need help removing a Win32/Olmarik.TDL4 trojan on widows 7

11Garrett · September 11, 2012

hi, i need help removing a Win32/Olmarik.TDL4 trojan virus off of widows 7 64-bit. i cant seem to remove it myself

MrCharlie · September 11, 2012

Welcome to the forum, please start at the link below:

http://forums.malwar...?showtopic=9573

Post back the 2 logs here.....DDS.txt and Attach.txt

<====><====><====><====><====><====><====><====>

Next.......

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

11Garrett · September 11, 2012

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2

Run by Home at 9:49:19 on 2012-09-11

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5887.3803 [GMT -7:00]

.

AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AV: ESET Smart Security 5.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}

AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: ESET Smart Security 5.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

SP: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2013\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\System32\svchost.exe -k yksvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe

C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Zune\ZuneLauncher.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\ESET\ESET Smart Security\egui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe

C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\AVG\AVG2013\avgemca.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\system32\DllHost.exe

C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\REGSVR32.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/?ilc=1/

uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4300&r=173608109806p04g5v145k45i15262

mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4300&r=173608109806p04g5v145k45i15262

mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4300&r=173608109806p04g5v145k45i15262

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: H - No File

mWinlogon: Userinit=userinit.exe,

BHO: PriceGongBHO Class: {1631550f-191d-4826-b069-d9439253d926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll

BHO: Simppull Toolbar: {627af46b-2076-42ae-a2fd-8428734d3e74} - C:\Program Files (x86)\simppulltoolbar\simppulldx.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.4\AVG Secure Search_toolbar.dll

BHO: {9d425283-d487-4337-bab6-ab8354a81457} - Search Toolbar

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: Updater For Simppull Toolbar: {c4b8bab4-1667-11df-a242-ba9455d89593} - C:\Program Files (x86)\simppulltoolbar\auxi\simppulltoolbAu.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No File

TB: Simppull Toolbar: {627af46b-2076-42ae-a2fd-8428734d3e74} - C:\Program Files (x86)\simppulltoolbar\simppulldx.dll

TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} -

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.4\AVG Secure Search_toolbar.dll

TB: {167D9323-F7CC-48F5-948A-6F012831A69F} - No File

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1

uRun: [JumiController]

uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [Gateway Photo Frame] C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe -A

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [uVS10 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {483EB14D-AF1C-4951-81B0-4E2B41829FF6} - hxxps://www.select2perform.com/cabs/QOLCheck.ocx

DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab

DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx

DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} - hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.53.2.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: Interfaces\{8726CC45-2584-41F4-8127-C3FB072B6036} : DhcpNameServer = 10.0.0.2

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: PriceGongBHO Class: {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll

BHO-X64: PriceGong - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll

BHO-X64: Symantec NCO BHO - No File

BHO-X64: Simppull Toolbar: {627af46b-2076-42ae-a2fd-8428734d3e74} - C:\Program Files (x86)\simppulltoolbar\simppulldx.dll

BHO-X64: Simppull Toolbar - No File

BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL

BHO-X64: Symantec Intrusion Prevention - No File

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.4\AVG Secure Search_toolbar.dll

BHO-X64: {9D425283-D487-4337-BAB6-AB8354A81457} - Search Toolbar

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Updater For Simppull Toolbar: {C4B8BAB4-1667-11DF-A242-BA9455D89593} - C:\Program Files (x86)\simppulltoolbar\auxi\simppulltoolbAu.dll

BHO-X64: Updater For Simppull Toolbar - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO-X64: {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No File

TB-X64: Simppull Toolbar: {627af46b-2076-42ae-a2fd-8428734d3e74} - C:\Program Files (x86)\simppulltoolbar\simppulldx.dll

TB-X64: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} -

TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.4\AVG Secure Search_toolbar.dll

TB-X64: {167D9323-F7CC-48F5-948A-6F012831A69F} - No File

mRun-x64: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [Gateway Photo Frame] C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe -A

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [uVS10 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe

mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

mRun-x64: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\meannzps.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3007394&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - www.bing.com

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3007394&SearchSource=2&q=

FF - prefs.js: network.proxy.type - 0

FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll

FF - component: C:\Program Files (x86)\PriceGong\2.1.0\FF\components\PriceGongFF.dll

FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_3_6\components\coFFPlgn.dll

FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\components\IPSFFPl.dll

FF - component: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\meannzps.default\extensions\{167d9323-f7cc-48f5-948a-6f012831a69f}\components\RadioWMPCoreGecko19.dll

FF - component: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\meannzps.default\extensions\{167d9323-f7cc-48f5-948a-6f012831a69f}\components\RadioWMPCoreGecko5.dll

FF - component: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\meannzps.default\extensions\{167d9323-f7cc-48f5-948a-6f012831a69f}\components\RadioWMPCoreGecko6.dll

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\npsitesafety.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.homepage.dontask - true

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]

R0 Avgloga;AVG Logging Driver;C:\Windows\system32\DRIVERS\avgloga.sys --> C:\Windows\system32\DRIVERS\avgloga.sys [?]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R0 epfwwfp;epfwwfp;C:\Windows\system32\DRIVERS\epfwwfp.sys --> C:\Windows\system32\DRIVERS\epfwwfp.sys [?]

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]

R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS [?]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [?]

R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R1 avgtp;avgtp;\??\C:\Windows\system32\drivers\avgtpx64.sys --> C:\Windows\system32\drivers\avgtpx64.sys [?]

R1 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys --> C:\Windows\system32\DRIVERS\eamonm.sys [?]

R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\system32\DRIVERS\EpfwLWF.sys --> C:\Windows\system32\DRIVERS\EpfwLWF.sys [?]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120817.001\IDSviA64.sys [2012-8-17 509088]

R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1207020.003\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1207020.003\SYMNETS.SYS [?]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-8-20 5751928]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-8-20 184304]

R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-3-7 913144]

R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-8-28 1150496]

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-8-29 2369960]

R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe [2012-6-11 130008]

R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-8-12 62208]

R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2009-10-27 240160]

R2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-9-7 722528]

R2 yksvc;Marvell Yukon Service;C:\Windows\System32\svchost.exe -k yksvcs [2009-7-13 20992]

R3 jumi;%Jumi%;C:\Windows\system32\DRIVERS\jumi.sys --> C:\Windows\system32\DRIVERS\jumi.sys [?]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120811.003\BHDrvx64.sys [2012-8-10 1385120]

S1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-15 135664]

S2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-4 655944]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-17 250568]

S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;\??\C:\Windows\system32\drivers\BVRPMPR5a64.SYS --> C:\Windows\system32\drivers\BVRPMPR5a64.SYS [?]

S3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-15 135664]

S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\system32\DRIVERS\MijXfilt.sys --> C:\Windows\system32\DRIVERS\MijXfilt.sys [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-9-5 114144]

S3 mr97310c;CIF Dual-Mode Camera;C:\Windows\system32\DRIVERS\mr97310c.sys --> C:\Windows\system32\DRIVERS\mr97310c.sys [?]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 SrvHsfPCI;SrvHsfPCI;C:\Windows\system32\DRIVERS\VSTBS26.SYS --> C:\Windows\system32\DRIVERS\VSTBS26.SYS [?]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2010-11-11 306416]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-09-11 16:07:23 9310152 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ABCB138D-19E5-4D3D-B837-89A46C49A28C}\mpengine.dll

2012-09-10 19:57:16 -------- d-----w- C:\Users\Home\AppData\Local\{CC2C5AC8-087B-4AA8-BCF1-B6F228173040}

2012-09-10 02:40:36 9310152 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-09-08 20:00:31 110080 ----a-r- C:\Users\Home\AppData\Roaming\Microsoft\Installer\{8C5C34C7-BC6B-4831-8B2C-6535FE63E502}\Icon1226A4C5.exe

2012-09-08 20:00:30 110080 ----a-r- C:\Users\Home\AppData\Roaming\Microsoft\Installer\{8C5C34C7-BC6B-4831-8B2C-6535FE63E502}\IconF7A21AF7.exe

2012-09-08 20:00:30 110080 ----a-r- C:\Users\Home\AppData\Roaming\Microsoft\Installer\{8C5C34C7-BC6B-4831-8B2C-6535FE63E502}\IconD7F16134.exe

2012-09-08 20:00:23 -------- d-----w- C:\sh4ldr

2012-09-08 20:00:23 -------- d-----w- C:\Program Files\Enigma Software Group

2012-09-08 17:11:12 -------- d-----w- C:\Users\Home\AppData\Roaming\ESET

2012-09-08 17:11:12 -------- d-----w- C:\Users\Home\AppData\Local\ESET

2012-09-08 17:08:32 -------- d-----w- C:\Program Files\ESET

2012-09-08 06:17:38 -------- d-----w- C:\Users\Home\AppData\Roaming\AVG2013

2012-09-08 06:16:46 -------- d-----w- C:\Users\Home\AppData\Local\AVG Secure Search

2012-09-08 06:16:35 -------- d-----w- C:\Users\Home\AppData\Roaming\TuneUp Software

2012-09-08 06:16:32 -------- d-----w- C:\ProgramData\AVG Secure Search

2012-09-08 06:16:06 31080 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys

2012-09-08 06:15:56 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search

2012-09-08 06:15:56 -------- d-----w- C:\Program Files (x86)\AVG Secure Search

2012-09-08 06:14:39 -------- d-----w- C:\$AVG

2012-09-08 06:14:38 -------- d-----w- C:\ProgramData\AVG2013

2012-09-08 06:13:40 -------- d-----w- C:\Program Files (x86)\AVG

2012-09-08 06:10:20 -------- d-----w- C:\Users\Home\AppData\Local\MFAData

2012-09-08 06:10:20 -------- d-----w- C:\Users\Home\AppData\Local\Avg2013

2012-09-08 06:10:20 -------- d-----w- C:\ProgramData\MFAData

2012-09-08 05:32:47 -------- d-----w- C:\Program Files (x86)\stinger

2012-09-08 00:44:08 -------- d-----w- C:\ProgramData\RegInOut

2012-09-08 00:44:04 -------- d-----w- C:\Windows\RegInOut System Utilities

2012-09-08 00:43:49 -------- d-----w- C:\Program Files (x86)\RegInOut

2012-09-07 23:29:27 499712 ----a-r- C:\Windows\SysWow64\msvcp71.dll

2012-09-07 23:29:27 348160 ----a-r- C:\Windows\SysWow64\msvcr71.dll

2012-09-07 23:29:27 1060864 ----a-r- C:\Windows\SysWow64\MFC71.dll

2012-09-07 23:29:25 -------- d-----w- C:\Program Files (x86)\PTDD Group

2012-09-07 23:28:52 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll

2012-09-07 23:28:52 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll

2012-09-07 23:28:52 172032 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll

2012-09-07 23:28:51 733184 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll

2012-09-07 23:28:51 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe

2012-09-07 23:28:46 303236 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll

2012-09-07 23:28:46 180356 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll

2012-09-07 02:33:34 -------- d-----w- C:\Users\Home\AppData\Roaming\Resource Tuner

2012-09-07 02:33:27 -------- d-----w- C:\Program Files (x86)\Resource Tuner

2012-09-07 01:21:55 -------- d-----w- C:\Users\Home\AppData\Local\NPE

2012-09-06 17:07:26 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2012-09-05 06:21:34 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi

2012-09-04 19:54:04 -------- d-----w- C:\ProgramData\AVAST Software

2012-09-04 19:54:04 -------- d-----w- C:\Program Files\AVAST Software

2012-09-04 19:35:27 -------- d-----w- C:\Users\Home\AppData\Roaming\Malwarebytes

2012-09-04 19:35:13 -------- d-----w- C:\ProgramData\Malwarebytes

2012-09-04 19:35:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-08-31 19:48:47 -------- d-----w- C:\Users\Home\AppData\Roaming\Unity

2012-08-30 18:54:28 -------- d-----w- C:\Users\Home\AppData\Local\{04DEBE50-69D6-4992-A3E1-B5D5A648236E}

2012-08-18 18:23:35 -------- d-----w- C:\Users\Home\AppData\Local\{54204FF2-1CFF-4C08-B45D-3A47A452B546}

2012-08-15 23:03:23 503808 ----a-w- C:\Windows\System32\srcore.dll

2012-08-15 23:03:23 43008 ----a-w- C:\Windows\SysWow64\srclient.dll

2012-08-15 23:03:18 751104 ----a-w- C:\Windows\System32\win32spl.dll

2012-08-15 23:03:18 559104 ----a-w- C:\Windows\System32\spoolsv.exe

2012-08-15 23:03:18 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll

2012-08-15 23:03:17 67072 ----a-w- C:\Windows\splwow64.exe

2012-08-15 23:03:14 59392 ----a-w- C:\Windows\System32\browcli.dll

2012-08-15 23:03:14 41984 ----a-w- C:\Windows\SysWow64\browcli.dll

2012-08-15 23:03:14 136704 ----a-w- C:\Windows\System32\browser.dll

2012-08-15 23:02:48 3148800 ----a-w- C:\Windows\System32\win32k.sys

2012-08-15 23:02:47 956928 ----a-w- C:\Windows\System32\localspl.dll

2012-08-13 23:40:52 150880 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys

.

==================== Find3M ====================

.

2012-09-07 00:41:36 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-09-07 00:41:36 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-09-06 17:07:11 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-09-06 17:07:11 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-08-10 11:52:38 199520 ----a-w- C:\Windows\System32\drivers\avgtdia.sys

2012-08-10 11:52:34 105312 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys

2012-08-10 11:52:16 40288 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys

2012-08-09 20:56:42 230240 ----a-w- C:\Windows\System32\drivers\avgloga.sys

2012-08-09 20:56:34 60768 ----a-w- C:\Windows\System32\drivers\avgidsha.sys

2012-08-09 20:56:20 175968 ----a-w- C:\Windows\System32\drivers\avgldx64.sys

2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

.

============= FINISH: 9:58:50.55 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 8/15/2010 9:54:19 PM

System Uptime: 9/11/2012 8:55:31 AM (1 hours ago)

.

Motherboard: Gateway | | RS780

Processor: AMD Phenom II X4 820 Processor | AM2 | 2800/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 914 GiB total, 783.13 GiB free.

D: is CDROM ()

E: is Removable

F: is Removable

G: is Removable

H: is Removable

I: is Removable

J: is FIXED (NTFS) - 932 GiB total, 867.276 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e96b-e325-11ce-bfc1-08002be10318}

Description: Standard PS/2 Keyboard

Device ID: ACPI\PNP0303\4&2A700557&0

Manufacturer: (Standard keyboards)

Name: Standard PS/2 Keyboard

PNP Device ID: ACPI\PNP0303\4&2A700557&0

Service: i8042prt

.

Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}

Description: Microsoft PS/2 Mouse

Device ID: ACPI\PNP0F03\4&2A700557&0

Manufacturer: Microsoft

Name: Microsoft PS/2 Mouse

PNP Device ID: ACPI\PNP0F03\4&2A700557&0

Service: i8042prt

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: BHDrvx64

Device ID: ROOT\LEGACY_BHDRVX64\0000

Manufacturer:

Name: BHDrvx64

PNP Device ID: ROOT\LEGACY_BHDRVX64\0000

Service: BHDrvx64

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Symantec Iron Driver

Device ID: ROOT\LEGACY_SYMIRON\0000

Manufacturer:

Name: Symantec Iron Driver

PNP Device ID: ROOT\LEGACY_SYMIRON\0000

Service: SymIRON

.

==== System Restore Points ===================

.

RP178: 9/5/2012 7:32:07 PM - Removed RuneScape Launcher 1.2

RP179: 9/6/2012 10:05:51 AM - Installed Java 7 Update 7

RP180: 9/7/2012 4:09:06 PM - Windows Update

RP181: 9/7/2012 4:29:04 PM - Installed PTDD Super Fdisk 1.0

RP182: 9/7/2012 11:13:21 PM - Installed AVG 2013

RP183: 9/7/2012 11:13:54 PM - Installed AVG 2013

RP184: 9/8/2012 12:59:41 PM - Installed SpyHunter

RP185: 9/8/2012 2:24:28 PM - Windows Update

.

==== Installed Programs ======================

.

7-Zip 4.65

Acrobat.com

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.5.2 MUI

Advertising Center

AMD DnD V1.0.19

Apple Application Support

Apple Software Update

Audacity 2.0

Backup Manager Advance

Battlefield Play4Free

BSR Screen Recorder 5

CamStudio

Camtasia Studio 7

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CL-Eye Driver

Compatibility Pack for the 2007 Office system

D3DX10

Debut Video Capture Software

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

eBay Worldwide

Floris Mod Pack 2.533

Fraps

Gateway Games

Gateway InfoCentre

Gateway MyBackup

Gateway Photo Frame 4.2.3.10

Gateway Recovery Management

Gateway Registration

Gateway ScreenSaver

Gateway Updater

Gimp 2.6.2 Debug

Google Toolbar for Internet Explorer

Google Update Helper

Identity Card

ImagXpress

Java 7 Update 7

Java Auto Updater

JavaFX 2.1.1

Junk Mail filter update

Killing Floor

LibUSB-Win32-0.1.10.1

LogMeIn Hamachi

Malwarebytes Anti-Malware version 1.62.0.1300

Marvell Miniport Driver

McAfee Security Scan Plus

Mesh Runtime

Microsoft Expression Encoder 4

Microsoft Expression Encoder 4 Screen Capture Codec

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Student 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Works

Microsoft XNA Framework Redistributable 3.1

Microsoft XNA Framework Redistributable 4.0

Mixxx

Motocross Matchup

Mount & Blade: Warband

Mozilla Firefox 15.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 9 Essentials

Nero ControlCenter

Nero DiscSpeed

Nero DiscSpeed Help

Nero DriveSpeed

Nero DriveSpeed Help

Nero Express Help

Nero InfoTool

Nero InfoTool Help

Nero Installer

Nero Online Upgrade

Nero StartSmart

Nero StartSmart Help

Nero StartSmart OEM

NeroExpress

neroxml

Norton Internet Security

Norton Online Backup

NVIDIA PhysX v8.10.29

ParetoLogic DriverCure

PriceGong 2.1.0

PricePeep for FireFox

PTDD Super Fdisk 1.0

PunkBuster Services

QuickTime

Realtek High Definition Audio Driver

RegInOut System Utilities

Resource Tuner 1.99 R6

RuneScape Launcher 1.2

Search Toolbar

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Simppull Toolbar (Remove Toolbar Only)

Skype Toolbars

Skype™ 5.0

StarCraft II

Steam

Terraria

TurboCAD Deluxe 15

TurboCAD Symbols

Ulead VideoStudio SE DVD

Unity Web Player

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Welcome Center

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Movie Maker 2.6

WinRAR archiver

.

==== Event Viewer Messages From Past Week ========

.

9/9/2012 9:59:53 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

9/9/2012 9:59:53 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

9/9/2012 9:59:52 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

9/9/2012 9:59:52 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

9/9/2012 9:59:49 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

9/9/2012 9:59:49 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

9/9/2012 9:59:40 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

9/9/2012 9:59:30 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AVGIDSDriver Avgldx64 Avgmfx64 Avgtdia BHDrvx64 DfsC discache eamonm eeCtrl ehdrv EpfwLWF IDSVia64 MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tdx Wanarpv6 WfpLwf

9/9/2012 9:59:29 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

9/9/2012 9:59:29 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

9/9/2012 9:59:29 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

9/9/2012 9:59:29 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

9/9/2012 9:59:29 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

9/9/2012 9:59:29 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

9/9/2012 9:59:29 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

9/9/2012 9:59:29 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

9/9/2012 9:59:29 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

9/9/2012 9:59:29 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

9/9/2012 9:59:29 AM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.

9/9/2012 12:27:21 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the NTI IScheduleSvc service to connect.

9/9/2012 12:27:21 PM, Error: Service Control Manager [7000] - The NTI IScheduleSvc service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

9/9/2012 12:02:51 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.

9/9/2012 1:00:49 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

9/9/2012 1:00:49 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

9/8/2012 10:09:25 AM, Error: Service Control Manager [7030] - The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

9/7/2012 9:44:13 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

9/7/2012 5:52:08 PM, Error: Service Control Manager [7034] - The avast! Antivirus service terminated unexpectedly. It has done this 3 time(s).

9/7/2012 5:48:36 PM, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

9/7/2012 5:38:18 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer CODYHEFLEY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8628632D-6C55-4ABA-9FDD-C7167464361F}. The master browser is stopping or an election is being forced.

9/7/2012 5:33:46 PM, Error: Service Control Manager [7031] - The Windows Event Log service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

9/7/2012 5:33:46 PM, Error: Service Control Manager [7031] - The Windows Audio service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

9/7/2012 5:33:46 PM, Error: Service Control Manager [7031] - The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

9/7/2012 5:33:46 PM, Error: Service Control Manager [7031] - The Security Center service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

9/7/2012 5:33:46 PM, Error: Service Control Manager [7031] - The HomeGroup Provider service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

9/7/2012 5:33:46 PM, Error: Service Control Manager [7031] - The DHCP Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

9/7/2012 5:28:08 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 5.161.78.81. The computer with the IP address 5.73.154.88 did not allow the name to be claimed by this computer.

9/7/2012 10:58:31 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

9/7/2012 10:35:26 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

9/7/2012 10:35:00 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx aswSP aswTdi BHDrvx64 discache eeCtrl IDSVia64 MpFilter spldr SRTSPX SymIRON SymNetS Wanarpv6

9/7/2012 10:25:05 PM, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

9/6/2012 3:53:35 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the DNS Client service, but this action failed with the following error: An instance of the service is already running.

9/6/2012 3:51:35 PM, Error: Service Control Manager [7031] - The Workstation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

9/6/2012 3:51:35 PM, Error: Service Control Manager [7031] - The Network Location Awareness service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

9/6/2012 3:51:35 PM, Error: Service Control Manager [7031] - The DNS Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

9/6/2012 3:51:35 PM, Error: Service Control Manager [7031] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

9/4/2012 9:53:04 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=2.0.8001.0&sig=11.159.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: Home-PC\Home Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/4/2012 9:53:04 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=2.0.8001.0&sig=11.159.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: Home-PC\Home Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/4/2012 9:52:54 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.8601.0&avdelta=1.131.2310.0&asdelta=1.131.2310.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: Home-PC\Home Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/4/2012 9:52:54 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.8601.0&avdelta=1.131.2310.0&asdelta=1.131.2310.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: Home-PC\Home Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/4/2012 9:52:44 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

9/4/2012 9:50:31 AM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 1.131.2310.0;1.131.2310.0 Engine version: 1.1.8601.0

9/4/2012 9:28:23 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: MpFilter

9/4/2012 9:28:22 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007001f Error description: A device attached to the system is not functioning. Reason: The filter driver was unloaded unexpectedly.

9/4/2012 9:28:22 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007001f Error description: A device attached to the system is not functioning. Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

9/4/2012 9:28:22 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x8007001f Error description: A device attached to the system is not functioning. Reason: The filter driver was unloaded unexpectedly.

9/4/2012 9:28:22 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x8007001f Error description: A device attached to the system is not functioning. Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

9/4/2012 12:54:21 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

9/4/2012 12:42:06 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 discache eeCtrl IDSVia64 MpFilter spldr SRTSPX SymIRON SymNetS Wanarpv6

9/4/2012 11:21:49 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect.

9/4/2012 11:21:49 PM, Error: Service Control Manager [7000] - The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

9/4/2012 11:21:45 PM, Error: Service Control Manager [7030] - The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

9/4/2012 10:05:07 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.436.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.8601.0&avdelta=1.131.2310.0&asdelta=1.131.2310.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8050a003 Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.

9/4/2012 10:05:07 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.436.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.8601.0&avdelta=1.131.2310.0&asdelta=1.131.2310.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8050a003 Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.

9/11/2012 8:58:40 AM, Error: Service Control Manager [7001] - The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: The system cannot find the file specified.

9/11/2012 8:58:40 AM, Error: Service Control Manager [7000] - The MBAMProtector service failed to start due to the following error: The system cannot find the file specified.

9/11/2012 8:56:39 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 SymIRON

9/11/2012 8:56:36 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

9/11/2012 8:56:11 AM, Error: Service Control Manager [7000] - The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start due to the following error: The system cannot find the file specified.

.

==== End Of File ===========================

MrCharlie · September 11, 2012

AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: ESET Smart Security 5.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: ESET Smart Security 5.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

What's with all these AVs you have installed??

You should only have a anti-virus installed!

~~~~~~~~~~~~~~~

Can you post the log from RogueKiller. MrC

11Garrett · September 13, 2012

do i need to download roguekiller? because i cand find it on my computer

MrCharlie · September 13, 2012

It's in my original post:

http://forums.malwar...ndpost&p=595871

MrC

11Garrett · September 13, 2012

RogueKiller V8.0.3 [09/13/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Home [Admin rights]

Mode : Scan -- Date : 09/13/2012 09:45:18

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 5 ¤¤¤

[TASK][sUSP PATH] {527988B1-10E3-470F-9423-B2871C894598} : C:\Users\Home\Desktop\tdsskiller.exe -> FOUND

[TASK][sUSP PATH] {E43DAF61-1A3D-429E-B177-55E3B9BAA672} : C:\Users\Home\Desktop\tdsskiller.exe -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[sCREENSV][sUSP PATH] HKCU\[...]\Desktop (C:\Users\Home\Desktop\DOWNLO~1\dds.scr) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD10EADS-22M2B0 ATA Device +++++

--- User ---

[MBR] 7872e2a4e65a393f0a8b12a60d04ce88

[bSP] 848584d8be6724882d0cb36cc39d9395 : Acer tatooed MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 17408 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 35653632 | Size: 100 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 35858432 | Size: 936345 Mo

User = LL1 ... OK!

User != LL2 ... KO!

--- LL2 ---

[MBR] 2ef7ce266e1649e0c4c0590f5dc093c0

[bSP] 848584d8be6724882d0cb36cc39d9395 : Acer tatooed MBR Code [possible maxSST in 3!]

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 17408 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 35653632 | Size: 100 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 35858432 | Size: 936345 Mo

3 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 1953495040 | Size: 10 Mo

+++++ PhysicalDrive1: WD Ext HDD 1021 USB Device +++++

--- User ---

[MBR] 96976590c924abd820802328a7fda027

[bSP] 0f26fc3bed97e67eae4bab9ff31c891b : Windows XP MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953866 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

Finished : << RKreport[1].txt >>

RKreport[1].txt

MrCharlie · September 13, 2012

OK, we can't continue until you address all these anti-virus programs you have installed.

http://forums.malwarebytes.org/index.php?showtopic=115649&view=findpost&p=595896

You only need one, more than one cause conflicts and less protection.

Please pick one and uninstall the rest.

I suggest you keep ESET Smart Security 5.2 and uninstall the rest.

MrC

11Garrett · September 13, 2012

alright i uninstalled everything but ESET

MrCharlie · September 13, 2012

Please read the directions carefully so you don't end up deleting something that is good!!

Please download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Put a checkmark beside loaded modules.
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Check all boxes then click OK.
Click the Start Scan button.
The scan should take no longer than 2 minutes.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here. There may be 3 logs > so post or attach all of them.
Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

11Garrett · September 13, 2012

im having a problem TDS killer wont run i even tried to run it as administrator and it still wont run

MrCharlie · September 13, 2012

Please download Listparts64

Run the tool, click Scan and post the log (Result.txt) it makes

MrC

11Garrett · September 13, 2012

ListParts by Farbar Version: 10-08-2012

Ran by Home (administrator) on 13-09-2012 at 12:02:36

Windows 7 (X64)

Running From: C:\Users\Home\Desktop\Downloads

Language: 0409

************************************************************

========================= Memory info ======================

Percentage of memory in use: 33%

Total physical RAM: 5887.3 MB

Available physical RAM: 3927.61 MB

Total Pagefile: 11772.8 MB

Available Pagefile: 9671.51 MB

Total Virtual: 8192 MB

Available Virtual: 8191.89 MB

======================= Partitions =========================

1 Drive c: (Gateway) (Fixed) (Total:914.4 GB) (Free:782.5 GB) NTFS

8 Drive j: (Elements) (Fixed) (Total:931.51 GB) (Free:867.28 GB) NTFS

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 931 GB 0 B

Disk 1 Online 931 GB 0 B

Disk 2 No Media 0 B 0 B

Disk 3 No Media 0 B 0 B

Disk 4 No Media 0 B 0 B

Disk 5 No Media 0 B 0 B

Disk 6 No Media 0 B 0 B

Partitions of Disk 0:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Recovery 17 GB 1024 KB

Partition 2 Primary 100 MB 17 GB

Partition 3 Primary 914 GB 17 GB

Partition 4 Primary 10 MB 931 GB

======================================================================================================

Disk: 0

Partition 1

Type : 27

Hidden: Yes

Active: No

MrCharlie · September 13, 2012

That can't be the complete log, please try it again and post the complete log, MrC

11Garrett · September 13, 2012

ListParts by Farbar Version: 10-08-2012

Ran by Home (administrator) on 13-09-2012 at 12:59:20

Windows 7 (X64)

Running From: C:\Users\Home\Desktop\Downloads

Language: 0409

************************************************************

========================= Memory info ======================

Percentage of memory in use: 35%

Total physical RAM: 5887.3 MB

Available physical RAM: 3819.31 MB

Total Pagefile: 11772.8 MB

Available Pagefile: 9442.33 MB

Total Virtual: 8192 MB

Available Virtual: 8191.89 MB

======================= Partitions =========================

1 Drive c: (Gateway) (Fixed) (Total:914.4 GB) (Free:782.44 GB) NTFS

8 Drive j: (Elements) (Fixed) (Total:931.51 GB) (Free:867.28 GB) NTFS

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 931 GB 0 B

Disk 1 Online 931 GB 0 B

Disk 2 No Media 0 B 0 B

Disk 3 No Media 0 B 0 B

Disk 4 No Media 0 B 0 B

Disk 5 No Media 0 B 0 B

Disk 6 No Media 0 B 0 B

Partitions of Disk 0:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Recovery 17 GB 1024 KB

Partition 2 Primary 100 MB 17 GB

Partition 3 Primary 914 GB 17 GB

Partition 4 Primary 10 MB 931 GB

======================================================================================================

Disk: 0

Partition 1

Type : 27

Hidden: Yes

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 PQSERVICE NTFS Partition 17 GB Healthy Hidden

======================================================================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 SYSTEM RESE NTFS Partition 100 MB Healthy System (partition with boot components)

======================================================================================================

Disk: 0

Partition 3

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 C Gateway NTFS Partition 914 GB Healthy Boot

======================================================================================================

Disk: 0

Partition 4

Type : 17 (Suspicious Type)

Hidden: Yes

Active: Yes

There is no volume associated with this partition.

======================================================================================================

Partitions of Disk 1:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 931 GB 1024 KB

======================================================================================================

Disk: 1

Partition 1

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 4 J Elements NTFS Partition 931 GB Healthy

======================================================================================================

The boot configuration data store could not be opened.

The system cannot find the file specified.

****** End Of Log ******

MrCharlie · September 13, 2012

That's better, what brand computer is this? MrC

11Garrett · September 13, 2012

its a gateway

MrCharlie · September 13, 2012

Looks like you have a hidden partition that's causing the problems, please do this:

Download ListParts64to a USB flash drive.
Plug the USB drive into the infected machine.

Boot your computer into Recovery Environment

Restart the computer and press F8 repeatedly until the Advanced Options Menu appears.
Select Repair your computer.
Select Language and click Next
Enter password (if necessary) and click OK, you should now see the screen below ...

Select the Command Prompt option.
A command window will open.
- Type notepad then hit Enter.
- Notepad will open.
  - Click File > Open then select Computer.
  - Note down the drive letter for your USB Drive.
  - Close Notepad.
[*]Back in the command window ....
- Type e:\listparts.exe and hit Enter (where e: is replaced by the drive letter for your USB drive)
- Type e:\listparts64.exe and hit Enter (where e: is replaced by the drive letter for your USB drive)
- ListParts will start to run.
  - Press the Scan button.
  - When finished scanning it will make a log Result.txt on the flash drive.
[*]Close the command window.
[*]Boot back into normal mode and post me the Result.txt log please.

MrC

MrCharlie · September 14, 2012

If I caught you in time, please try this first:

See if this one runs, Don't update it when prompted:

TDSSKiller.exe

Please read the directions carefully so you don't end up deleting something that is good!!

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

------------------------

Click the Start Scan button.

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

11Garrett · September 15, 2012

09:42:33.0892 0980 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30

09:42:58.0742 0980 ============================================================

09:42:58.0742 0980 Current date / time: 2012/09/15 09:42:58.0742

09:42:58.0742 0980 SystemInfo:

09:42:58.0742 0980

09:42:58.0742 0980 OS Version: 6.1.7601 ServicePack: 1.0

09:42:58.0742 0980 Product type: Workstation

09:42:58.0742 0980 ComputerName: HOME-PC

09:42:58.0742 0980 UserName: Home

09:42:58.0742 0980 Windows directory: C:\Windows

09:42:58.0742 0980 System windows directory: C:\Windows

09:42:58.0742 0980 Running under WOW64

09:42:58.0742 0980 Processor architecture: Intel x64

09:42:58.0742 0980 Number of processors: 4

09:42:58.0742 0980 Page size: 0x1000

09:42:58.0742 0980 Boot type: Normal boot

09:42:58.0742 0980 ============================================================

09:43:01.0160 0980 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000020

09:43:01.0175 0980 Drive \Device\Harddisk1\DR1 - Size: 0x7A00000 (0.12 Gb), SectorSize: 0x200, Cylinders: 0xF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

09:43:01.0175 0980 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0B00000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

09:43:01.0706 0980 ============================================================

09:43:01.0706 0980 \Device\Harddisk0\DR0:

09:43:01.0706 0980 MBR partitions:

09:43:01.0706 0980 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2200800, BlocksNum 0x32000

09:43:01.0706 0980 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2232800, BlocksNum 0x724CCDB0

09:43:01.0706 0980 \Device\Harddisk1\DR1:

09:43:01.0706 0980 MBR partitions:

09:43:01.0706 0980 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x3CFDF

09:43:01.0706 0980 \Device\Harddisk2\DR2:

09:43:01.0721 0980 MBR partitions:

09:43:01.0721 0980 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000

09:43:01.0721 0980 ============================================================

09:43:01.0737 0980 C: <-> \Device\Harddisk0\DR0\Partition1

09:43:01.0768 0980 J: <-> \Device\Harddisk2\DR2\Partition0

09:43:01.0768 0980 ============================================================

09:43:01.0768 0980 Initialize success

09:43:01.0768 0980 ============================================================

09:43:27.0867 2440 ============================================================

09:43:27.0867 2440 Scan started

09:43:27.0867 2440 Mode: Manual; SigCheck; TDLFS;

09:43:27.0867 2440 ============================================================

09:43:30.0347 2440 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

09:43:30.0441 2440 1394ohci - ok

09:43:30.0488 2440 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

09:43:30.0503 2440 ACPI - ok

09:43:30.0534 2440 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

09:43:30.0597 2440 AcpiPmi - ok

09:43:30.0722 2440 AdobeFlashPlayerUpdateSvc (b2b64af436faccfa854dd397027c5360) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

09:43:30.0753 2440 AdobeFlashPlayerUpdateSvc - ok

09:43:30.0800 2440 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

09:43:30.0831 2440 adp94xx - ok

09:43:30.0846 2440 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

09:43:30.0862 2440 adpahci - ok

09:43:30.0878 2440 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

09:43:30.0878 2440 adpu320 - ok

09:43:30.0909 2440 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

09:43:30.0971 2440 AeLookupSvc - ok

09:43:31.0049 2440 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

09:43:31.0096 2440 AFD - ok

09:43:31.0127 2440 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

09:43:31.0143 2440 agp440 - ok

09:43:31.0143 2440 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

09:43:31.0174 2440 ALG - ok

09:43:31.0205 2440 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

09:43:31.0205 2440 aliide - ok

09:43:31.0236 2440 AMD External Events Utility (5989d711769200f0f3e145319250472b) C:\Windows\system32\atiesrxx.exe

09:43:31.0314 2440 AMD External Events Utility - ok

09:43:31.0330 2440 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

09:43:31.0346 2440 amdide - ok

09:43:31.0361 2440 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

09:43:31.0377 2440 AmdK8 - ok

09:43:31.0408 2440 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

09:43:31.0439 2440 AmdPPM - ok

09:43:31.0486 2440 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

09:43:31.0517 2440 amdsata - ok

09:43:31.0548 2440 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

09:43:31.0580 2440 amdsbs - ok

09:43:31.0580 2440 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

09:43:31.0595 2440 amdxata - ok

09:43:31.0642 2440 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

09:43:31.0798 2440 AppID - ok

09:43:31.0829 2440 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

09:43:31.0876 2440 AppIDSvc - ok

09:43:31.0938 2440 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

09:43:32.0016 2440 Appinfo - ok

09:43:32.0110 2440 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

09:43:32.0126 2440 Apple Mobile Device - ok

09:43:32.0172 2440 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

09:43:32.0204 2440 arc - ok

09:43:32.0219 2440 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

09:43:32.0235 2440 arcsas - ok

09:43:32.0360 2440 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

09:43:32.0438 2440 aspnet_state - ok

09:43:32.0469 2440 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

09:43:32.0531 2440 AsyncMac - ok

09:43:32.0562 2440 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

09:43:32.0594 2440 atapi - ok

09:43:32.0640 2440 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys

09:43:32.0718 2440 AtiHdmiService - ok

09:43:32.0937 2440 atikmdag (b5fb227a09a9ec28163fa4b45487c3c7) C:\Windows\system32\DRIVERS\atikmdag.sys

09:43:33.0124 2440 atikmdag - ok

09:43:33.0202 2440 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys

09:43:33.0233 2440 AtiPcie - ok

09:43:33.0311 2440 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

09:43:33.0405 2440 AudioEndpointBuilder - ok

09:43:33.0405 2440 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

09:43:33.0436 2440 AudioSrv - ok

09:43:33.0483 2440 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

09:43:33.0561 2440 AxInstSV - ok

09:43:33.0623 2440 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

09:43:33.0701 2440 b06bdrv - ok

09:43:33.0748 2440 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

09:43:33.0795 2440 b57nd60a - ok

09:43:33.0826 2440 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

09:43:33.0888 2440 BDESVC - ok

09:43:33.0920 2440 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

09:43:33.0982 2440 Beep - ok

09:43:34.0060 2440 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

09:43:34.0154 2440 BFE - ok

09:43:34.0341 2440 BHDrvx64 (e99f59342171101ee2446d0cd1a60a8d) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120811.003\BHDrvx64.sys

09:43:34.0372 2440 BHDrvx64 - ok

09:43:34.0528 2440 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

09:43:34.0590 2440 BITS - ok

09:43:34.0637 2440 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

09:43:34.0668 2440 blbdrive - ok

09:43:34.0762 2440 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

09:43:34.0793 2440 Bonjour Service - ok

09:43:34.0840 2440 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

09:43:34.0902 2440 bowser - ok

09:43:34.0918 2440 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

09:43:34.0949 2440 BrFiltLo - ok

09:43:34.0965 2440 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

09:43:34.0980 2440 BrFiltUp - ok

09:43:35.0027 2440 Browser (05f5a0d14a2ee1d8255c2aa0e9e8e694) C:\Windows\System32\browser.dll

09:43:35.0058 2440 Browser - ok

09:43:35.0074 2440 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

09:43:35.0090 2440 Brserid - ok

09:43:35.0105 2440 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

09:43:35.0136 2440 BrSerWdm - ok

09:43:35.0136 2440 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

09:43:35.0152 2440 BrUsbMdm - ok

09:43:35.0168 2440 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

09:43:35.0183 2440 BrUsbSer - ok

09:43:35.0214 2440 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

09:43:35.0230 2440 BTHMODEM - ok

09:43:35.0261 2440 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

09:43:35.0324 2440 bthserv - ok

09:43:35.0386 2440 BVRPMPR5a64 (9887ca12f407d7fbc7f48f3678f5f0b6) C:\Windows\system32\drivers\BVRPMPR5a64.SYS

09:43:35.0402 2440 BVRPMPR5a64 - ok

09:43:35.0433 2440 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

09:43:35.0526 2440 cdfs - ok

09:43:35.0558 2440 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

09:43:35.0589 2440 cdrom - ok

09:43:35.0636 2440 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

09:43:35.0714 2440 CertPropSvc - ok

09:43:35.0729 2440 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

09:43:35.0760 2440 circlass - ok

09:43:35.0792 2440 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

09:43:35.0823 2440 CLFS - ok

09:43:35.0885 2440 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

09:43:35.0901 2440 clr_optimization_v2.0.50727_32 - ok

09:43:35.0948 2440 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

09:43:35.0963 2440 clr_optimization_v2.0.50727_64 - ok

09:43:36.0072 2440 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

09:43:36.0213 2440 clr_optimization_v4.0.30319_32 - ok

09:43:36.0244 2440 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

09:43:36.0260 2440 clr_optimization_v4.0.30319_64 - ok

09:43:36.0291 2440 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

09:43:36.0322 2440 CmBatt - ok

09:43:36.0353 2440 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

09:43:36.0369 2440 cmdide - ok

09:43:36.0416 2440 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys

09:43:36.0494 2440 CNG - ok

09:43:36.0509 2440 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

09:43:36.0525 2440 Compbatt - ok

09:43:36.0556 2440 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

09:43:36.0603 2440 CompositeBus - ok

09:43:36.0634 2440 COMSysApp - ok

09:43:36.0650 2440 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

09:43:36.0650 2440 crcdisk - ok

09:43:36.0696 2440 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll

09:43:36.0728 2440 CryptSvc - ok

09:43:36.0774 2440 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

09:43:36.0884 2440 DcomLaunch - ok

09:43:36.0930 2440 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

09:43:36.0993 2440 defragsvc - ok

09:43:37.0024 2440 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

09:43:37.0118 2440 DfsC - ok

09:43:37.0180 2440 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

09:43:37.0227 2440 Dhcp - ok

09:43:37.0242 2440 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

09:43:37.0274 2440 discache - ok

09:43:37.0305 2440 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

09:43:37.0336 2440 Disk - ok

09:43:37.0367 2440 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

09:43:37.0398 2440 Dnscache - ok

09:43:37.0445 2440 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

09:43:37.0508 2440 dot3svc - ok

09:43:37.0539 2440 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

09:43:37.0586 2440 DPS - ok

09:43:37.0617 2440 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

09:43:37.0617 2440 drmkaud - ok

09:43:37.0695 2440 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

09:43:37.0710 2440 DXGKrnl - ok

09:43:37.0773 2440 eamonm (d00eae9c735a7dee8049e50d73d25434) C:\Windows\system32\DRIVERS\eamonm.sys

09:43:37.0788 2440 eamonm - ok

09:43:37.0820 2440 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

09:43:37.0882 2440 EapHost - ok

09:43:38.0038 2440 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

09:43:38.0147 2440 ebdrv - ok

09:43:38.0272 2440 eeCtrl (4353ff94d47a0a9d52b89eccf0cdb013) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

09:43:38.0381 2440 eeCtrl - ok

09:43:38.0490 2440 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

09:43:38.0537 2440 EFS - ok

09:43:38.0584 2440 ehdrv (e5edde3c8158dd0cbc5812f201dcded0) C:\Windows\system32\DRIVERS\ehdrv.sys

09:43:38.0600 2440 ehdrv - ok

09:43:38.0693 2440 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

09:43:38.0756 2440 ehRecvr - ok

09:43:38.0787 2440 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

09:43:38.0802 2440 ehSched - ok

09:43:38.0958 2440 ekrn (ad4faade819e0da9933bea7c01d2c763) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

09:43:38.0990 2440 ekrn - ok

09:43:39.0083 2440 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

09:43:39.0146 2440 elxstor - ok

09:43:39.0208 2440 emAudio (09cdf93151ae257c40591905975c0e36) C:\Windows\system32\drivers\emAudio64.sys

09:43:39.0255 2440 emAudio - ok

09:43:39.0364 2440 epfw (587f0f4145a1536a6e37efd769b7665f) C:\Windows\system32\DRIVERS\epfw.sys

09:43:39.0395 2440 epfw - ok

09:43:39.0411 2440 EpfwLWF (d2f812358ee8ee23cbb5c4daffb5b819) C:\Windows\system32\DRIVERS\EpfwLWF.sys

09:43:39.0426 2440 EpfwLWF - ok

09:43:39.0458 2440 epfwwfp (34bf55d69ab74d14c7e7a17259cb7df8) C:\Windows\system32\DRIVERS\epfwwfp.sys

09:43:39.0473 2440 epfwwfp - ok

09:43:39.0504 2440 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

09:43:39.0536 2440 ErrDev - ok

09:43:39.0629 2440 esgiguard (df96c3cd6ae15f6d0a6bcb70f9c1e88d) C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys

09:43:39.0645 2440 esgiguard - ok

09:43:39.0692 2440 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

09:43:39.0738 2440 EventSystem - ok

09:43:39.0754 2440 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

09:43:39.0785 2440 exfat - ok

09:43:39.0816 2440 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

09:43:39.0832 2440 fastfat - ok

09:43:39.0957 2440 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

09:43:40.0004 2440 Fax - ok

09:43:40.0097 2440 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

09:43:40.0144 2440 fdc - ok

09:43:40.0175 2440 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

09:43:40.0253 2440 fdPHost - ok

09:43:40.0300 2440 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

09:43:40.0347 2440 FDResPub - ok

09:43:40.0362 2440 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

09:43:40.0378 2440 FileInfo - ok

09:43:40.0425 2440 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

09:43:40.0487 2440 Filetrace - ok

09:43:40.0503 2440 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

09:43:40.0518 2440 flpydisk - ok

09:43:40.0565 2440 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

09:43:40.0565 2440 FltMgr - ok

09:43:40.0877 2440 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

09:43:40.0924 2440 FontCache - ok

09:43:40.0986 2440 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

09:43:41.0002 2440 FontCache3.0.0.0 - ok

09:43:41.0142 2440 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

09:43:41.0142 2440 FsDepends - ok

09:43:41.0205 2440 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

09:43:41.0220 2440 Fs_Rec - ok

09:43:41.0314 2440 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

09:43:41.0330 2440 fvevol - ok

09:43:41.0345 2440 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

09:43:41.0361 2440 gagp30kx - ok

09:43:41.0501 2440 GameConsoleService (551d463e4cceb5240234da6718c93a44) C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe

09:43:41.0517 2440 GameConsoleService - ok

09:43:41.0579 2440 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

09:43:41.0595 2440 GEARAspiWDM - ok

09:43:41.0860 2440 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

09:43:41.0922 2440 gpsvc - ok

09:43:42.0016 2440 Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe

09:43:42.0032 2440 Greg_Service - ok

09:43:42.0110 2440 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

09:43:42.0110 2440 gupdate - ok

09:43:42.0156 2440 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

09:43:42.0156 2440 gupdatem - ok

09:43:42.0188 2440 gusvc (5d4bc124faae6730ac002cdb67bf1a1c) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

09:43:42.0203 2440 gusvc - ok

09:43:42.0312 2440 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys

09:43:42.0328 2440 hamachi - ok

09:43:42.0468 2440 Hamachi2Svc (f10c3f2e002100bf8b797dcf283fea7d) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

09:43:42.0500 2440 Hamachi2Svc - ok

09:43:42.0546 2440 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

09:43:42.0562 2440 hcw85cir - ok

09:43:42.0609 2440 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

09:43:42.0640 2440 HdAudAddService - ok

09:43:42.0671 2440 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

09:43:42.0702 2440 HDAudBus - ok

09:43:42.0718 2440 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

09:43:42.0734 2440 HidBatt - ok

09:43:42.0765 2440 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

09:43:42.0796 2440 HidBth - ok

09:43:42.0796 2440 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

09:43:42.0827 2440 HidIr - ok

09:43:42.0843 2440 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

09:43:42.0890 2440 hidserv - ok

09:43:42.0921 2440 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

09:43:42.0936 2440 HidUsb - ok

09:43:42.0968 2440 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

09:43:43.0014 2440 hkmsvc - ok

09:43:43.0046 2440 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

09:43:43.0061 2440 HomeGroupListener - ok

09:43:43.0217 2440 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

09:43:43.0264 2440 HomeGroupProvider - ok

09:43:43.0358 2440 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

09:43:43.0389 2440 HpSAMD - ok

09:43:43.0529 2440 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

09:43:43.0592 2440 HTTP - ok

09:43:43.0638 2440 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

09:43:43.0654 2440 hwpolicy - ok

09:43:43.0748 2440 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

09:43:43.0763 2440 i8042prt - ok

09:43:43.0872 2440 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

09:43:43.0904 2440 iaStorV - ok

09:43:43.0997 2440 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

09:43:44.0044 2440 idsvc - ok

09:43:44.0184 2440 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120817.001\IDSvia64.sys

09:43:44.0184 2440 IDSVia64 - ok

09:43:44.0325 2440 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

09:43:44.0340 2440 iirsp - ok

09:43:44.0403 2440 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

09:43:44.0481 2440 IKEEXT - ok

09:43:44.0606 2440 IntcAzAudAddService (e200f72882c1e4e45fa2c4b66f19f7fb) C:\Windows\system32\drivers\RTKVHD64.sys

09:43:44.0652 2440 IntcAzAudAddService - ok

09:43:44.0715 2440 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

09:43:44.0730 2440 intelide - ok

09:43:44.0746 2440 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

09:43:44.0777 2440 intelppm - ok

09:43:44.0793 2440 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

09:43:44.0840 2440 IPBusEnum - ok

09:43:44.0871 2440 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

09:43:44.0918 2440 IpFilterDriver - ok

09:43:44.0964 2440 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

09:43:45.0027 2440 iphlpsvc - ok

09:43:45.0058 2440 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

09:43:45.0074 2440 IPMIDRV - ok

09:43:45.0074 2440 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

09:43:45.0120 2440 IPNAT - ok

09:43:45.0214 2440 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe

09:43:45.0230 2440 iPod Service - ok

09:43:45.0261 2440 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

09:43:45.0276 2440 IRENUM - ok

09:43:45.0308 2440 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

09:43:45.0308 2440 isapnp - ok

09:43:45.0339 2440 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

09:43:45.0354 2440 iScsiPrt - ok

09:43:45.0401 2440 jumi (ccb39c7006d436d238ac75d2abfde1fe) C:\Windows\system32\DRIVERS\jumi.sys

09:43:45.0417 2440 jumi - ok

09:43:45.0448 2440 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

09:43:45.0448 2440 kbdclass - ok

09:43:45.0495 2440 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

09:43:45.0526 2440 kbdhid - ok

09:43:45.0557 2440 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:43:45.0557 2440 KeyIso - ok

09:43:45.0588 2440 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys

09:43:45.0604 2440 KSecDD - ok

09:43:45.0635 2440 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys

09:43:45.0651 2440 KSecPkg - ok

09:43:45.0666 2440 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

09:43:45.0713 2440 ksthunk - ok

09:43:45.0744 2440 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

09:43:45.0791 2440 KtmRm - ok

09:43:45.0838 2440 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

09:43:45.0885 2440 LanmanServer - ok

09:43:45.0916 2440 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

09:43:45.0963 2440 LanmanWorkstation - ok

09:43:45.0978 2440 libusbd - ok

09:43:46.0010 2440 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

09:43:46.0041 2440 lltdio - ok

09:43:46.0088 2440 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

09:43:46.0119 2440 lltdsvc - ok

09:43:46.0134 2440 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

09:43:46.0166 2440 lmhosts - ok

09:43:46.0197 2440 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

09:43:46.0212 2440 LSI_FC - ok

09:43:46.0228 2440 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

09:43:46.0244 2440 LSI_SAS - ok

09:43:46.0259 2440 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

09:43:46.0259 2440 LSI_SAS2 - ok

09:43:46.0275 2440 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

09:43:46.0275 2440 LSI_SCSI - ok

09:43:46.0353 2440 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

09:43:46.0446 2440 luafv - ok

09:43:46.0571 2440 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe

09:43:46.0587 2440 McComponentHostService - ok

09:43:46.0602 2440 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

09:43:46.0649 2440 Mcx2Svc - ok

09:43:46.0649 2440 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

09:43:46.0665 2440 megasas - ok

09:43:46.0680 2440 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

09:43:46.0680 2440 MegaSR - ok

09:43:46.0727 2440 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

09:43:46.0774 2440 MMCSS - ok

09:43:46.0790 2440 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

09:43:46.0821 2440 Modem - ok

09:43:46.0852 2440 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

09:43:46.0868 2440 monitor - ok

09:43:46.0977 2440 MotioninJoyXFilter (5fec1ff5bb9a1fa5c9cf4544d19d6d5d) C:\Windows\system32\DRIVERS\MijXfilt.sys

09:43:47.0008 2440 MotioninJoyXFilter - ok

09:43:47.0055 2440 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

09:43:47.0055 2440 mouclass - ok

09:43:47.0070 2440 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

09:43:47.0102 2440 mouhid - ok

09:43:47.0133 2440 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

09:43:47.0148 2440 mountmgr - ok

09:43:47.0242 2440 MozillaMaintenance (cb8af049ac9be419a77adae288673359) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

09:43:47.0258 2440 MozillaMaintenance - ok

09:43:47.0320 2440 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

09:43:47.0850 2440 mpio - ok

09:43:47.0866 2440 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

09:43:48.0459 2440 mpsdrv - ok

09:43:48.0786 2440 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

09:43:48.0833 2440 MpsSvc - ok

09:43:48.0927 2440 mr97310c (637650a42fd23947d837053fac789d38) C:\Windows\system32\DRIVERS\mr97310c.sys

09:43:48.0974 2440 mr97310c - ok

09:43:49.0020 2440 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

09:43:49.0067 2440 MRxDAV - ok

09:43:49.0317 2440 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

09:43:49.0379 2440 mrxsmb - ok

09:43:49.0442 2440 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

09:43:49.0504 2440 mrxsmb10 - ok

09:43:49.0691 2440 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

09:43:49.0707 2440 mrxsmb20 - ok

09:43:49.0800 2440 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

09:43:49.0816 2440 msahci - ok

09:43:49.0863 2440 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

09:43:49.0878 2440 msdsm - ok

09:43:49.0894 2440 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

09:43:49.0925 2440 MSDTC - ok

09:43:49.0956 2440 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

09:43:50.0003 2440 Msfs - ok

09:43:50.0003 2440 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

09:43:50.0097 2440 mshidkmdf - ok

09:43:50.0144 2440 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

09:43:50.0159 2440 msisadrv - ok

09:43:50.0190 2440 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

09:43:50.0253 2440 MSiSCSI - ok

09:43:50.0253 2440 msiserver - ok

09:43:50.0268 2440 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

09:43:50.0315 2440 MSKSSRV - ok

09:43:50.0331 2440 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

09:43:50.0362 2440 MSPCLOCK - ok

09:43:50.0378 2440 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

09:43:50.0424 2440 MSPQM - ok

09:43:50.0721 2440 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

09:43:50.0768 2440 MsRPC - ok

09:43:50.0799 2440 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

09:43:50.0814 2440 mssmbios - ok

09:43:50.0830 2440 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

09:43:50.0877 2440 MSTEE - ok

09:43:50.0908 2440 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

09:43:50.0939 2440 MTConfig - ok

09:43:50.0986 2440 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

09:43:51.0002 2440 Mup - ok

09:43:51.0189 2440 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

09:43:51.0314 2440 napagent - ok

09:43:51.0360 2440 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

09:43:51.0392 2440 NativeWifiP - ok

09:43:51.0516 2440 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120817.003\ENG64.SYS

09:43:51.0532 2440 NAVENG - ok

09:43:51.0688 2440 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120817.003\EX64.SYS

09:43:51.0750 2440 NAVEX15 - ok

09:43:52.0031 2440 NDIS (760e38053bf56e501d562b70ad796b88) C:\Windows\system32\drivers\ndis.sys

09:43:52.0062 2440 NDIS - ok

09:43:52.0094 2440 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

09:43:52.0125 2440 NdisCap - ok

09:43:52.0187 2440 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

09:43:52.0281 2440 NdisTapi - ok

09:43:52.0343 2440 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

09:43:52.0421 2440 Ndisuio - ok

09:43:52.0499 2440 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

09:43:52.0546 2440 NdisWan - ok

09:43:52.0624 2440 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

09:43:52.0640 2440 NDProxy - ok

09:43:52.0842 2440 Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

09:43:52.0920 2440 Nero BackItUp Scheduler 4.0 - ok

09:43:52.0998 2440 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

09:43:53.0061 2440 NetBIOS - ok

09:43:53.0154 2440 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

09:43:53.0217 2440 NetBT - ok

09:43:53.0248 2440 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:43:53.0248 2440 Netlogon - ok

09:43:53.0295 2440 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

09:43:53.0342 2440 Netman - ok

09:43:53.0451 2440 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

09:43:53.0498 2440 NetMsmqActivator - ok

09:43:53.0513 2440 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

09:43:53.0529 2440 NetPipeActivator - ok

09:43:53.0560 2440 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

09:43:53.0607 2440 netprofm - ok

09:43:53.0622 2440 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

09:43:53.0638 2440 NetTcpActivator - ok

09:43:53.0638 2440 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

09:43:53.0654 2440 NetTcpPortSharing - ok

09:43:53.0685 2440 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

09:43:53.0716 2440 nfrd960 - ok

09:43:53.0919 2440 NIS (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe

09:43:53.0934 2440 NIS - ok

09:43:54.0012 2440 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

09:43:54.0059 2440 NlaSvc - ok

09:43:54.0075 2440 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

09:43:54.0106 2440 Npfs - ok

09:43:54.0122 2440 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

09:43:54.0154 2440 nsi - ok

09:43:54.0163 2440 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

09:43:54.0194 2440 nsiproxy - ok

09:43:54.0303 2440 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

09:43:54.0350 2440 Ntfs - ok

09:43:54.0537 2440 NTI IScheduleSvc (bd691091ac7d9713d8f0b07c6b099e6c) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe

09:43:54.0537 2440 NTI IScheduleSvc - ok

09:43:56.0253 2440 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys

09:43:56.0269 2440 NTIDrvr - ok

09:43:56.0300 2440 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

09:43:56.0362 2440 Null - ok

09:43:56.0706 2440 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

09:43:56.0752 2440 nvraid - ok

09:43:56.0815 2440 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

09:43:56.0830 2440 nvstor - ok

09:43:56.0924 2440 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

09:43:56.0955 2440 nv_agp - ok

09:43:57.0033 2440 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

09:43:57.0049 2440 ohci1394 - ok

09:43:57.0220 2440 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:43:57.0250 2440 ose - ok

09:43:59.0992 2440 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

09:44:00.0148 2440 osppsvc - ok

09:44:00.0367 2440 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

09:44:00.0398 2440 p2pimsvc - ok

09:44:00.0449 2440 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

09:44:00.0459 2440 p2psvc - ok

09:44:01.0119 2440 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

09:44:01.0149 2440 Parport - ok

09:44:01.0219 2440 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

09:44:01.0229 2440 partmgr - ok

09:44:01.0259 2440 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

09:44:01.0289 2440 PcaSvc - ok

09:44:01.0359 2440 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

09:44:01.0369 2440 pci - ok

09:44:01.0409 2440 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

09:44:01.0439 2440 pciide - ok

09:44:01.0749 2440 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

09:44:01.0789 2440 pcmcia - ok

09:44:01.0819 2440 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

09:44:01.0829 2440 pcw - ok

09:44:02.0339 2440 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

09:44:02.0419 2440 PEAUTH - ok

09:44:03.0000 2440 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

09:44:03.0030 2440 PerfHost - ok

09:44:03.0390 2440 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

09:44:03.0460 2440 pla - ok

09:44:03.0580 2440 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

09:44:03.0610 2440 PlugPlay - ok

09:44:04.0050 2440 PnkBstrA - ok

09:44:04.0100 2440 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

09:44:04.0130 2440 PNRPAutoReg - ok

09:44:04.0160 2440 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

09:44:04.0170 2440 PNRPsvc - ok

09:44:04.0310 2440 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

09:44:04.0360 2440 PolicyAgent - ok

09:44:04.0390 2440 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

09:44:04.0440 2440 Power - ok

09:44:04.0540 2440 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

09:44:04.0590 2440 PptpMiniport - ok

09:44:04.0850 2440 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

09:44:04.0910 2440 Processor - ok

09:44:05.0020 2440 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll

09:44:05.0060 2440 ProfSvc - ok

09:44:05.0110 2440 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:44:05.0140 2440 ProtectedStorage - ok

09:44:05.0180 2440 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

09:44:05.0250 2440 Psched - ok

09:44:06.0421 2440 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

09:44:06.0515 2440 ql2300 - ok

09:44:09.0026 2440 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

09:44:09.0073 2440 ql40xx - ok

09:44:09.0120 2440 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

09:44:09.0167 2440 QWAVE - ok

09:44:09.0198 2440 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

09:44:09.0229 2440 QWAVEdrv - ok

09:44:09.0229 2440 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

09:44:09.0276 2440 RasAcd - ok

09:44:09.0354 2440 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

09:44:09.0416 2440 RasAgileVpn - ok

09:44:09.0432 2440 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

09:44:09.0463 2440 RasAuto - ok

09:44:09.0494 2440 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

09:44:09.0525 2440 Rasl2tp - ok

09:44:09.0557 2440 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

09:44:09.0588 2440 RasMan - ok

09:44:09.0619 2440 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

09:44:09.0650 2440 RasPppoe - ok

09:44:09.0697 2440 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

09:44:09.0759 2440 RasSstp - ok

09:44:09.0791 2440 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

09:44:09.0822 2440 rdbss - ok

09:44:09.0853 2440 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

09:44:09.0915 2440 rdpbus - ok

09:44:09.0947 2440 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

09:44:10.0025 2440 RDPCDD - ok

09:44:10.0071 2440 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

09:44:10.0134 2440 RDPENCDD - ok

09:44:10.0165 2440 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

09:44:10.0196 2440 RDPREFMP - ok

09:44:10.0321 2440 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys

09:44:10.0352 2440 RDPWD - ok

09:44:10.0461 2440 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

09:44:10.0493 2440 rdyboost - ok

09:44:10.0664 2440 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

09:44:10.0742 2440 RemoteAccess - ok

09:44:10.0789 2440 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

09:44:10.0867 2440 RemoteRegistry - ok

09:44:11.0007 2440 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

09:44:11.0070 2440 RpcEptMapper - ok

09:44:11.0085 2440 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

09:44:11.0117 2440 RpcLocator - ok

09:44:11.0163 2440 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

09:44:11.0226 2440 RpcSs - ok

09:44:11.0304 2440 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

09:44:11.0382 2440 rspndr - ok

09:44:11.0460 2440 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:44:11.0475 2440 SamSs - ok

09:44:11.0553 2440 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

09:44:11.0585 2440 sbp2port - ok

09:44:11.0616 2440 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

09:44:11.0663 2440 SCardSvr - ok

09:44:11.0678 2440 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

09:44:11.0725 2440 scfilter - ok

09:44:12.0021 2440 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

09:44:12.0193 2440 Schedule - ok

09:44:12.0209 2440 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

09:44:12.0240 2440 SCPolicySvc - ok

09:44:12.0333 2440 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

09:44:12.0396 2440 SDRSVC - ok

09:44:12.0505 2440 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

09:44:12.0583 2440 secdrv - ok

09:44:12.0677 2440 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

09:44:12.0755 2440 seclogon - ok

09:44:12.0879 2440 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

09:44:12.0957 2440 SENS - ok

09:44:12.0973 2440 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

09:44:12.0989 2440 SensrSvc - ok

09:44:13.0004 2440 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

09:44:13.0035 2440 Serenum - ok

09:44:13.0051 2440 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

09:44:13.0067 2440 Serial - ok

09:44:13.0098 2440 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

09:44:13.0145 2440 sermouse - ok

09:44:13.0347 2440 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

09:44:13.0457 2440 SessionEnv - ok

09:44:13.0472 2440 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

09:44:13.0535 2440 sffdisk - ok

09:44:13.0581 2440 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

09:44:13.0644 2440 sffp_mmc - ok

09:44:13.0659 2440 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

09:44:13.0706 2440 sffp_sd - ok

09:44:13.0706 2440 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

09:44:13.0722 2440 sfloppy - ok

09:44:13.0769 2440 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

09:44:13.0878 2440 SharedAccess - ok

09:44:14.0096 2440 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

09:44:14.0174 2440 ShellHWDetection - ok

09:44:14.0205 2440 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

09:44:14.0221 2440 SiSRaid2 - ok

09:44:14.0221 2440 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

09:44:14.0237 2440 SiSRaid4 - ok

09:44:14.0299 2440 SkypeUpdate (f07af60b152221472fbdb2fecec4896d) C:\Program Files (x86)\Skype\Updater\Updater.exe

09:44:14.0315 2440 SkypeUpdate - ok

09:44:14.0330 2440 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

09:44:14.0361 2440 Smb - ok

09:44:14.0408 2440 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

09:44:14.0424 2440 SNMPTRAP - ok

09:44:14.0439 2440 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

09:44:14.0455 2440 spldr - ok

09:44:14.0939 2440 Spooler (85daa09a98c9286d4ea2ba8d0e644377) C:\Windows\System32\spoolsv.exe

09:44:14.0970 2440 Spooler - ok

09:44:16.0374 2440 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

09:44:16.0483 2440 sppsvc - ok

09:44:16.0764 2440 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

09:44:16.0842 2440 sppuinotify - ok

09:44:17.0778 2440 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS

09:44:17.0840 2440 SRTSP - ok

09:44:17.0887 2440 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS

09:44:17.0903 2440 SRTSPX - ok

09:44:18.0137 2440 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

09:44:18.0199 2440 srv - ok

09:44:18.0230 2440 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

09:44:18.0261 2440 srv2 - ok

09:44:18.0308 2440 SrvHsfPCI (93132c69394a99d992095d8cfe464801) C:\Windows\system32\DRIVERS\VSTBS26.SYS

09:44:18.0355 2440 SrvHsfPCI - ok

09:44:18.0433 2440 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS

09:44:18.0511 2440 SrvHsfV92 - ok

09:44:18.0932 2440 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

09:44:18.0979 2440 SrvHsfWinac - ok

09:44:19.0073 2440 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

09:44:19.0104 2440 srvnet - ok

09:44:19.0151 2440 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

09:44:19.0197 2440 SSDPSRV - ok

09:44:19.0338 2440 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

09:44:19.0431 2440 SstpSvc - ok

09:44:19.0509 2440 Steam Client Service - ok

09:44:19.0541 2440 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

09:44:19.0572 2440 stexstor - ok

09:44:19.0634 2440 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

09:44:19.0712 2440 stisvc - ok

09:44:19.0743 2440 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

09:44:19.0759 2440 swenum - ok

09:44:19.0993 2440 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

09:44:20.0087 2440 swprv - ok

09:44:20.0196 2440 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS

09:44:20.0243 2440 SymDS - ok

09:44:20.0305 2440 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS

09:44:20.0352 2440 SymEFA - ok

09:44:20.0399 2440 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

09:44:20.0430 2440 SymEvent - ok

09:44:20.0461 2440 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS

09:44:20.0477 2440 SymIRON - ok

09:44:20.0508 2440 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS

09:44:20.0539 2440 SymNetS - ok

09:44:21.0101 2440 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

09:44:21.0163 2440 SysMain - ok

09:44:21.0272 2440 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

09:44:21.0303 2440 TabletInputService - ok

09:44:21.0350 2440 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

09:44:21.0428 2440 TapiSrv - ok

09:44:21.0444 2440 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

09:44:21.0491 2440 TBS - ok

09:44:21.0631 2440 Tcpip (f782cad3cedbb3f9ffe3bf2775d92ddc) C:\Windows\system32\drivers\tcpip.sys

09:44:21.0709 2440 Tcpip - ok

09:44:21.0818 2440 TCPIP6 (f782cad3cedbb3f9ffe3bf2775d92ddc) C:\Windows\system32\DRIVERS\tcpip.sys

09:44:21.0849 2440 TCPIP6 - ok

09:44:21.0896 2440 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

09:44:21.0959 2440 tcpipreg - ok

09:44:21.0990 2440 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

09:44:22.0021 2440 TDPIPE - ok

09:44:22.0037 2440 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

09:44:22.0083 2440 TDTCP - ok

09:44:22.0115 2440 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

09:44:22.0161 2440 tdx - ok

09:44:22.0193 2440 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

09:44:22.0224 2440 TermDD - ok

09:44:22.0286 2440 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

09:44:22.0380 2440 TermService - ok

09:44:22.0427 2440 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

09:44:22.0473 2440 Themes - ok

09:44:22.0567 2440 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

09:44:22.0629 2440 THREADORDER - ok

09:44:22.0676 2440 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

09:44:22.0739 2440 TrkWks - ok

09:44:22.0941 2440 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

09:44:23.0082 2440 TrustedInstaller - ok

09:44:23.0175 2440 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

09:44:23.0253 2440 tssecsrv - ok

09:44:23.0316 2440 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

09:44:23.0363 2440 TsUsbFlt - ok

09:44:23.0409 2440 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

09:44:23.0487 2440 tunnel - ok

09:44:23.0503 2440 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

09:44:23.0519 2440 uagp35 - ok

09:44:23.0550 2440 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys

09:44:23.0550 2440 UBHelper - ok

09:44:23.0846 2440 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

09:44:23.0940 2440 udfs - ok

09:44:23.0971 2440 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

09:44:23.0987 2440 UI0Detect - ok

09:44:24.0127 2440 UleadBurningHelper (f13da74969897359a88f2a739f54a250) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

09:44:24.0158 2440 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning

09:44:24.0158 2440 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)

09:44:24.0189 2440 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

09:44:24.0205 2440 uliagpkx - ok

09:44:24.0252 2440 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

09:44:24.0283 2440 umbus - ok

09:44:24.0314 2440 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

09:44:24.0345 2440 UmPass - ok

09:44:24.0408 2440 Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe

09:44:24.0439 2440 Updater Service - ok

09:44:24.0611 2440 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

09:44:24.0689 2440 upnphost - ok

09:44:24.0782 2440 USB28xxBGA (9494736e4865f9b3a0a525ee9ab0d991) C:\Windows\system32\DRIVERS\emBDA64.sys

09:44:24.0891 2440 USB28xxBGA - ok

09:44:24.0954 2440 USB28xxOEM (612fc1cb117ccf62d3c55488c8aebd82) C:\Windows\system32\DRIVERS\emOEM64.sys

09:44:25.0001 2440 USB28xxOEM - ok

09:44:25.0063 2440 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys

09:44:25.0094 2440 USBAAPL64 - ok

09:44:25.0141 2440 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

09:44:25.0188 2440 usbaudio - ok

09:44:25.0219 2440 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

09:44:25.0235 2440 usbccgp - ok

09:44:25.0281 2440 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

09:44:25.0328 2440 usbcir - ok

09:44:25.0375 2440 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

09:44:25.0406 2440 usbehci - ok

09:44:25.0437 2440 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

09:44:25.0484 2440 usbhub - ok

09:44:25.0500 2440 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys

09:44:25.0531 2440 usbohci - ok

09:44:25.0562 2440 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

09:44:25.0625 2440 usbprint - ok

09:44:25.0656 2440 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

09:44:25.0703 2440 usbscan - ok

09:44:25.0812 2440 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

09:44:25.0859 2440 USBSTOR - ok

09:44:25.0874 2440 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

09:44:25.0921 2440 usbuhci - ok

09:44:25.0937 2440 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

09:44:25.0999 2440 UxSms - ok

09:44:26.0046 2440 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:44:26.0077 2440 VaultSvc - ok

09:44:26.0093 2440 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

09:44:26.0108 2440 vdrvroot - ok

09:44:26.0295 2440 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

09:44:26.0420 2440 vds - ok

09:44:26.0451 2440 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

09:44:26.0467 2440 vga - ok

09:44:26.0467 2440 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

09:44:26.0514 2440 VgaSave - ok

09:44:26.0545 2440 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

09:44:26.0561 2440 vhdmp - ok

09:44:26.0592 2440 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

09:44:26.0607 2440 viaide - ok

09:44:26.0623 2440 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

09:44:26.0639 2440 volmgr - ok

09:44:26.0701 2440 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

09:44:26.0732 2440 volmgrx - ok

09:44:26.0779 2440 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

09:44:26.0810 2440 volsnap - ok

09:44:26.0841 2440 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

09:44:26.0857 2440 vsmraid - ok

09:44:27.0107 2440 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

09:44:27.0216 2440 VSS - ok

09:44:27.0699 2440 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

09:44:27.0746 2440 vwifibus - ok

09:44:27.0793 2440 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

09:44:27.0840 2440 W32Time - ok

09:44:27.0855 2440 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

09:44:27.0855 2440 WacomPen - ok

09:44:27.0933 2440 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

09:44:28.0011 2440 WANARP - ok

09:44:28.0027 2440 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

09:44:28.0043 2440 Wanarpv6 - ok

09:44:28.0339 2440 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

09:44:28.0417 2440 WatAdminSvc - ok

09:44:28.0979 2440 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

09:44:29.0041 2440 wbengine - ok

09:44:32.0567 2440 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

09:44:32.0613 2440 WbioSrvc - ok

09:44:32.0832 2440 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

09:44:32.0879 2440 wcncsvc - ok

09:44:32.0988 2440 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

09:44:33.0019 2440 WcsPlugInService - ok

09:44:33.0175 2440 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

09:44:33.0206 2440 Wd - ok

09:44:33.0284 2440 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

09:44:33.0315 2440 Wdf01000 - ok

09:44:33.0331 2440 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

09:44:33.0347 2440 WdiServiceHost - ok

09:44:33.0362 2440 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

09:44:33.0362 2440 WdiSystemHost - ok

09:44:33.0409 2440 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

09:44:33.0456 2440 WebClient - ok

09:44:33.0487 2440 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

09:44:33.0518 2440 Wecsvc - ok

09:44:33.0549 2440 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

09:44:33.0612 2440 wercplsupport - ok

09:44:33.0627 2440 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

09:44:33.0659 2440 WerSvc - ok

09:44:33.0705 2440 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

09:44:33.0768 2440 WfpLwf - ok

09:44:33.0783 2440 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

09:44:33.0783 2440 WIMMount - ok

09:44:33.0846 2440 WinDefend - ok

09:44:33.0861 2440 WinHttpAutoProxySvc - ok

09:44:33.0908 2440 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

09:44:33.0955 2440 Winmgmt - ok

09:44:34.0064 2440 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

09:44:34.0127 2440 WinRM - ok

09:44:34.0205 2440 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

09:44:34.0251 2440 WinUsb - ok

09:44:34.0688 2440 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

09:44:34.0782 2440 Wlansvc - ok

09:44:34.0907 2440 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

09:44:34.0938 2440 wlcrasvc - ok

09:44:36.0373 2440 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

09:44:36.0420 2440 wlidsvc - ok

09:44:37.0153 2440 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

09:44:37.0200 2440 WmiAcpi - ok

09:44:37.0512 2440 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

09:44:37.0590 2440 wmiApSrv - ok

09:44:37.0652 2440 WMPNetworkSvc - ok

09:44:37.0886 2440 WMZuneComm (58540037a4a3eeeefa47c84100e1694f) C:\Program Files\Zune\WMZuneComm.exe

09:44:37.0917 2440 WMZuneComm - ok

09:44:37.0949 2440 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

09:44:37.0949 2440 WPCSvc - ok

09:44:38.0120 2440 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

09:44:38.0151 2440 WPDBusEnum - ok

09:44:38.0167 2440 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

09:44:38.0214 2440 ws2ifsl - ok

09:44:38.0229 2440 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

09:44:38.0261 2440 wscsvc - ok

09:44:38.0261 2440 WSearch - ok

09:44:39.0399 2440 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll

09:44:39.0509 2440 wuauserv - ok

09:44:39.0992 2440 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

09:44:40.0039 2440 WudfPf - ok

09:44:40.0070 2440 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

09:44:40.0117 2440 WUDFRd - ok

09:44:40.0148 2440 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

09:44:40.0179 2440 wudfsvc - ok

09:44:40.0476 2440 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

09:44:40.0538 2440 WwanSvc - ok

09:44:40.0647 2440 xusb21 (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys

09:44:40.0663 2440 xusb21 - ok

09:44:40.0710 2440 yksvc (ad4617b499f900ebb56b0afab627b243) C:\Windows\System32\yk62x64.dll

09:44:40.0757 2440 yksvc - ok

09:44:40.0788 2440 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys

09:44:40.0835 2440 yukonw7 - ok

09:44:42.0722 2440 ZuneNetworkSvc (d6ef205269c2a584af6b56b9f95010f8) C:\Program Files\Zune\ZuneNss.exe

09:44:42.0956 2440 ZuneNetworkSvc - ok

09:44:43.0081 2440 ZuneWlanCfgSvc (7a565afe58f3822a9e622868e5cc0e5c) C:\Program Files\Zune\ZuneWlanCfgSvc.exe

09:44:43.0128 2440 ZuneWlanCfgSvc - ok

09:44:43.0159 2440 MBR (0x1B8) (70e629b51c16b3c007730c6ae57144c9) \Device\Harddisk0\DR0

09:44:46.0014 2440 \Device\Harddisk0\DR0 - ok

09:44:46.0029 2440 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR1

09:44:48.0260 2440 \Device\Harddisk1\DR1 - ok

09:44:48.0260 2440 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2

09:44:48.0432 2440 \Device\Harddisk2\DR2 - ok

09:44:48.0448 2440 Boot (0x1200) (5a06c24c7018e84eed0d8c136fc05337) \Device\Harddisk0\DR0\Partition0

09:44:48.0479 2440 \Device\Harddisk0\DR0\Partition0 - ok

09:44:48.0510 2440 Boot (0x1200) (6b69ee041eb88f1922d428abbf29cad4) \Device\Harddisk0\DR0\Partition1

09:44:48.0541 2440 \Device\Harddisk0\DR0\Partition1 - ok

09:44:48.0557 2440 Boot (0x1200) (a777a6290efd2a75355860eb71e155ec) \Device\Harddisk1\DR1\Partition0

09:44:48.0557 2440 \Device\Harddisk1\DR1\Partition0 - ok

09:44:48.0572 2440 Boot (0x1200) (b4771c7903dfa543dec07d9ee2291d19) \Device\Harddisk2\DR2\Partition0

09:44:48.0572 2440 \Device\Harddisk2\DR2\Partition0 - ok

09:44:48.0572 2440 ============================================================

09:44:48.0572 2440 Scan finished

09:44:48.0572 2440 ============================================================

09:44:48.0588 1232 Detected object count: 1

09:44:48.0588 1232 Actual detected object count: 1

09:44:57.0886 1232 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user

09:44:57.0886 1232 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip

MrCharlie · September 15, 2012

OK, that didn't pickup the infection, you'll have to continue with these instructions:

http://forums.malwarebytes.org/index.php?showtopic=115649&view=findpost&p=596900

MrC

11Garrett · September 15, 2012

ive tried that a few times in the past few days and every time i start windows by pressing f8 and i select the option to clean the computer it goes to a black screen with a loading bar and says "loading widows files" and it just stays there ive let it run for about 4 hours that way and it didnt do anything

MrCharlie · September 16, 2012

Can you try it with your windows cd? MrC

11Garrett · September 19, 2012

the widows cd? as in the windows program cd?

MrCharlie · September 19, 2012

Yes, did the computer come with a Windows CD? MrC

need help removing a Win32/Olmarik.TDL4 trojan on widows 7

Recommended Posts

Link to post

Share on other sites

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information