.0830 7660  TBS - ok
09:04:39.0873 7660  [ 6D0D344F643E28B31262AC2682109A3C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:04:39.0883 7660  Tcpip - ok
09:04:39.0897 7660  [ 6D0D344F643E28B31262AC2682109A3C ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
09:04:39.0903 7660  Tcpip6 - ok
09:04:39.0926 7660  [ 5877A786EF27E42C4E84D1356F922302 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:04:39.0928 7660  tcpipreg - ok
09:04:39.0955 7660  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:04:39.0956 7660  TDPIPE - ok
09:04:39.0966 7660  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:04:39.0967 7660  TDTCP - ok
09:04:39.0990 7660  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:04:39.0991 7660  tdx - ok
09:04:40.0004 7660  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
09:04:40.0007 7660  TermDD - ok
09:04:40.0036 7660  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
09:04:40.0043 7660  TermService - ok
09:04:40.0087 7660  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
09:04:40.0091 7660  Themes - ok
09:04:40.0102 7660  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
09:04:40.0104 7660  THREADORDER - ok
09:04:40.0131 7660  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
09:04:40.0134 7660  TrkWks - ok
09:04:40.0170 7660  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:04:40.0171 7660  TrustedInstaller - ok
09:04:40.0193 7660  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:04:40.0194 7660  tssecsrv - ok
09:04:40.0211 7660  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
09:04:40.0213 7660  tunmp - ok
09:04:40.0220 7660  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:04:40.0223 7660  tunnel - ok
09:04:40.0244 7660  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:04:40.0247 7660  uagp35 - ok
09:04:40.0259 7660  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:04:40.0261 7660  udfs - ok
09:04:40.0291 7660  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:04:40.0294 7660  UI0Detect - ok
09:04:40.0307 7660  [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:04:40.0310 7660  uliagpkx - ok
09:04:40.0322 7660  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci         C:\Windows\system32\drivers\uliahci.sys
09:04:40.0326 7660  uliahci - ok
09:04:40.0334 7660  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
09:04:40.0336 7660  UlSata - ok
09:04:40.0342 7660  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
09:04:40.0344 7660  ulsata2 - ok
09:04:40.0366 7660  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:04:40.0368 7660  umbus - ok
09:04:40.0393 7660  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
09:04:40.0397 7660  upnphost - ok
09:04:40.0415 7660  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
09:04:40.0417 7660  USBAAPL - ok
09:04:40.0445 7660  [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
09:04:40.0448 7660  usbaudio - ok
09:04:40.0455 7660  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:04:40.0459 7660  usbccgp - ok
09:04:40.0478 7660  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:04:40.0480 7660  usbcir - ok
09:04:40.0544 7660  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:04:40.0546 7660  usbehci - ok
09:04:40.0606 7660  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:04:40.0639 7660  usbhub - ok
09:04:40.0678 7660  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:04:40.0681 7660  usbohci - ok
09:04:40.0724 7660  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:04:40.0731 7660  usbprint - ok
09:04:40.0763 7660  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:04:40.0767 7660  USBSTOR - ok
09:04:40.0803 7660  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
09:04:40.0804 7660  usbuhci - ok
09:04:40.0845 7660  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
09:04:40.0847 7660  usbvideo - ok
09:04:40.0874 7660  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
09:04:40.0877 7660  UxSms - ok
09:04:40.0946 7660  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
09:04:40.0988 7660  vds - ok
09:04:41.0018 7660  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:04:41.0021 7660  vga - ok
09:04:41.0063 7660  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:04:41.0064 7660  VgaSave - ok
09:04:41.0093 7660  [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp          C:\Windows\system32\drivers\viaagp.sys
09:04:41.0095 7660  viaagp - ok
09:04:41.0140 7660  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
09:04:41.0144 7660  ViaC7 - ok
09:04:41.0181 7660  [ 58C8D5AC5C3EEF40E7E704A5CED7987D ] viaide          C:\Windows\system32\drivers\viaide.sys
09:04:41.0186 7660  viaide - ok
09:04:41.0228 7660  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:04:41.0231 7660  volmgr - ok
09:04:41.0351 7660  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:04:41.0385 7660  volmgrx - ok
09:04:41.0431 7660  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:04:41.0474 7660  volsnap - ok
09:04:41.0504 7660  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:04:41.0507 7660  vsmraid - ok
09:04:41.0584 7660  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
09:04:41.0602 7660  VSS - ok
09:04:41.0613 7660  [ C466021D31FF6C0A6069D12299D80C0B ] VSTHWBS2        C:\Windows\system32\DRIVERS\VSTBS23.SYS
09:04:41.0617 7660  VSTHWBS2 - ok
09:04:41.0636 7660  [ EC36F1D542ED4252390D446BF6D4DFD0 ] VST_DPV         C:\Windows\system32\DRIVERS\VSTDPV3.SYS
09:04:41.0647 7660  VST_DPV - ok
09:04:41.0739 7660  [ E26744E5DD71A16E80D4DD5A286B8423 ] VX3000          C:\Windows\system32\DRIVERS\VX3000.sys
09:04:41.0773 7660  VX3000 - ok
09:04:41.0817 7660  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
09:04:41.0821 7660  W32Time - ok
09:04:41.0834 7660  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:04:41.0836 7660  WacomPen - ok
09:04:41.0857 7660  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
09:04:41.0860 7660  Wanarp - ok
09:04:41.0863 7660  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:04:41.0864 7660  Wanarpv6 - ok
09:04:41.0908 7660  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:04:41.0914 7660  wcncsvc - ok
09:04:41.0939 7660  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:04:41.0942 7660  WcsPlugInService - ok
09:04:41.0960 7660  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
09:04:41.0962 7660  Wd - ok
09:04:41.0993 7660  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:04:41.0997 7660  Wdf01000 - ok
09:04:42.0024 7660  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:04:42.0028 7660  WdiServiceHost - ok
09:04:42.0032 7660  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:04:42.0035 7660  WdiSystemHost - ok
09:04:42.0047 7660  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
09:04:42.0051 7660  WebClient - ok
09:04:42.0086 7660  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:04:42.0090 7660  Wecsvc - ok
09:04:42.0097 7660  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:04:42.0101 7660  wercplsupport - ok
09:04:42.0142 7660  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:04:42.0146 7660  WerSvc - ok
09:04:42.0166 7660  [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf        C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
09:04:42.0175 7660  winachsf - ok
09:04:42.0217 7660  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
09:04:42.0219 7660  WinDefend - ok
09:04:42.0225 7660  WinHttpAutoProxySvc - ok
09:04:42.0271 7660  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:04:42.0273 7660  Winmgmt - ok
09:04:42.0333 7660  WinRing0_1_2_0 - ok
09:04:42.0376 7660  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:04:42.0401 7660  WinRM - ok
09:04:42.0454 7660  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.SYS
09:04:42.0457 7660  WinUsb - ok
09:04:42.0480 7660  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:04:42.0487 7660  Wlansvc - ok
09:04:42.0573 7660  [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:04:42.0599 7660  wlidsvc - ok
09:04:42.0615 7660  [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:04:42.0617 7660  WmiAcpi - ok
09:04:42.0653 7660  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:04:42.0655 7660  wmiApSrv - ok
09:04:42.0719 7660  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
09:04:42.0729 7660  WMPNetworkSvc - ok
09:04:42.0750 7660  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:04:42.0754 7660  WPCSvc - ok
09:04:42.0778 7660  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:04:42.0781 7660  WPDBusEnum - ok
09:04:42.0811 7660  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
09:04:42.0814 7660  WpdUsb - ok
09:04:42.0888 7660  [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:04:42.0897 7660  WPFFontCache_v0400 - ok
09:04:42.0925 7660  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:04:42.0926 7660  ws2ifsl - ok
09:04:42.0946 7660  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\system32\wscsvc.dll
09:04:42.0950 7660  wscsvc - ok
09:04:42.0954 7660  WSearch - ok
09:04:43.0011 7660  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
09:04:43.0025 7660  wuauserv - ok
09:04:43.0076 7660  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:04:43.0079 7660  WudfPf - ok
09:04:43.0087 7660  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:04:43.0090 7660  WUDFRd - ok
09:04:43.0120 7660  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:04:43.0125 7660  wudfsvc - ok
09:04:43.0149 7660  XDva388 - ok
09:04:43.0216 7660  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
09:04:43.0224 7660  YahooAUService - ok
09:04:43.0255 7660  [ E9EC5D1EE0FB23A28AEE456E825C62F2 ] YNanoService    C:\Program Files\Yahoo!\YNanoClient\cpn0\YNanoService.exe
09:04:43.0257 7660  YNanoService - ok
09:04:43.0285 7660  ================ Scan global ===============================
09:04:43.0380 7660  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
09:04:43.0422 7660  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
09:04:43.0433 7660  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
09:04:43.0505 7660  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
09:04:43.0540 7660  [Global] - ok
09:04:43.0541 7660  ================ Scan MBR ==================================
09:04:43.0567 7660  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:04:44.0706 7660  \Device\Harddisk0\DR0 - ok
09:04:44.0721 7660  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
09:04:44.0886 7660  \Device\Harddisk1\DR1 - ok
09:04:44.0887 7660  ================ Scan VBR ==================================
09:04:44.0889 7660  [ 64C0B74CDC8D12E0E67F741E850D1AF1 ] \Device\Harddisk0\DR0\Partition1
09:04:44.0890 7660  \Device\Harddisk0\DR0\Partition1 - ok
09:04:44.0907 7660  [ FD94D6EAEC57017D82FE5476DDFD1218 ] \Device\Harddisk1\DR1\Partition1
09:04:44.0908 7660  \Device\Harddisk1\DR1\Partition1 - ok
09:04:44.0910 7660  [ 1C5FB9D0D4346B54B351EF47951896EA ] \Device\Harddisk1\DR1\Partition2
09:04:44.0912 7660  \Device\Harddisk1\DR1\Partition2 - ok
09:04:44.0912 7660  ============================================================
09:04:44.0912 7660  Scan finished
09:04:44.0912 7660  ============================================================
09:04:44.0920 4872  Detected object count: 0
09:04:44.0920 4872  Actual detected object count: 0
09:05:28.0910 7172  Deinitialize success

 

# AdwCleaner v3.005 - Report created 25/09/2013 at 13:20:49
# Updated 22/09/2013 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Nini - NINI-PC
# Running from : C:\Users\Nini\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16502


-\\ Mozilla Firefox v24.0 (en-US)

[ File : C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\2fymiiq1.default\prefs.js ]


[ File : C:\Users\Joe.Nini-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\0qvn9y7f.default\prefs.js ]


*************************

AdwCleaner[R2].txt - [4085 octets] - [19/09/2013 07:41:12]
AdwCleaner[R3].txt - [1065 octets] - [19/09/2013 16:35:20]
AdwCleaner[R4].txt - [2124 octets] - [25/09/2013 05:07:40]
AdwCleaner[R5].txt - [1342 octets] - [25/09/2013 06:13:21]
AdwCleaner[R6].txt - [987 octets] - [25/09/2013 13:20:49]
AdwCleaner[S1].txt - [4906 octets] - [05/09/2013 20:10:58]
AdwCleaner[S2].txt - [4227 octets] - [19/09/2013 07:42:29]
AdwCleaner[S3].txt - [1127 octets] - [19/09/2013 16:45:41]
AdwCleaner[S4].txt - [2205 octets] - [25/09/2013 05:09:31]
AdwCleaner[S5].txt - [1406 octets] - [25/09/2013 06:14:31]

########## EOF - C:\AdwCleaner\AdwCleaner[R6].txt - [1346 octets] ##########
 

ESET log:

 

C:\$RECYCLE.BIN\S-1-5-21-2055173356-654305777-185414532-1000\$R149HB2.exe    a variant of Win32/SoftonicDownloader.E application    
C:\AdwCleaner\Quarantine\C\Program Files\Searchprotect\bin\ChromeModule.dll.vir    a variant of Win32/Conduit.SearchProtect.C application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Searchprotect\bin\cltmng.exe.vir    a variant of Win32/Conduit.SearchProtect.B application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Searchprotect\bin\CltMngSvc.exe.vir    Win32/Conduit.SearchProtect.E application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Searchprotect\bin\FirefoxModule.dll.vir    a variant of Win32/Conduit.SearchProtect.C application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Searchprotect\bin\InternetExplorerModule.dll.vir    a variant of Win32/Conduit.SearchProtect.C application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Searchprotect\bin\SPHook32.dll.vir    probably a variant of Win32/Conduit.SearchProtect.C application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Searchprotect\bin\SPRunner.exe.vir    Win32/Conduit.SearchProtect.D application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Searchprotect\ffprotect\application.js.vir    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Searchprotect\ffprotect\nsprotector.js.vir    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Nini\AppData\Roaming\Search Protection\SearchProtection.exe.vir    a variant of Win32/Toolbar.Widgi application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Nini\AppData\Roaming\Search Protection\Uninstall.exe.vir    probably a variant of Win32/Toolbar.Widgi application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Nini\AppData\Roaming\Searchprotect\bin\ChromeModule.dll.vir    a variant of Win32/Conduit.SearchProtect.C application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Nini\AppData\Roaming\Searchprotect\bin\cltmng.exe.vir    a variant of Win32/Conduit.SearchProtect.B application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Nini\AppData\Roaming\Searchprotect\bin\CltMngSvc.exe.vir    Win32/Conduit.SearchProtect.E application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Nini\AppData\Roaming\Searchprotect\bin\FirefoxModule.dll.vir    a variant of Win32/Conduit.SearchProtect.C application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Nini\AppData\Roaming\Searchprotect\bin\InternetExplorerModule.dll.vir    a variant of Win32/Conduit.SearchProtect.C application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Nini\AppData\Roaming\Searchprotect\bin\SPHook32.dll.vir    probably a variant of Win32/Conduit.SearchProtect.C application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Nini\AppData\Roaming\Searchprotect\bin\SPRunner.exe.vir    Win32/Conduit.SearchProtect.D application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Nini\AppData\Roaming\Searchprotect\ffprotect\application.js.vir    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Nini\AppData\Roaming\Searchprotect\ffprotect\nsprotector.js.vir    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Windows\system32\dmwu.exe.vir    a variant of Win32/Toolbar.Perion.G application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Windows\system32\ARFC\wrtc.exe.vir    a variant of Win32/Toolbar.Perion.G application    cleaned by deleting - quarantined
C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe    a variant of Win32/1AntiVirus application    cleaned by deleting - quarantined
C:\Program Files\Mozilla Firefox\browser\nsprotector.js    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\System Volume Information\SystemRestore\FRStaging\Users\Nini\AppData\Roaming\Search Protection\SearchProtection.exe    a variant of Win32/Toolbar.Widgi application    cleaned by deleting - quarantined
C:\Users\Nini\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\46317f41-4775da7b    a variant of Java/Exploit.CVE-2013-2423.GU trojan    cleaned by deleting - quarantined
C:\Users\Nini\Downloads\epm.exe    Win32/OpenCandy application    cleaned by deleting - quarantined
C:\Users\Nini\Downloads\gb3-setup.exe    a variant of Win32/ELEX application    cleaned by deleting - quarantined
 

 

 


Edited by NaviLink, 25 September 2013 - 03:30 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,404 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:27 AM

Posted 02 October 2013 - 10:06 PM

Sorry for the delay
 
Looks pretty good now.
 
In Control Panel , uninstall...
Adobe Reader X (10.1.8) (Version: 10.1.8)
Java 7 Update 25 (Version: 7.0.250)
 
Reboot
 
Reinstall
Adobe ReaderXI HERE
UN check "Yes, install Google Chrome"
 
Java Version 7 Update 40
Select Windows Offline (32-bit)
 
 
Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 NaviLink

NaviLink
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:27 PM

Posted 04 October 2013 - 12:31 AM

Hello beepme,

 

I"ve done all those suggests.

 

There are two things that's bugging me for awhile.

1)  Windows update cannot be updated, Windows kept saying "Restart your computer to install updates"

tried MS Fixit "Problems installing recent updates" Not fixed

tried Clean Boot using Configsys, didn't work

 

2) Loop sfc/ scannow "There is a system pending which requires a reboot to complete.  Restart Windows and run sfc again."



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,404 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:27 AM

Posted 04 October 2013 - 09:07 AM

OK, run this, it will also rerun SFC.

Windows Repair (All In One)
 


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 NaviLink

NaviLink
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:27 PM

Posted 04 October 2013 - 11:12 PM

Okay I did windows repair felt like didn't help at all, I'am suppose to do anything like check or uncheck? I just go straight to start repair.



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,404 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:27 AM

Posted 06 October 2013 - 06:10 PM

You should just check them all


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 NaviLink

NaviLink
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:27 PM

Posted 07 October 2013 - 11:42 AM

I scan it twice and result are still the same "Restart Windows and run sfc again." I tried the other method by deleting "pending.xml" mine was "pending.xml.557.old" still doesn't work.



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,404 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:27 AM

Posted 07 October 2013 - 07:28 PM

Hi sorry I have been looking and cannot find the solution.. Ask about this in the Vista forum . Someone there may have an idea.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users