Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

rkill won't run


  • Please log in to reply
13 replies to this topic

#1 jemcadd

jemcadd

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 31 August 2014 - 07:54 AM

I am able to run rkill in safemode (vista business) but cannot run in normal startup. got the message- problem retrieving enviroment variable: appdata doesn't exist.

also, unhide returns same.

got suggestions?


Edited by hamluis, 01 September 2014 - 10:55 AM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,372 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:46 PM

Posted 31 August 2014 - 12:13 PM

There are three download options listed here at Bleeping Computer.  These have different names to get around the problem you are experiencing.

 

What sort of problem are you experiencing that has prompted you to run RKill?


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 jemcadd

jemcadd
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 01 September 2014 - 08:20 AM

A couple of weeks ago AVG found- Java/ClassLoader - and removed it. Since then some programs lose all the custom

settings each reboot, sometimes alot of cpu usage with only one logged in user and no network activity. there has been

intermittent display problems and are probably more to mention.
I wanted to make sure things were clean and was informed of a virus removal procedure that uses rkill, and seneral others in safemode and normal startup. I was not able to run rkill(version 2.6.8.0) or unhide(2.0.0.0) after normal reboot.



#4 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,372 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:46 PM

Posted 01 September 2014 - 08:34 AM

RKill isn't a virus or malware removal program.  It only stops the infections so other programs can run to remove it.
 
Let's try running some scans without it first.

 

 

Please download AdwCleaner and install it.

 
When AdwCleaner opens you will see an image like the one below.
 
adwcleaner11_zps48314883.png
 
Click on Scan to start the scan.
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  If you have any questions about any items in the list please copy and paste the list in your topic so we can review it.  
 
You will receive a message telling you that all programs will be closed so that the infections can be removed.  Click on OK.
 
When the cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your topic.


Please run the ESET OnlineScan

This scan takes quite a long time to run, so be prepared to have the time to allow this to run till it is completed.

***Please note. If you run this scan using Internet Explorer you won't need to download the Eset Smartinstaller.***

  • Click on this link to open ESET OnlineScan in a new window.
  • The ESET Online Scanner page will open, click on Yes, I agree to the trems of use, then click on Start, the scan will now begine.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

Please download Malwarebytes Anti-Malware.  After clicking on the link the download will start automatically.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  Malwarebytes will automatically open.  If this is the first time you have run this version of Malwarbytes you will see an image like the one below.
 
mbam1_zps95cc812c.png
 
Click on Update Now, after Malwarebytes is updated click on Scan.
 
If this isn't the first time you have run this version, then you will see an image like the one below.  Click on Scan
 
mbam1_zps98e7fba9.png
 
You will be prompted to update Malwarebytes, to do so click on Update Now.
 
 mbam2_zps85f38f0c.png
 
3)  The scan will automatically run now.
 
mbamreplace_zps3ead4824.png
 
 
4)  When the scan is complete the results will be displayed.  Click on Quarantine All, then click on Apply Actions
 
mbam4_zps23e52ad4.png
 
 
5)  To complete any actions taken you will be asked if you want to restart your computer, click on Yes
 
 mbam4_zps490948cc.png
 
6)  Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  When the log opens, scroll down toward the bottom of the log to Quarantined Items.  Copy and paste this in your next post.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#5 jemcadd

jemcadd
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 01 September 2014 - 09:16 AM

FYI
the procedure I followed was:
Delete your Temporary Internet Files
Empty the Recycle Bin
Empty your Temp Files
Turn off System Restore
Reboot in Safe Mode
Run rkill, unhide, tdsskiller, mcafee stinger, my virus protection, superantispyware and malwarebytes antimalware

Reboot (normal)
Update superantispyware, malwarebytes antimalware and avg
Run rkill, unhide, tdsskiller, mcafee stinger, superantispyware, malwarebytes antimalware and my virus protection

 

I had success the first time I did this, but I am still having problems so I tried this again and was not able to run rklii after normal start

 

Here are the MWB logs:
Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org

Database version: v2014.08.05.09

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Joe :: JOE-PC [administrator]

8/5/2014 7:13:49 PM
mbar-log-2014-08-05 (19-13-49).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 308733
Time elapsed: 12 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKLM\SOFTWARE\CLASSES\APPID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE} (Trojan.BHO) -> Delete on reboot. [3f599c26cdae2610e49c531d8181c43c]
HKU\S-1-5-21-643986393-1586831009-223641285-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\g043oqxanu (Trojan.FakeAlert) -> Delete on reboot. [dcbc2f93aad177bf600c6f30ad56f010]
HKU\S-1-5-21-643986393-1586831009-223641285-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\wnxmal (Rogue.SecuritySuite) -> Delete on reboot. [b7e1784a4a31171fc3e633465ca74cb4]

Registry Values Detected: 1
HKU\S-1-5-21-643986393-1586831009-223641285-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Shell (Trojan.Agent.RNS) -> Data: explorer.exe,C:\Users\Joe\AppData\Roaming\skype.dat -> Delete on reboot. [c7d1c4fe700b81b524e5aa4bdf24b848]

Registry Data Items Detected: 1
HKU\S-1-5-21-643986393-1586831009-223641285-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page (Hijack.Homepage) -> Bad: (file:///C:/Users/Joe/OldDocs/homePage.html) Good: (http://www.Google.com/) -> Replace on reboot. [3d5b586a53282b0be2d367566c98936d]

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org

Database version: v2014.08.23.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Joe :: JOE-PC [administrator]

8/23/2014 7:09:59 AM
mbar-log-2014-08-23 (07-09-59).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 315374
Time elapsed: 11 minute(s), 44 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKU\S-1-5-21-643986393-1586831009-223641285-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page (Hijack.Homepage) -> Bad: (file:///C:/Users/Joe/OldDocs/homePage.html) Good: (http://www.Google.com/) -> Replace on reboot. [207909c0fd7e3afc49fb43953cc8b64a]

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org

Database version: v2014.08.31.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Joe :: JOE-PC [administrator]

8/31/2014 7:07:24 AM
mbar-log-2014-08-31 (07-07-24).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 316418
Time elapsed: 16 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

 

Thank you very much and I will run AdwCleaner.



#6 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,372 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:46 PM

Posted 01 September 2014 - 09:32 AM

You have not posted the log for the Eset scan, please do so.

 

Please download Kaspersky's TDSSKiller.
 
Many rootkits target the name TDSSKiller so that it is terminated when you attempt to run it.  Because of this you should rename it to iexplore.exe after you have downloaded it.  To do this, right-click on the TDSSKiller.exe icon and select Rename, after you have changed the name double click on it to launch it.
 
1)  TDSSKiller will display the welcome screen.  You will need to click on Change Parameters.
 
tdss1_zps90132559.png
 
2)  In the new window place a check mark in the Detect TDLFS file system box to enable it, then click on OK.
 
tdss2_zpsabd325a0.png
 
3)  To start the scan click on the Start scan button.
 
tdss3_zps52ccd84c.png
 
4)  TDSSKiller will now scan your computer.
 
tdss4_zps6792a13c.png
 
5)  When the scan is finished it will display screen similar to the one below stating whether an infection was found or not.
 
tdss5_zps98fc5887.png
 
6)  If an infection is found click on the Continue button and TDSSKiller will attempt to clean the infection.  A reboot will be required to completely remove any infection found on your computer.
 
A log will be generated with the results of the scan.  
 
In Windows Vista and Window 7 right click on the Start orb startorb_zps06e1f985.png, then click on the C: drive (this should be the drive which the operating system is on, if it isn't on the C: drive click on the appropriate drive).  Scroll down till you find the file titled iexplore.exe and click on it.
 
In Windows 8 go to Search and type in Computer.  In the box in the left pane click on Computer.  Click on the C: drive (this should be the drive which the operating system is on, if it isn't on the C: drive click on the appropriate drive).  Scroll down till you find the file titled iexplore.exe and click on it.
 
After opening the log please copy it and then paste it in your next post.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#7 jemcadd

jemcadd
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 01 September 2014 - 10:15 AM

In my previous posts I have indicated that I have run MWB on 8/5, 8/23 and 8/31.Here is the first (post too long for any more) TDSS logs:

 

21:28:45.0099 1960  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:28:45.0099 1960  ============================================================
21:28:45.0099 1960  Current date / time: 2013/05/08 21:28:45.0099
21:28:45.0099 1960  SystemInfo:
21:28:45.0099 1960 
21:28:45.0099 1960  OS Version: 6.0.6002 ServicePack: 2.0
21:28:45.0099 1960  Product type: Workstation
21:28:45.0099 1960  ComputerName: JOE-PC
21:28:45.0115 1960  UserName: Administrator
21:28:45.0115 1960  Windows directory: C:\Windows
21:28:45.0115 1960  System windows directory: C:\Windows
21:28:45.0115 1960  Processor architecture: Intel x86
21:28:45.0115 1960  Number of processors: 2
21:28:45.0115 1960  Page size: 0x1000
21:28:45.0115 1960  Boot type: Safe boot
21:28:45.0115 1960  ============================================================
21:28:45.0505 1960  Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:28:45.0505 1960  ============================================================
21:28:45.0505 1960  \Device\Harddisk0\DR0:
21:28:45.0505 1960  MBR partitions:
21:28:45.0505 1960  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1D2000
21:28:45.0505 1960  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D1D2800, BlocksNum 0x1D1B2000
21:28:45.0505 1960  ============================================================
21:28:45.0536 1960  C: <-> \Device\Harddisk0\DR0\Partition1
21:28:45.0567 1960  D: <-> \Device\Harddisk0\DR0\Partition2
21:28:45.0567 1960  ============================================================
21:28:45.0567 1960  Initialize success
21:28:45.0567 1960  ============================================================
21:29:01.0666 1120  ============================================================
21:29:01.0666 1120  Scan started
21:29:01.0666 1120  Mode: Manual;
21:29:01.0666 1120  ============================================================
21:29:01.0853 1120  ================ Scan system memory ========================
21:29:01.0853 1120  System memory - ok
21:29:01.0853 1120  ================ Scan services =============================
21:29:01.0978 1120  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
21:29:01.0978 1120  ACPI - ok
21:29:02.0025 1120  [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:29:02.0025 1120  AdobeFlashPlayerUpdateSvc - ok
21:29:02.0056 1120  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:29:02.0056 1120  adp94xx - ok
21:29:02.0072 1120  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:29:02.0072 1120  adpahci - ok
21:29:02.0087 1120  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
21:29:02.0087 1120  adpu160m - ok
21:29:02.0103 1120  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:29:02.0103 1120  adpu320 - ok
21:29:02.0119 1120  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:29:02.0119 1120  AeLookupSvc - ok
21:29:02.0134 1120  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
21:29:02.0150 1120  AFD - ok
21:29:02.0150 1120  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:29:02.0150 1120  agp440 - ok
21:29:02.0165 1120  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
21:29:02.0165 1120  aic78xx - ok
21:29:02.0181 1120  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
21:29:02.0181 1120  ALG - ok
21:29:02.0197 1120  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:29:02.0197 1120  aliide - ok
21:29:02.0212 1120  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
21:29:02.0212 1120  amdagp - ok
21:29:02.0212 1120  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
21:29:02.0212 1120  amdide - ok
21:29:02.0228 1120  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
21:29:02.0228 1120  AmdK7 - ok
21:29:02.0243 1120  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:29:02.0243 1120  AmdK8 - ok
21:29:02.0259 1120  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
21:29:02.0259 1120  Appinfo - ok
21:29:02.0275 1120  [ 0FE769CAE5855B53C90E23F85E7E89FF ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:29:02.0275 1120  AppMgmt - ok
21:29:02.0290 1120  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
21:29:02.0290 1120  arc - ok
21:29:02.0321 1120  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:29:02.0321 1120  arcsas - ok
21:29:02.0321 1120  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:29:02.0321 1120  AsyncMac - ok
21:29:02.0337 1120  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:29:02.0337 1120  atapi - ok
21:29:02.0353 1120  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:29:02.0353 1120  AudioEndpointBuilder - ok
21:29:02.0368 1120  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:29:02.0368 1120  Audiosrv - ok
21:29:02.0540 1120  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
21:29:02.0618 1120  AVGIDSAgent - ok
21:29:02.0633 1120  [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
21:29:02.0649 1120  AVGIDSDriver - ok
21:29:02.0649 1120  [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
21:29:02.0665 1120  AVGIDSHX - ok
21:29:02.0665 1120  [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
21:29:02.0665 1120  AVGIDSShim - ok
21:29:02.0696 1120  [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
21:29:02.0696 1120  Avgldx86 - ok
21:29:02.0711 1120  [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
21:29:02.0711 1120  Avglogx - ok
21:29:02.0727 1120  [ AF7AA9BA434CD28833A66E90993E8DFD ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
21:29:02.0727 1120  Avgmfx86 - ok
21:29:02.0727 1120  [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
21:29:02.0727 1120  Avgrkx86 - ok
21:29:02.0758 1120  [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
21:29:02.0758 1120  Avgtdix - ok
21:29:02.0774 1120  [ DB61A6ECACD9D84405D2F3E411B25409 ] avgtp           C:\Windows\system32\drivers\avgtpx86.sys
21:29:02.0774 1120  avgtp - ok
21:29:02.0789 1120  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
21:29:02.0805 1120  avgwd - ok
21:29:02.0821 1120  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:29:02.0821 1120  Beep - ok
21:29:02.0852 1120  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
21:29:02.0852 1120  BFE - ok
21:29:02.0883 1120  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
21:29:02.0899 1120  BITS - ok
21:29:02.0914 1120  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
21:29:02.0914 1120  blbdrive - ok
21:29:02.0930 1120  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:29:02.0930 1120  bowser - ok
21:29:02.0945 1120  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
21:29:02.0945 1120  BrFiltLo - ok
21:29:02.0945 1120  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
21:29:02.0945 1120  BrFiltUp - ok
21:29:02.0961 1120  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
21:29:02.0961 1120  Browser - ok
21:29:02.0977 1120  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
21:29:02.0977 1120  Brserid - ok
21:29:02.0992 1120  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
21:29:02.0992 1120  BrSerWdm - ok
21:29:02.0992 1120  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
21:29:02.0992 1120  BrUsbMdm - ok
21:29:03.0008 1120  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
21:29:03.0008 1120  BrUsbSer - ok
21:29:03.0008 1120  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:29:03.0008 1120  BTHMODEM - ok
21:29:03.0023 1120  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:29:03.0023 1120  cdfs - ok
21:29:03.0039 1120  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:29:03.0039 1120  cdrom - ok
21:29:03.0055 1120  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:29:03.0055 1120  CertPropSvc - ok
21:29:03.0070 1120  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
21:29:03.0070 1120  circlass - ok
21:29:03.0086 1120  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
21:29:03.0101 1120  CLFS - ok
21:29:03.0148 1120  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:29:03.0148 1120  clr_optimization_v2.0.50727_32 - ok
21:29:03.0179 1120  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:29:03.0179 1120  clr_optimization_v4.0.30319_32 - ok
21:29:03.0195 1120  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:29:03.0195 1120  cmdide - ok
21:29:03.0195 1120  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:29:03.0195 1120  Compbatt - ok
21:29:03.0226 1120  [ 4AD85E8C1B15E594AFCCB4F4F46CF1E2 ] CompFilter      C:\Windows\system32\DRIVERS\lvbusflt.sys
21:29:03.0226 1120  CompFilter - ok
21:29:03.0226 1120  COMSysApp - ok
21:29:03.0226 1120  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:29:03.0226 1120  crcdisk - ok
21:29:03.0242 1120  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
21:29:03.0242 1120  Crusoe - ok
21:29:03.0273 1120  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:29:03.0273 1120  CryptSvc - ok
21:29:03.0304 1120  [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C ] CSC             C:\Windows\system32\drivers\csc.sys
21:29:03.0304 1120  CSC - ok
21:29:03.0320 1120  [ 0A2095F92F6AE4FE6484D911B0C21E95 ] CscService      C:\Windows\System32\cscsvc.dll
21:29:03.0320 1120  CscService - ok
21:29:03.0351 1120  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:29:03.0351 1120  DcomLaunch - ok
21:29:03.0351 1120  dfeeledn - ok
21:29:03.0382 1120  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:29:03.0382 1120  DfsC - ok
21:29:03.0429 1120  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
21:29:03.0460 1120  DFSR - ok
21:29:03.0476 1120  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
21:29:03.0476 1120  Dhcp - ok
21:29:03.0491 1120  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
21:29:03.0491 1120  disk - ok
21:29:03.0523 1120  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:29:03.0523 1120  Dnscache - ok
21:29:03.0538 1120  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:29:03.0538 1120  dot3svc - ok
21:29:03.0554 1120  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
21:29:03.0554 1120  DPS - ok
21:29:03.0569 1120  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:29:03.0569 1120  drmkaud - ok
21:29:03.0616 1120  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:29:03.0632 1120  DXGKrnl - ok
21:29:03.0632 1120  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
21:29:03.0647 1120  E1G60 - ok
21:29:03.0647 1120  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
21:29:03.0647 1120  EapHost - ok
21:29:03.0679 1120  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
21:29:03.0679 1120  Ecache - ok
21:29:03.0679 1120  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:29:03.0694 1120  elxstor - ok
21:29:03.0725 1120  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
21:29:03.0725 1120  EMDMgmt - ok
21:29:03.0741 1120  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:29:03.0741 1120  ErrDev - ok
21:29:03.0772 1120  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
21:29:03.0772 1120  EventSystem - ok
21:29:03.0772 1120  evjffiti - ok
21:29:03.0788 1120  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
21:29:03.0788 1120  exfat - ok
21:29:03.0803 1120  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:29:03.0803 1120  fastfat - ok
21:29:03.0835 1120  [ DFBA0F60FA301E5B1BFB1403A93EE23E ] Fax             C:\Windows\system32\fxssvc.exe
21:29:03.0835 1120  Fax - ok
21:29:03.0850 1120  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:29:03.0850 1120  fdc - ok
21:29:03.0866 1120  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:29:03.0866 1120  fdPHost - ok
21:29:03.0866 1120  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:29:03.0881 1120  FDResPub - ok
21:29:03.0897 1120  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:29:03.0897 1120  FileInfo - ok
21:29:03.0913 1120  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:29:03.0913 1120  Filetrace - ok
21:29:03.0928 1120  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:29:03.0928 1120  flpydisk - ok
21:29:03.0944 1120  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:29:03.0959 1120  FltMgr - ok
21:29:03.0991 1120  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
21:29:04.0006 1120  FontCache - ok
21:29:04.0084 1120  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:29:04.0084 1120  FontCache3.0.0.0 - ok
21:29:04.0084 1120  fshptrgw - ok
21:29:04.0100 1120  [ D909075FA72C090F27AA926C32CB4612 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
21:29:04.0100 1120  fssfltr - ok
21:29:04.0162 1120  [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
21:29:04.0193 1120  fsssvc - ok
21:29:04.0225 1120  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:29:04.0225 1120  Fs_Rec - ok
21:29:04.0240 1120  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:29:04.0240 1120  gagp30kx - ok
21:29:04.0256 1120  [ D556CB79967E92B5CC69686D16C1D846 ] gdrv            C:\Windows\gdrv.sys
21:29:04.0256 1120  gdrv - ok
21:29:04.0271 1120  [ ACE536A519F5A6E4E49117B60DACDA6D ] GEST Service    C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
21:29:04.0271 1120  GEST Service - ok
21:29:04.0303 1120  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:29:04.0303 1120  gpsvc - ok
21:29:04.0349 1120  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
21:29:04.0349 1120  gupdate - ok
21:29:04.0349 1120  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
21:29:04.0349 1120  gupdatem - ok
21:29:04.0349 1120  gzqzlltb - ok
21:29:04.0365 1120  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:29:04.0365 1120  HdAudAddService - ok
21:29:04.0396 1120  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:29:04.0396 1120  HDAudBus - ok
21:29:04.0443 1120  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:29:04.0443 1120  HidBth - ok
21:29:04.0459 1120  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:29:04.0459 1120  HidIr - ok
21:29:04.0474 1120  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
21:29:04.0474 1120  hidserv - ok
21:29:04.0490 1120  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:29:04.0490 1120  HidUsb - ok
21:29:04.0521 1120  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:29:04.0521 1120  hkmsvc - ok
21:29:04.0521 1120  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
21:29:04.0521 1120  HpCISSs - ok
21:29:04.0552 1120  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:29:04.0552 1120  HTTP - ok
21:29:04.0568 1120  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
21:29:04.0568 1120  i2omp - ok
21:29:04.0583 1120  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:29:04.0583 1120  i8042prt - ok
21:29:04.0630 1120  [ F79525634B192F5A18DE503568F94EF3 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:29:04.0630 1120  IAANTMON - ok
21:29:04.0661 1120  [ BAABB0301949774A66B955C65319635A ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:29:04.0661 1120  iaStor - ok
21:29:04.0677 1120  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
21:29:04.0677 1120  iaStorV - ok
21:29:04.0708 1120  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:29:04.0724 1120  idsvc - ok
21:29:04.0771 1120  [ 23E1BCADABE423C35C19BBDFF10CCE6D ] IHA_MessageCenter C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
21:29:04.0786 1120  IHA_MessageCenter - ok
21:29:04.0786 1120  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:29:04.0786 1120  iirsp - ok
21:29:04.0817 1120  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
21:29:04.0817 1120  IKEEXT - ok
21:29:04.0864 1120  [ 38D5B498C555403EF637806937AB6639 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
21:29:04.0895 1120  IntcAzAudAddService - ok
21:29:04.0911 1120  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:29:04.0911 1120  intelide - ok
21:29:04.0911 1120  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:29:04.0911 1120  intelppm - ok
21:29:04.0942 1120  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:29:04.0942 1120  IPBusEnum - ok
21:29:04.0942 1120  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:29:04.0942 1120  IpFilterDriver - ok
21:29:04.0973 1120  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:29:04.0973 1120  iphlpsvc - ok
21:29:04.0973 1120  IpInIp - ok
21:29:04.0989 1120  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
21:29:04.0989 1120  IPMIDRV - ok
21:29:04.0989 1120  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
21:29:04.0989 1120  IPNAT - ok
21:29:05.0005 1120  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:29:05.0005 1120  IRENUM - ok
21:29:05.0005 1120  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:29:05.0005 1120  isapnp - ok
21:29:05.0020 1120  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
21:29:05.0020 1120  iScsiPrt - ok
21:29:05.0083 1120  [ 724A6A9AB5E1807665C5DB71C30BFC5F ] ISWKL           C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
21:29:05.0083 1120  ISWKL - ok
21:29:05.0129 1120  [ 57FE873B8246DEF1372503CBC57A7499 ] IswSvc          C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
21:29:05.0145 1120  IswSvc - ok
21:29:05.0161 1120  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
21:29:05.0161 1120  iteatapi - ok
21:29:05.0176 1120  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
21:29:05.0176 1120  iteraid - ok
21:29:05.0192 1120  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:29:05.0192 1120  kbdclass - ok
21:29:05.0207 1120  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:29:05.0207 1120  kbdhid - ok
21:29:05.0223 1120  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
21:29:05.0223 1120  KeyIso - ok
21:29:05.0254 1120  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:29:05.0254 1120  KSecDD - ok
21:29:05.0270 1120  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:29:05.0285 1120  KtmRm - ok
21:29:05.0317 1120  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:29:05.0317 1120  LanmanServer - ok
21:29:05.0332 1120  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:29:05.0332 1120  LanmanWorkstation - ok
21:29:05.0379 1120  [ DFEFF67508D3A9AEB1A85D7B0F513B24 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
21:29:05.0379 1120  LightScribeService - ok
21:29:05.0395 1120  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:29:05.0395 1120  lltdio - ok
21:29:05.0426 1120  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:29:05.0426 1120  lltdsvc - ok
21:29:05.0441 1120  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:29:05.0441 1120  lmhosts - ok
21:29:05.0473 1120  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:29:05.0473 1120  LSI_FC - ok
21:29:05.0473 1120  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:29:05.0488 1120  LSI_SAS - ok
21:29:05.0488 1120  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:29:05.0488 1120  LSI_SCSI - ok
21:29:05.0504 1120  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
21:29:05.0504 1120  luafv - ok
21:29:05.0535 1120  [ BA1347822D01B2D29C14CF09663A6457 ] LVRS            C:\Windows\system32\DRIVERS\lvrs.sys
21:29:05.0535 1120  LVRS - ok
21:29:05.0613 1120  [ E2C99D3B692BA2173114C9DF79313B70 ] LVUVC           C:\Windows\system32\DRIVERS\lvuvc.sys
21:29:05.0675 1120  LVUVC - ok
21:29:05.0785 1120  [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
21:29:05.0785 1120  McComponentHostService - ok
21:29:05.0816 1120  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:29:05.0816 1120  megasas - ok
21:29:05.0831 1120  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
21:29:05.0831 1120  MegaSR - ok
21:29:05.0847 1120  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
21:29:05.0847 1120  MMCSS - ok
21:29:05.0863 1120  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
21:29:05.0863 1120  Modem - ok
21:29:05.0878 1120  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:29:05.0878 1120  monitor - ok
21:29:05.0878 1120  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:29:05.0878 1120  mouclass - ok
21:29:05.0894 1120  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:29:05.0894 1120  mouhid - ok
21:29:05.0909 1120  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
21:29:05.0909 1120  MountMgr - ok
21:29:05.0909 1120  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:29:05.0909 1120  mpio - ok
21:29:05.0925 1120  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:29:05.0925 1120  mpsdrv - ok
21:29:05.0956 1120  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:29:05.0956 1120  MpsSvc - ok
21:29:05.0972 1120  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
21:29:05.0972 1120  Mraid35x - ok
21:29:05.0972 1120  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:29:05.0972 1120  MRxDAV - ok
21:29:06.0003 1120  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:29:06.0003 1120  mrxsmb - ok
21:29:06.0019 1120  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:29:06.0019 1120  mrxsmb10 - ok
21:29:06.0034 1120  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:29:06.0034 1120  mrxsmb20 - ok
21:29:06.0050 1120  [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci          C:\Windows\system32\drivers\msahci.sys
21:29:06.0050 1120  msahci - ok
21:29:06.0065 1120  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:29:06.0065 1120  msdsm - ok
21:29:06.0065 1120  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
21:29:06.0065 1120  MSDTC - ok
21:29:06.0112 1120  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:29:06.0112 1120  Msfs - ok
21:29:06.0128 1120  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:29:06.0128 1120  msisadrv - ok
21:29:06.0143 1120  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:29:06.0143 1120  MSiSCSI - ok
21:29:06.0143 1120  msiserver - ok
21:29:06.0159 1120  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:29:06.0159 1120  MSKSSRV - ok
21:29:06.0159 1120  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:29:06.0159 1120  MSPCLOCK - ok
21:29:06.0159 1120  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:29:06.0159 1120  MSPQM - ok
21:29:06.0175 1120  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:29:06.0190 1120  MsRPC - ok
21:29:06.0190 1120  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:29:06.0190 1120  mssmbios - ok
21:29:06.0206 1120  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:29:06.0206 1120  MSTEE - ok
21:29:06.0284 1120  [ 73FA09B84B23A1897809A84F976D5D99 ] msvsmon80       C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe
21:29:06.0315 1120  msvsmon80 - ok
21:29:06.0346 1120  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
21:29:06.0346 1120  Mup - ok
21:29:06.0377 1120  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
21:29:06.0377 1120  napagent - ok
21:29:06.0393 1120  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:29:06.0393 1120  NativeWifiP - ok
21:29:06.0409 1120  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:29:06.0409 1120  NDIS - ok
21:29:06.0440 1120  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:29:06.0440 1120  NdisTapi - ok
21:29:06.0455 1120  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:29:06.0455 1120  Ndisuio - ok
21:29:06.0455 1120  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:29:06.0455 1120  NdisWan - ok
21:29:06.0471 1120  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:29:06.0471 1120  NDProxy - ok
21:29:06.0487 1120  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:29:06.0487 1120  NetBIOS - ok
21:29:06.0502 1120  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
21:29:06.0502 1120  netbt - ok
21:29:06.0502 1120  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
21:29:06.0502 1120  Netlogon - ok
21:29:06.0518 1120  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
21:29:06.0518 1120  Netman - ok
21:29:06.0533 1120  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:29:06.0549 1120  NetMsmqActivator - ok
21:29:06.0549 1120  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:29:06.0549 1120  NetPipeActivator - ok
21:29:06.0565 1120  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
21:29:06.0565 1120  netprofm - ok
21:29:06.0596 1120  [ AEC0AFA7382DDA52AB13D3E033636C74 ] netr28u         C:\Windows\system32\DRIVERS\netr28u.sys
21:29:06.0611 1120  netr28u - ok
21:29:06.0627 1120  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:29:06.0627 1120  NetTcpActivator - ok
21:29:06.0627 1120  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:29:06.0627 1120  NetTcpPortSharing - ok
21:29:06.0643 1120  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:29:06.0643 1120  nfrd960 - ok
21:29:06.0658 1120  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:29:06.0658 1120  NlaSvc - ok
21:29:06.0674 1120  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:29:06.0674 1120  Npfs - ok
21:29:06.0705 1120  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
21:29:06.0705 1120  nsi - ok
21:29:06.0705 1120  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:29:06.0705 1120  nsiproxy - ok
21:29:06.0752 1120  [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:29:06.0752 1120  Ntfs - ok
21:29:06.0767 1120  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
21:29:06.0767 1120  ntrigdigi - ok
21:29:06.0767 1120  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
21:29:06.0767 1120  Null - ok
21:29:06.0830 1120  [ 1F093CC3E11C9DA8B2F899A249A6EB27 ] NVIDIA Performance Driver Service C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
21:29:06.0908 1120  NVIDIA Performance Driver Service - ok
21:29:07.0033 1120  [ 6E7D37BC913A8614DE9A8D05CCAC22A1 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:29:07.0157 1120  nvlddmkm - ok
21:29:07.0173 1120  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:29:07.0173 1120  nvraid - ok
21:29:07.0189 1120  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:29:07.0189 1120  nvstor - ok
21:29:07.0189 1120  [ C8333178D6A92A001EBA6D4ABC5E60C9 ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:29:07.0204 1120  nvsvc - ok
21:29:07.0204 1120  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:29:07.0204 1120  nv_agp - ok
21:29:07.0220 1120  NwlnkFlt - ok
21:29:07.0220 1120  NwlnkFwd - ok
21:29:07.0220 1120  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:29:07.0220 1120  ohci1394 - ok
21:29:07.0251 1120  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
21:29:07.0267 1120  p2pimsvc - ok
21:29:07.0282 1120  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:29:07.0282 1120  p2psvc - ok
21:29:07.0313 1120  [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:29:07.0313 1120  Parport - ok
21:29:07.0360 1120  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:29:07.0360 1120  partmgr - ok
21:29:07.0376 1120  [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
21:29:07.0376 1120  Parvdm - ok
21:29:07.0376 1120  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:29:07.0391 1120  PcaSvc - ok
21:29:07.0407 1120  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
21:29:07.0407 1120  pci - ok
21:29:07.0423 1120  [ 1636D43F10416AEB483BC6001097B26C ] pciide          C:\Windows\system32\drivers\pciide.sys
21:29:07.0423 1120  pciide - ok
21:29:07.0438 1120  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:29:07.0438 1120  pcmcia - ok
21:29:07.0454 1120  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:29:07.0469 1120  PEAUTH - ok
21:29:07.0516 1120  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
21:29:07.0532 1120  pla - ok
21:29:07.0563 1120  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:29:07.0563 1120  PlugPlay - ok
21:29:07.0579 1120  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
21:29:07.0579 1120  PNRPAutoReg - ok
21:29:07.0594 1120  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
21:29:07.0594 1120  PNRPsvc - ok
21:29:07.0641 1120  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:29:07.0641 1120  PolicyAgent - ok
21:29:07.0657 1120  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:29:07.0657 1120  PptpMiniport - ok
21:29:07.0672 1120  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
21:29:07.0672 1120  Processor - ok
21:29:07.0688 1120  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:29:07.0688 1120  ProfSvc - ok
21:29:07.0688 1120  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:29:07.0688 1120  ProtectedStorage - ok
21:29:07.0719 1120  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
21:29:07.0719 1120  PSched - ok
21:29:07.0750 1120  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:29:07.0766 1120  ql2300 - ok
21:29:07.0781 1120  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:29:07.0781 1120  ql40xx - ok
21:29:07.0797 1120  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
21:29:07.0797 1120  QWAVE - ok
21:29:07.0797 1120  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:29:07.0797 1120  QWAVEdrv - ok
21:29:07.0813 1120  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:29:07.0813 1120  RasAcd - ok
21:29:07.0828 1120  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
21:29:07.0828 1120  RasAuto - ok
21:29:07.0828 1120  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:29:07.0828 1120  Rasl2tp - ok
21:29:07.0859 1120  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
21:29:07.0859 1120  RasMan - ok
21:29:07.0859 1120  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:29:07.0875 1120  RasPppoe - ok
21:29:07.0875 1120  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:29:07.0875 1120  RasSstp - ok
21:29:07.0891 1120  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:29:07.0891 1120  rdbss - ok
21:29:07.0906 1120  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:29:07.0906 1120  RDPCDD - ok
21:29:07.0906 1120  [ 943B18305EAE3935598A9B4A3D560B4C ] rdpdr           C:\Windows\system32\DRIVERS\rdpdr.sys
21:29:07.0906 1120  rdpdr - ok
21:29:07.0906 1120  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:29:07.0906 1120  RDPENCDD - ok
21:29:07.0969 1120  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:29:07.0969 1120  RDPWD - ok
21:29:07.0984 1120  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:29:07.0984 1120  RemoteAccess - ok
21:29:07.0984 1120  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:29:07.0984 1120  RemoteRegistry - ok
21:29:08.0015 1120  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
21:29:08.0015 1120  RpcLocator - ok
21:29:08.0031 1120  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
21:29:08.0031 1120  RpcSs - ok
21:29:08.0031 1120  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:29:08.0031 1120  rspndr - ok
21:29:08.0062 1120  [ B7E1C523E2F7787D700766FC78E01F77 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
21:29:08.0062 1120  RTL8169 - ok
21:29:08.0093 1120  [ B85E0D91733D58309B1CBC3A00F5701D ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
21:29:08.0093 1120  RTL8192su - ok
21:29:08.0109 1120  rtzeyzyc - ok
21:29:08.0109 1120  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
21:29:08.0109 1120  SamSs - ok
21:29:08.0125 1120  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:29:08.0125 1120  sbp2port - ok
21:29:08.0140 1120  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:29:08.0140 1120  SCardSvr - ok
21:29:08.0187 1120  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
21:29:08.0187 1120  Schedule - ok
21:29:08.0187 1120  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:29:08.0187 1120  SCPolicySvc - ok
21:29:08.0203 1120  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:29:08.0218 1120  SDRSVC - ok
21:29:08.0218 1120  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:29:08.0218 1120  secdrv - ok
21:29:08.0218 1120  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
21:29:08.0218 1120  seclogon - ok
21:29:08.0234 1120  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
21:29:08.0234 1120  SENS - ok
21:29:08.0265 1120  [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:29:08.0265 1120  Serenum - ok
21:29:08.0281 1120  [ 6D663022DB3E7058907784AE14B69898 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:29:08.0281 1120  Serial - ok
21:29:08.0281 1120  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:29:08.0281 1120  sermouse - ok
21:29:08.0296 1120  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:29:08.0296 1120  SessionEnv - ok
21:29:08.0312 1120  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:29:08.0312 1120  sffdisk - ok
21:29:08.0327 1120  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:29:08.0327 1120  sffp_mmc - ok
21:29:08.0343 1120  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:29:08.0343 1120  sffp_sd - ok
21:29:08.0359 1120  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:29:08.0359 1120  sfloppy - ok
21:29:08.0405 1120  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:29:08.0405 1120  SharedAccess - ok
21:29:08.0437 1120  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:29:08.0452 1120  ShellHWDetection - ok
21:29:08.0468 1120  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
21:29:08.0468 1120  sisagp - ok
21:29:08.0483 1120  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
21:29:08.0483 1120  SiSRaid2 - ok
21:29:08.0499 1120  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:29:08.0499 1120  SiSRaid4 - ok
21:29:08.0593 1120  [ 0C1B2E3A897397738D9F81CD3D152AF0 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
21:29:08.0655 1120  Skype C2C Service - ok
21:29:08.0733 1120  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
21:29:08.0733 1120  SkypeUpdate - ok
21:29:08.0795 1120  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
21:29:08.0842 1120  slsvc - ok
21:29:08.0858 1120  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
21:29:08.0858 1120  SLUINotify - ok
21:29:08.0873 1120  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:29:08.0873 1120  Smb - ok
21:29:08.0889 1120  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:29:08.0889 1120  SNMPTRAP - ok
21:29:08.0905 1120  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
21:29:08.0905 1120  spldr - ok
21:29:08.0920 1120  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
21:29:08.0936 1120  Spooler - ok
21:29:08.0951 1120  sprtsvc_verizondm - ok
21:29:08.0983 1120  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:29:08.0983 1120  srv - ok
21:29:09.0014 1120  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:29:09.0014 1120  srv2 - ok
21:29:09.0045 1120  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:29:09.0045 1120  srvnet - ok
21:29:09.0076 1120  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:29:09.0076 1120  SSDPSRV - ok
21:29:09.0092 1120  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:29:09.0092 1120  SstpSvc - ok
21:29:09.0107 1120  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
21:29:09.0107 1120  stisvc - ok
21:29:09.0123 1120  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:29:09.0139 1120  swenum - ok
21:29:09.0154 1120  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
21:29:09.0154 1120  swprv - ok
21:29:09.0170 1120  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
21:29:09.0170 1120  Symc8xx - ok
21:29:09.0185 1120  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
21:29:09.0185 1120  Sym_hi - ok
21:29:09.0201 1120  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
21:29:09.0201 1120  Sym_u3 - ok
21:29:09.0217 1120  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
21:29:09.0217 1120  SysMain - ok
21:29:09.0232 1120  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:29:09.0232 1120  TabletInputService - ok
21:29:09.0248 1120  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:29:09.0248 1120  TapiSrv - ok
21:29:09.0263 1120  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
21:29:09.0263 1120  TBS - ok
21:29:09.0295 1120  [ 3535CD93F944C00F098E73E12EE7FEB6 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:29:09.0295 1120  Tcpip - ok
21:29:09.0326 1120  [ 3535CD93F944C00F098E73E12EE7FEB6 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
21:29:09.0326 1120  Tcpip6 - ok
21:29:09.0357 1120  [ CD21572F83F7EC6E2C20C465967BEDD9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:29:09.0357 1120  tcpipreg - ok
21:29:09.0388 1120  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:29:09.0388 1120  TDPIPE - ok
21:29:09.0404 1120  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:29:09.0404 1120  TDTCP - ok
21:29:09.0419 1120  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:29:09.0419 1120  tdx - ok
21:29:09.0419 1120  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:29:09.0419 1120  TermDD - ok
21:29:09.0451 1120  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
21:29:09.0451 1120  TermService - ok
21:29:09.0451 1120  tgsrvc_verizondm - ok
21:29:09.0466 1120  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
21:29:09.0466 1120  Themes - ok
21:29:09.0482 1120  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
21:29:09.0482 1120  THREADORDER - ok
21:29:09.0513 1120  [ E319535A8124F25C1C9C5288CACF3101 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
21:29:09.0513 1120  TomTomHOMEService - ok
21:29:09.0529 1120  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
21:29:09.0529 1120  TrkWks - ok
21:29:09.0560 1120  [ 113384367C3999E084FE156B18C7625E ] TrojanKillerDriver C:\Windows\system32\DRIVERS\gtkdrv.sys
21:29:09.0560 1120  TrojanKillerDriver - ok
21:29:09.0591 1120  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:29:09.0591 1120  TrustedInstaller - ok
21:29:09.0607 1120  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:29:09.0607 1120  tssecsrv - ok
21:29:09.0607 1120  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
21:29:09.0607 1120  tunmp - ok
21:29:09.0622 1120  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:29:09.0622 1120  tunnel - ok
21:29:09.0638 1120  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:29:09.0638 1120  uagp35 - ok
21:29:09.0638 1120  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:29:09.0638 1120  udfs - ok
21:29:09.0669 1120  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:29:09.0669 1120  UI0Detect - ok
21:29:09.0685 1120  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:29:09.0685 1120  uliagpkx - ok
21:29:09.0685 1120  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
21:29:09.0685 1120  uliahci - ok
21:29:09.0700 1120  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
21:29:09.0700 1120  UlSata - ok
21:29:09.0716 1120  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
21:29:09.0716 1120  ulsata2 - ok
21:29:09.0731 1120  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:29:09.0731 1120  umbus - ok
21:29:09.0731 1120  [ 8A66360F38F81E960E2367B428CBD5D9 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:29:09.0747 1120  UmRdpService - ok
21:29:09.0747 1120  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
21:29:09.0747 1120  upnphost - ok
21:29:09.0778 1120  [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:29:09.0778 1120  usbaudio - ok
21:29:09.0778 1120  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:29:09.0778 1120  usbccgp - ok
21:29:09.0794 1120  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:29:09.0794 1120  usbcir - ok
21:29:09.0809 1120  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:29:09.0809 1120  usbehci - ok
21:29:09.0825 1120  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:29:09.0825 1120  usbhub - ok
21:29:09.0841 1120  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:29:09.0841 1120  usbohci - ok
21:29:09.0872 1120  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:29:09.0872 1120  usbprint - ok
21:29:09.0872 1120  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:29:09.0872 1120  usbscan - ok
21:29:09.0887 1120  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:29:09.0887 1120  USBSTOR - ok
21:29:09.0903 1120  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
21:29:09.0903 1120  usbuhci - ok
21:29:09.0903 1120  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
21:29:09.0903 1120  usbvideo - ok
21:29:09.0919 1120  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
21:29:09.0919 1120  UxSms - ok
21:29:09.0934 1120  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
21:29:09.0934 1120  vds - ok
21:29:09.0950 1120  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:29:09.0965 1120  vga - ok
21:29:09.0981 1120  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:29:09.0981 1120  VgaSave - ok
21:29:09.0981 1120  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
21:29:09.0981 1120  viaagp - ok
21:29:09.0997 1120  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
21:29:09.0997 1120  ViaC7 - ok
21:29:09.0997 1120  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
21:29:09.0997 1120  viaide - ok
21:29:10.0012 1120  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:29:10.0012 1120  volmgr - ok
21:29:10.0028 1120  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:29:10.0043 1120  volmgrx - ok
21:29:10.0059 1120  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:29:10.0059 1120  volsnap - ok
21:29:10.0090 1120  [ 2FECBD49AEFC6A64B9EA598B772EF8C9 ] Vsdatant        C:\Windows\system32\DRIVERS\vsdatant.sys
21:29:10.0090 1120  Vsdatant - ok
21:29:10.0137 1120  vsmon - ok
21:29:10.0168 1120  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:29:10.0168 1120  vsmraid - ok
21:29:10.0184 1120  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
21:29:10.0199 1120  VSS - ok
21:29:10.0277 1120  [ 222D84CBE6A428A66A513B339EC633C8 ] vToolbarUpdater14.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
21:29:10.0293 1120  vToolbarUpdater14.2.0 - ok
21:29:10.0324 1120  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
21:29:10.0324 1120  W32Time - ok
21:29:10.0340 1120  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:29:10.0340 1120  WacomPen - ok
21:29:10.0340 1120  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
21:29:10.0340 1120  Wanarp - ok
21:29:10.0340 1120  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:29:10.0340 1120  Wanarpv6 - ok
21:29:10.0371 1120  [ 20B23332885DFB93FE0185362EE811E9 ] wbengine        C:\Windows\system32\wbengine.exe
21:29:10.0387 1120  wbengine - ok
21:29:10.0387 1120  wbpytcpw - ok
21:29:10.0433 1120  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:29:10.0433 1120  wcncsvc - ok
21:29:10.0449 1120  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:29:10.0449 1120  WcsPlugInService - ok
21:29:10.0465 1120  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
21:29:10.0465 1120  Wd - ok
21:29:10.0496 1120  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:29:10.0496 1120  Wdf01000 - ok
21:29:10.0511 1120  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:29:10.0511 1120  WdiServiceHost - ok
21:29:10.0511 1120  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:29:10.0511 1120  WdiSystemHost - ok
21:29:10.0543 1120  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
21:29:10.0543 1120  WebClient - ok
21:29:10.0558 1120  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:29:10.0574 1120  Wecsvc - ok
21:29:10.0574 1120  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:29:10.0574 1120  wercplsupport - ok
21:29:10.0605 1120  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:29:10.0605 1120  WerSvc - ok
21:29:10.0652 1120  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
21:29:10.0652 1120  WinDefend - ok
21:29:10.0652 1120  WinHttpAutoProxySvc - ok
21:29:10.0699 1120  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:29:10.0699 1120  Winmgmt - ok
21:29:10.0745 1120  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:29:10.0761 1120  WinRM - ok
21:29:10.0792 1120  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:29:10.0808 1120  Wlansvc - ok
21:29:10.0870 1120  [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:29:10.0886 1120  wlidsvc - ok
21:29:10.0917 1120  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:29:10.0917 1120  WmiAcpi - ok
21:29:10.0933 1120  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:29:10.0933 1120  wmiApSrv - ok
21:29:10.0979 1120  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
21:29:11.0011 1120  WMPNetworkSvc - ok
21:29:11.0026 1120  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:29:11.0026 1120  WPDBusEnum - ok
21:29:11.0089 1120  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:29:11.0104 1120  WPFFontCache_v0400 - ok
21:29:11.0120 1120  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:29:11.0120 1120  ws2ifsl - ok
21:29:11.0135 1120  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
21:29:11.0135 1120  wscsvc - ok
21:29:11.0135 1120  WSearch - ok
21:29:11.0182 1120  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
21:29:11.0213 1120  wuauserv - ok
21:29:11.0229 1120  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:29:11.0229 1120  WudfPf - ok
21:29:11.0245 1120  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:29:11.0245 1120  WUDFRd - ok
21:29:11.0276 1120  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:29:11.0276 1120  wudfsvc - ok
21:29:11.0276 1120  ================ Scan global ===============================
21:29:11.0323 1120  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
21:29:11.0354 1120  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
21:29:11.0369 1120  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
21:29:11.0385 1120  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
21:29:11.0385 1120  [Global] - ok
21:29:11.0385 1120  ================ Scan MBR ==================================
21:29:11.0401 1120  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
21:29:11.0822 1120  \Device\Harddisk0\DR0 - ok
21:29:11.0837 1120  ================ Scan VBR ==================================
21:29:11.0837 1120  [ F9004ECC7C87C3DB4453EF813450DF46 ] \Device\Harddisk0\DR0\Partition1
21:29:11.0837 1120  \Device\Harddisk0\DR0\Partition1 - ok
21:29:11.0853 1120  [ 447925FBC978AB57347BFB205E10210E ] \Device\Harddisk0\DR0\Partition2
21:29:11.0853 1120  \Device\Harddisk0\DR0\Partition2 - ok
21:29:11.0853 1120  ============================================================
21:29:11.0853 1120  Scan finished
21:29:11.0853 1120  ============================================================
21:29:11.0853 1316  Detected object count: 0
21:29:11.0853 1316  Actual detected object count: 0
21:29:17.0017 1956  Deinitialize success
 

 

I ran AdwCleaner and here is the results. I have not hit the clean button as I (and you) need to review selected items first.

 

# AdwCleaner v3.308 - Report created 01/09/2014 at 10:21:54
# Updated 20/08/2014 by Xplode
# Operating System : Windows Vista ™ Business Service Pack 2 (32 bits)
# Username : Joe - JOE-PC
# Running from : C:\Users\Joe\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : vToolbarUpdater17.1.3

***** [ Files / Folders ] *****

File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\safeguard-secure-search.xml
File Found : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\jagvjvr1.default\searchplugins\safeguard-secure-search.xml
File Found : C:\Windows\system32\roboot.exe
Folder Found : C:\AVG Secure Search
Folder Found : C:\Program Files\AVG Secure Search
Folder Found : C:\Program Files\Common Files\AVG Secure Search
Folder Found : C:\Program Files\DomaIQ Uninstaller
Folder Found : C:\Program Files\OApps
Folder Found : C:\Program Files\verizontb
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\ParetoLogic
Folder Found : C:\Users\Administrator\AppData\Local\AVG SafeGuard toolbar
Folder Found : C:\Users\Administrator\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb
Folder Found : C:\Users\Administrator\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found : C:\Users\Administrator\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\Administrator\AppData\LocalLow\verizontb
Folder Found : C:\Users\Administrator\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Found : C:\Users\Joe\AppData\Local\AVG SafeGuard toolbar
Folder Found : C:\Users\Joe\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Joe\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found : C:\Users\Joe\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\Joe\AppData\LocalLow\AVG Security Toolbar
Folder Found : C:\Users\Joe\AppData\LocalLow\verizontb
Folder Found : C:\Users\Joe\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Found : C:\Users\Joe\AppData\Roaming\DriverCure
Folder Found : C:\Users\Joe\AppData\Roaming\ParetoLogic
Folder Found : C:\Windows\system32\SearchProtect

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{96673559-E653-4CDC-8923-F89347A952C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F8D96645-337C-419B-8792-B6C126145811}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{96673559-E653-4CDC-8923-F89347A952C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8D96645-337C-419B-8792-B6C126145811}
Key Found : HKCU\Software\ParetoLogic
Key Found : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\AVG Secure Search
Key Found : HKLM\SOFTWARE\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{96673559-E653-4CDC-8923-F89347A952C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F8D96645-337C-419B-8792-B6C126145811}
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3AE26843-9171-4F23-A8E5-5421701276A4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Found : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D8AEB1D-4ED4-44AC-A039-4775B2575DB0}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Found : HKLM\SOFTWARE\LevelQualityWatcher
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110111991162}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36B445BF-1B84-466A-A623-A360A8CFF8C3}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96673559-E653-4CDC-8923-F89347A952C0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8D96645-337C-419B-8792-B6C126145811}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Found : HKLM\SOFTWARE\ParetoLogic
Key Found : HKLM\SOFTWARE\PIP
Key Found : HKLM\SOFTWARE\Supreme Savings
Key Found : HKLM\SOFTWARE\Uniblue
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F8D96645-337C-419B-8792-B6C126145811}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16563

*************************

AdwCleaner[R0].txt - [15716 octets] - [01/09/2014 10:21:54]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [15777 octets] ##########

 

 

I am currently running ESET...
 


Edited by jemcadd, 01 September 2014 - 10:21 AM.


#8 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,372 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:46 PM

Posted 01 September 2014 - 10:41 AM

It would appear that Malwarebytes was successful in removing the Trojans you have.  So far it looks like it may be clean now, but I will wait to see the Eset online scan before saying it is clean. 


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#9 jemcadd

jemcadd
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 01 September 2014 - 11:11 AM

! have not hit the clean button on AdwCleaner yet. ESET is 95% complete. Should I quit AdwCleaner and wait for ESET and run Adw again?



#10 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,372 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:46 PM

Posted 01 September 2014 - 11:23 AM

If AdwCleaner is still running, let the Eset scan finish and then press the clean button on the AdwCleaner.

 

You should read and follow the instruction posted, you should have pressed the Clean button before running the Eset scan.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#11 jemcadd

jemcadd
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 01 September 2014 - 12:22 PM

Thank you again for your patience.

 

Here is the ESET log:

 

C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.11.11\escortShld.dll Win32/Toolbar.Montiera.J potentially unwanted application deleted - quarantined
C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.11.11\uninstall.exe Win32/Toolbar.Montiera.B potentially unwanted application deleted - quarantined
C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.11.11\zonealarmApp.dll a variant of Win32/Toolbar.Montiera.A potentially unwanted application deleted (after the next restart) - quarantined
C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.11.11\zonealarmEng.dll probably a variant of Win32/Toolbar.Montiera.A potentially unwanted application deleted (after the next restart) - quarantined
C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.11.11\zonealarmsrv.exe a variant of Win32/Toolbar.Montiera.A potentially unwanted application deleted - quarantined
C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.11.11\zonealarmTlbr.dll a variant of Win32/Toolbar.Montiera.F potentially unwanted application deleted - quarantined
C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.11.11\bh\zonealarm.dll a variant of Win32/Toolbar.Escort.A potentially unwanted application deleted (after the next restart) - quarantined
C:\Program Files\CheckPoint\Install\CUninstallerZA.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Program Files\CheckPoint\Install\zatb.exe Win32/Toolbar.Montiera.I potentially unwanted application deleted - quarantined
C:\Program Files\DomaIQ Uninstaller\DomaIQUninstall.exe probably a variant of MSIL/DomaIQ.A potentially unwanted application deleted - quarantined
C:\Program Files\UnfriendApp\IE\common.dll a variant of Win32/ExFriendAlert.B potentially unwanted application deleted - quarantined
C:\Program Files\Verizon\VzDownloadManager\Installers\verizonTb_6.0.0.40.exe a variant of Win32/Toolbar.Visicom.A potentially unwanted application deleted - quarantined
C:\Program Files\verizontb\verizonDx.dll a variant of Win32/Toolbar.Visicom.B potentially unwanted application deleted - quarantined
C:\Program Files\verizontb\verizontb.dll a variant of Win32/Toolbar.Visicom.A potentially unwanted application deleted - quarantined
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.5.61267_0\plugin\gc_getcid.dll Win32/ExFriendAlert.A potentially unwanted application deleted - quarantined
C:\Users\Administrator\Downloads\ARO2013_tbt.exe a variant of Win32/Systweak potentially unwanted application deleted - quarantined
C:\Users\Administrator\Downloads\zafwSetupWeb_110_000_504.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Users\Joe\Documents\RCA easyRip\install\RCAeasyRipInstaller.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
C:\Users\Joe\Documents\RCA easyRip\install\RCAEASYRIPINSTALLER2390.EXE a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
C:\Windows\System32\roboot.exe a variant of Win32/Systweak.A potentially unwanted application deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.5.61267_0\plugin\gc_getcid.dll Win32/ExFriendAlert.A potentially unwanted application deleted - quarantined
Operating memory a variant of Win32/Toolbar.Escort.A potentially unwanted application contained infected files
 



#12 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,372 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:46 PM

Posted 01 September 2014 - 12:41 PM

I think it is safe to say that the computer is clean.

 

There is one more thing I want you to do, clean your temp files.

 

Please download Temp File Cleaner by Old Timer and save it to your desktop.
 
1. Save any unsaved work. (TFC will close ALL open programs including your browser!)
 
2. Double-click on TFC.exe to run it. (If you are using Vista or Windows 7, right-click on the file and choose "Run As Administrator".)
 
3. Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
 
Important! If TFC prompts you to reboot, please do so immediately. If you are not prompted, manually reboot the machine to ensure a completion.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#13 jemcadd

jemcadd
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 01 September 2014 - 02:56 PM

Done

 

Thanks again Dan, my frustration level is lowering.

 

Joe



#14 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,372 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:46 PM

Posted 02 September 2014 - 06:38 AM

Let us know if there are any further problems.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users