Results 1 to 3 of 3

Thread: Win32.downloader.gen - Need OCD's help (MK) Part 1

  1. #1
    Junior Member
    Join Date
    Jan 2009
    Posts
    6

    Default Win32.downloader.gen - Need OCD's help (MK) Part 1

    Hello OCD,

    My original thread was closed. Since I travel I can't get back to my PC within three days so please keep this thread open for 10 days. Thank you.

    Your requested items will follow. (Part 1 of 2)

    1. I deleted Reimage as requested.

    2. A fresh OTL.txt file follows.

    3. AdwCleaner[S1].txt - I followed your instructions, however, when I clicked on the blue link you provided labeled "AdwCleaner", it brought me to a page that downloaded Reimage Repair. When I ran the scan the results showed problems but the fix was only available if I purched their program. No .txt file resulted. I'm confused. I thought Reimage Repair was one of the files you strongly recommended I uninstall for my PC.

    4. TDSSKiller.2.8.16.0_02.06.2013_16.57.05_log.txt file follows.

    Also since this is a New Thread, a fresh DDS and MBR will follow.

    *********************************************************************************************************************


    OTL.txt


    OTL logfile created on: 7/13/2013 4:24:26 PM - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Road King\Desktop
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.49 Gb Total Physical Memory | 2.38 Gb Available Physical Memory | 68.06% Memory free
    7.16 Gb Paging File | 6.15 Gb Available in Paging File | 85.95% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 120.01 Gb Total Space | 42.14 Gb Free Space | 35.11% Space Free | Partition Type: NTFS
    Drive D: | 112.88 Gb Total Space | 28.89 Gb Free Space | 25.59% Space Free | Partition Type: NTFS

    Computer Name: ROADKING-LT | User Name: Road King | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe (Google Inc.)
    PRC - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe (Reimage®)
    PRC - C:\Users\Road King\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
    PRC - C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.)
    PRC - C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
    PRC - C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
    PRC - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    PRC - C:\Program Files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
    PRC - C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccsvchst.exe (Symantec Corporation)
    PRC - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
    PRC - C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
    PRC - C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe ()
    PRC - C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe ()
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
    PRC - C:\Program Files\CyberLink\PCM4Everio\EverioService.exe (CyberLink Corp.)
    PRC - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
    PRC - C:\Program Files\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.)
    PRC - C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.)
    PRC - C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
    PRC - C:\Windows\sttray.exe (SigmaTel, Inc.)
    PRC - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
    PRC - C:\Windows\System32\stacsv.exe (SigmaTel, Inc.)
    PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
    PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
    PRC - C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.)


    ========== Modules (No Company Name) ==========

    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59375bfcbdf9a51a963b71c10f6204d4\System.Runtime.Remoting.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\d8f9327ccf9ae9cd853d9f9c6c8807bc\System.Web.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\e3cc2cbffd5fb21da64e93d9b6c27c7c\System.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll ()
    MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
    MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
    MOD - C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe ()
    MOD - C:\Program Files\CyberLink\PCM4Everio\Kernel\common\CLEverioDetector.dll ()
    MOD - C:\Windows\System32\igfxTMM.dll ()
    MOD - C:\Windows\System32\bcmwlrmt.dll ()
    MOD - C:\Program Files\Dell\QuickSet\dadkeyb.dll ()
    MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
    MOD - C:\Windows\System32\btwhidcs.dll ()


    ========== Services (SafeList) ==========

    SRV - (ReimageRealTimeProtection) -- C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe (Reimage®)
    SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
    SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
    SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    SRV - (N360) -- C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccSvcHst.exe (Symantec Corporation)
    SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
    SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
    SRV - (MatSvc) -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe (Microsoft Corporation)
    SRV - (AntiSpywareService) -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe ()
    SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (SigmaTel, Inc.)
    SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (RimUsb) -- System32\Drivers\RimUsb.sys File not found
    DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
    DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
    DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
    DRV - (cpuz134) -- C:\Users\ROADKI~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys File not found
    DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
    DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx86.sys (Symantec Corporation)
    DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130712.016\NAVEX15.SYS (Symantec Corporation)
    DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130712.016\NAVENG.SYS (Symantec Corporation)
    DRV - (SymEFA) -- C:\Windows\System32\drivers\N360\1403010.016\symefa.sys (Symantec Corporation)
    DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
    DRV - (SRTSP) -- C:\Windows\System32\drivers\N360\1403010.016\srtsp.sys (Symantec Corporation)
    DRV - (SRTSPX) -- C:\Windows\System32\drivers\N360\1403010.016\srtspx.sys (Symantec Corporation)
    DRV - (SymDS) -- C:\Windows\System32\drivers\N360\1403010.016\symds.sys (Symantec Corporation)
    DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
    DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130712.001\IDSvix86.sys (Symantec Corporation)
    DRV - (ccSet_N360) -- C:\Windows\System32\drivers\N360\1403010.016\ccsetx86.sys (Symantec Corporation)
    DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
    DRV - (SymIRON) -- C:\Windows\System32\drivers\N360\1403010.016\ironx86.sys (Symantec Corporation)
    DRV - (SYMTDIv) -- C:\Windows\System32\drivers\N360\1403010.016\symtdiv.sys (Symantec Corporation)
    DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
    DRV - (SMSIVZAM5) -- C:\Program Files\Verizon Wireless\VZAccess Manager\SMSIVZAM5.sys (Smith Micro Inc.)
    DRV - (NWUSBCDFIL) -- C:\Windows\System32\drivers\NwUsbCdFil.sys (Novatel Wireless Inc.)
    DRV - (NWADI) -- C:\Windows\System32\drivers\NWADIenum.sys (Novatel Wireless Inc)
    DRV - (NWUSBPort2) -- C:\Windows\System32\drivers\nwusbser2.sys (Novatel Wireless Inc.)
    DRV - (NWUSBPort) -- C:\Windows\System32\drivers\nwusbser.sys (Novatel Wireless Inc.)
    DRV - (NWUSBModem) -- C:\Windows\System32\drivers\nwusbmdm.sys (Novatel Wireless Inc.)
    DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
    DRV - (OEM02Dev) -- C:\Windows\System32\drivers\OEM02Dev.sys (Creative Technology Ltd.)
    DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
    DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (SigmaTel, Inc.)
    DRV - (OEM02Vfx) -- C:\Windows\System32\drivers\OEM02Vfx.sys (EyePower Games Pte. Ltd.)
    DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
    DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
    DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
    DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Road King\Desktop
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
    IE - HKCU\..\SearchScopes,DefaultScope = {56FB5B01-5992-4DB0-AFF6-B49D177C0A1F}
    IE - HKCU\..\SearchScopes\{56FB5B01-5992-4DB0-AFF6-B49D177C0A1F}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MS8TDF&pc=MS8TDF&src=IE-SearchBox
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Road King\AppData\Roaming\Move Networks\plugins\npqmp071706000001.dll (Move Networks)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
    FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Road King\AppData\Roaming\Move Networks\plugins\npqmp071706000001.dll (Move Networks)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/18 22:30:27 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013/07/13 15:58:08 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2013/07/13 15:02:31 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/01/19 11:47:30 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/01/19 11:47:30 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/18 22:30:27 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Users\Road King\AppData\Roaming\Move Networks [2010/08/21 22:28:37 | 000,000,000 | ---D | M]

    [2008/08/03 15:34:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Road King\AppData\Roaming\Mozilla\Extensions
    [2008/08/03 15:34:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Road King\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com

    ========== Chrome ==========

    CHR - Extension: No name found = C:\Users\Road King\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: No name found = C:\Users\Road King\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: No name found = C:\Users\Road King\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\
    CHR - Extension: No name found = C:\Users\Road King\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\
    CHR - Extension: No name found = C:\Users\Road King\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\
    CHR - Extension: No name found = C:\Users\Road King\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.2.0.18_0\
    CHR - Extension: No name found = C:\Users\Road King\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2009/01/02 22:56:58 | 000,290,820 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 www.00hq.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 www.0scan.com
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
    O1 - Hosts: 127.0.0.1 www.1001namen.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 www.100888290cs.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 www.10sek.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 www.1-2005-search.com
    O1 - Hosts: 10017 more lines...
    O2 - BHO: (Updater For Comcast Toolbar 3.5) - {164d3751-cac6-4a6d-becd-ea67df61d232} - C:\Program Files\comcasttb\auxi\comcastAu.dll (Visicom Media)
    O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
    O2 - BHO: (Comcast Toolbar 3.5) - {4E77EDAD-9566-4089-88D1-C81498CEE770} - C:\Program Files\comcasttb\comcasttb.dll (Visicom Media Inc)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
    O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ips\ipsbho.dll (Symantec Corporation)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll File not found
    O2 - BHO: (Comcast Toolbar) - {79CEEA4E-C231-4614-9E3B-53B2A02F39B7} - C:\Program Files\comcasttb\comcastdx.dll ()
    O2 - BHO: (Advertising Cookie Opt-out) - {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} - C:\Program Files\Google\Advertising Cookie Opt-out\opt_out.dll (Google Inc)
    O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3 - HKLM\..\Toolbar: (Comcast Toolbar 3.5) - {4E77EDAD-9566-4089-88D1-C81498CEE770} - C:\Program Files\comcasttb\comcasttb.dll (Visicom Media Inc)
    O3 - HKLM\..\Toolbar: (Comcast Toolbar) - {79CEEA4E-C231-4614-9E3B-53B2A02F39B7} - C:\Program Files\comcasttb\comcastdx.dll ()
    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
    O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [EverioService] C:\Program Files\CyberLink\PCM4Everio\EverioService.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
    O4 - HKLM..\Run: [OtShot] C:\Program Files\OtShot\otshot.exe -minimize File not found
    O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
    O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
    O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
    O4 - HKCU..\Run: [ComcastAntispyClient] C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe ()
    O4 - HKCU..\Run: [DW7] "C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe" File not found
    O4 - HKCU..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
    O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe File not found
    O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    O4 - Startup: C:\Users\Road King\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
    O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.11.2)
    O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.11.2)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B868A5B-0DF3-4112-9BBE-C9654C0D1DA6}: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A7B6EB6E-E9F9-456E-B3D9-AD0448FB6F5E}: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Users\Road King\Louanne's Pictures\image014[1].jpg
    O24 - Desktop BackupWallPaper: C:\Users\Road King\Louanne's Pictures\image014[1].jpg
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{330e082c-3d64-11dd-99b4-001c26dfceb0}\Shell\AutoRun\command - "" = .\Encryption Tool\MaxtorEncryption.exe
    O33 - MountPoints2\{6bc5bbf6-ffbf-11dd-b986-001c26dfceb0}\Shell - "" = AutoRun
    O33 - MountPoints2\{6bc5bbf6-ffbf-11dd-b986-001c26dfceb0}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    O33 - MountPoints2\{7924c0d1-6189-11dd-a3e0-001c26dfceb0}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe
    O33 - MountPoints2\{7f882695-b00c-11e0-a580-001c23f8811a}\Shell - "" = AutoRun
    O33 - MountPoints2\{7f882695-b00c-11e0-a580-001c23f8811a}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe /z detect
    O33 - MountPoints2\{a0858a41-d269-11e0-b554-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{a0858a41-d269-11e0-b554-806e6f6e6963}\Shell\AutoRun\command - "" = G:\VZAccess_Manager.exe /z detect
    O33 - MountPoints2\F\Shell\AutoRun\command - "" = .\Encryption Tool\MaxtorEncryption.exe
    O33 - MountPoints2\G\Shell - "" = AutoRun
    O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\VZAccess_Manager.exe /z detect
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/07/13 16:18:47 | 000,000,000 | ---D | C] -- C:\Users\Road King\Desktop\Original Logs
    [2013/07/13 16:02:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
    [2013/07/13 16:02:48 | 000,000,000 | ---D | C] -- C:\rei
    [2013/07/13 16:02:41 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage
    [2013/07/13 15:52:32 | 000,000,000 | ---D | C] -- C:\_OTL
    [2013/07/12 18:21:26 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2013/07/12 18:21:25 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2013/07/12 18:21:25 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2013/07/12 18:21:24 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2013/07/12 18:21:24 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2013/07/12 18:21:23 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2013/07/12 18:21:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
    [2013/07/12 18:21:22 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2013/07/10 17:37:13 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
    [2013/07/10 17:37:04 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
    [2013/07/10 17:37:03 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
    [2013/07/10 17:37:03 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
    [2013/07/10 17:37:03 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
    [2013/07/10 17:37:03 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
    [2013/07/10 17:37:03 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
    [2013/07/10 17:37:03 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
    [2013/07/10 17:37:03 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
    [2013/07/10 17:37:03 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
    [2013/07/10 17:37:02 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
    [2013/06/30 18:37:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Road King\Desktop\OTL.exe
    [2013/06/16 21:42:00 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Road King\Desktop\aswMBR.exe
    [2013/06/16 21:35:08 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Road King\Desktop\dds.scr
    [2013/06/16 21:34:29 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
    [2013/06/16 21:33:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
    [2013/06/16 21:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
    [2013/06/16 21:32:42 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Road King\Desktop\erunt-setup.exe
    [2013/06/15 23:00:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2013/06/15 23:00:23 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2013/06/15 22:00:25 | 000,000,000 | ---D | C] -- C:\Users\Road King\AppData\Local\WinZip
    [2013/06/15 21:59:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
    [2013/06/15 21:59:11 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
    [12 C:\Users\Road King\Documents\*.tmp files -> C:\Users\Road King\Documents\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    [1 C:\Users\Road King\*.tmp files -> C:\Users\Road King\*.tmp -> ]
    [1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/07/13 16:30:17 | 000,644,800 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2013/07/13 16:30:17 | 000,120,822 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2013/07/13 16:23:14 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/07/13 16:23:12 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Road King.job
    [2013/07/13 16:22:59 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/07/13 16:22:59 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/07/13 16:22:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/07/13 16:21:38 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
    [2013/07/13 16:12:35 | 000,000,162 | ---- | M] () -- C:\Windows\Reimage.ini
    [2013/07/13 16:02:49 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
    [2013/07/13 15:59:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/07/13 15:50:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/07/13 12:56:25 | 000,000,930 | ---- | M] () -- C:\Users\Road King\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
    [2013/07/13 12:56:25 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/07/13 12:25:15 | 000,264,392 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2013/07/08 19:32:42 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Road King.job
    [2013/06/30 18:37:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Road King\Desktop\OTL.exe
    [2013/06/30 18:11:16 | 000,890,988 | ---- | M] () -- C:\Users\Road King\Desktop\SecurityCheck.exe
    [2013/06/22 21:24:00 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_Road King.job
    [2013/06/16 21:43:29 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Road King\Desktop\aswMBR.exe
    [2013/06/16 21:35:08 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Road King\Desktop\dds.scr
    [2013/06/16 21:33:32 | 000,000,913 | ---- | M] () -- C:\Users\Road King\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2013/06/16 21:33:23 | 000,000,714 | ---- | M] () -- C:\Users\Road King\Desktop\ERUNT.lnk
    [2013/06/16 21:32:49 | 000,006,324 | ---- | M] () -- C:\Users\Road King\AppData\Local\d3d9caps.dat
    [2013/06/16 21:32:47 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Road King\Desktop\erunt-setup.exe
    [2013/06/15 21:59:51 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
    [2013/06/15 21:59:51 | 000,001,800 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
    [12 C:\Users\Road King\Documents\*.tmp files -> C:\Users\Road King\Documents\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    [1 C:\Users\Road King\*.tmp files -> C:\Users\Road King\*.tmp -> ]
    [1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/07/13 16:02:49 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
    [2013/07/13 12:56:25 | 000,000,930 | ---- | C] () -- C:\Users\Road King\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
    [2013/06/30 18:11:16 | 000,890,988 | ---- | C] () -- C:\Users\Road King\Desktop\SecurityCheck.exe
    [2013/06/16 21:33:31 | 000,000,913 | ---- | C] () -- C:\Users\Road King\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2013/06/16 21:33:23 | 000,000,714 | ---- | C] () -- C:\Users\Road King\Desktop\ERUNT.lnk
    [2013/06/15 23:00:25 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/06/15 22:23:09 | 000,000,162 | ---- | C] () -- C:\Windows\Reimage.ini
    [2013/06/15 21:59:51 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
    [2013/06/15 21:59:35 | 000,001,800 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
    [2013/06/14 21:21:22 | 000,000,392 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Road King.job
    [2013/06/14 21:21:21 | 000,000,386 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Road King.job
    [2013/06/14 21:21:16 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateXML_Road King.job
    [2013/02/08 18:21:24 | 000,053,128 | ---- | C] () -- C:\Users\Road King\image014[1].jpg
    [2012/01/08 18:13:26 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
    [2011/08/07 12:35:26 | 000,000,288 | ---- | C] () -- C:\Users\Road King\AppData\Roaming\.backup.dm
    [2011/05/18 17:58:57 | 000,001,940 | ---- | C] () -- C:\Users\Road King\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
    [2010/10/24 19:13:10 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
    [2008/06/18 18:13:56 | 000,008,192 | ---- | C] () -- C:\Users\Road King\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2008/06/16 20:52:56 | 000,006,324 | ---- | C] () -- C:\Users\Road King\AppData\Local\d3d9caps.dat

    ========== ZeroAccess Check ==========

    [2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    < End of report >


    **************************************************************************************************************

    TDSSKiller log



    16:57:05.0179 2068 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
    16:57:05.0865 2068 ============================================================
    16:57:05.0865 2068 Current date / time: 2013/06/02 16:57:05.0865
    16:57:05.0865 2068 SystemInfo:
    16:57:05.0866 2068
    16:57:05.0866 2068 OS Version: 6.0.6002 ServicePack: 2.0
    16:57:05.0866 2068 Product type: Workstation
    16:57:05.0866 2068 ComputerName: ROADKING-LT
    16:57:05.0866 2068 UserName: Road King
    16:57:05.0866 2068 Windows directory: C:\Windows
    16:57:05.0866 2068 System windows directory: C:\Windows
    16:57:05.0866 2068 Processor architecture: Intel x86
    16:57:05.0866 2068 Number of processors: 2
    16:57:05.0866 2068 Page size: 0x1000
    16:57:05.0866 2068 Boot type: Normal boot
    16:57:05.0866 2068 ============================================================
    16:57:06.0413 2068 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    16:57:06.0416 2068 ============================================================
    16:57:06.0416 2068 \Device\Harddisk0\DR0:
    16:57:06.0416 2068 MBR partitions:
    16:57:06.0416 2068 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x40, BlocksNum 0xF003E72
    16:57:06.0416 2068 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF003EB2, BlocksNum 0xE1C06CF
    16:57:06.0416 2068 ============================================================
    16:57:06.0435 2068 C: <-> \Device\Harddisk0\DR0\Partition1
    16:57:06.0484 2068 D: <-> \Device\Harddisk0\DR0\Partition2
    16:57:06.0484 2068 ============================================================
    16:57:06.0484 2068 Initialize success
    16:57:06.0484 2068 ============================================================
    16:57:18.0230 3188 ============================================================
    16:57:18.0231 3188 Scan started
    16:57:18.0231 3188 Mode: Manual; TDLFS;
    16:57:18.0231 3188 ============================================================
    16:57:18.0993 3188 ================ Scan system memory ========================
    16:57:18.0993 3188 System memory - ok
    16:57:18.0995 3188 ================ Scan services =============================
    16:57:19.0314 3188 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
    16:57:19.0321 3188 ACPI - ok
    16:57:19.0468 3188 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    16:57:19.0470 3188 AdobeARMservice - ok
    16:57:19.0564 3188 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    16:57:19.0566 3188 AdobeFlashPlayerUpdateSvc - ok
    16:57:19.0633 3188 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
    16:57:19.0640 3188 adp94xx - ok
    16:57:19.0666 3188 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
    16:57:19.0668 3188 adpahci - ok
    16:57:19.0689 3188 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
    16:57:19.0690 3188 adpu160m - ok
    16:57:19.0707 3188 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
    16:57:19.0708 3188 adpu320 - ok
    16:57:19.0761 3188 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    16:57:19.0761 3188 AeLookupSvc - ok
    16:57:19.0824 3188 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
    16:57:19.0829 3188 AFD - ok
    16:57:19.0889 3188 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
    16:57:19.0890 3188 agp440 - ok
    16:57:19.0919 3188 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
    16:57:19.0921 3188 aic78xx - ok
    16:57:19.0961 3188 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
    16:57:19.0962 3188 ALG - ok
    16:57:19.0998 3188 [ 3A99CB23A2D326FD532618705D6E3048 ] aliide C:\Windows\system32\drivers\aliide.sys
    16:57:19.0999 3188 aliide - ok
    16:57:20.0043 3188 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
    16:57:20.0045 3188 amdagp - ok
    16:57:20.0062 3188 [ 4333C133DBD71C7D7FE4FB1B83F9EE3E ] amdide C:\Windows\system32\drivers\amdide.sys
    16:57:20.0063 3188 amdide - ok
    16:57:20.0084 3188 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
    16:57:20.0085 3188 AmdK7 - ok
    16:57:20.0116 3188 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
    16:57:20.0118 3188 AmdK8 - ok
    16:57:20.0208 3188 [ F9DAC844B1D370DA4C984D4C22F5E696 ] AntiSpywareService C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
    16:57:20.0228 3188 AntiSpywareService - ok
    16:57:20.0305 3188 [ 350F19EB5FE4EC37A2414DF56CDE1AA8 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
    16:57:20.0308 3188 ApfiltrService - ok
    16:57:20.0361 3188 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
    16:57:20.0362 3188 Appinfo - ok
    16:57:20.0471 3188 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    16:57:20.0473 3188 Apple Mobile Device - ok
    16:57:20.0500 3188 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
    16:57:20.0501 3188 arc - ok
    16:57:20.0570 3188 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
    16:57:20.0571 3188 arcsas - ok
    16:57:20.0732 3188 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
    16:57:20.0734 3188 aspnet_state - ok
    16:57:20.0779 3188 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    16:57:20.0780 3188 AsyncMac - ok
    16:57:20.0845 3188 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
    16:57:20.0846 3188 atapi - ok
    16:57:20.0893 3188 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    16:57:20.0899 3188 AudioEndpointBuilder - ok
    16:57:20.0937 3188 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
    16:57:20.0941 3188 Audiosrv - ok
    16:57:20.0999 3188 [ 502F1C30BD50B32D00CE4DCAECC3D3C7 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
    16:57:21.0002 3188 b57nd60x - ok
    16:57:21.0062 3188 [ 746F59822A5187510471FC46889B8CC9 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
    16:57:21.0084 3188 BCM43XV - ok
    16:57:21.0122 3188 [ 746F59822A5187510471FC46889B8CC9 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
    16:57:21.0129 3188 BCM43XX - ok
    16:57:21.0192 3188 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
    16:57:21.0192 3188 Beep - ok
    16:57:21.0235 3188 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
    16:57:21.0239 3188 BFE - ok
    16:57:21.0422 3188 [ 89BF5550E4FC31E3FE728E68C558BF10 ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130515.001\BHDrvx86.sys
    16:57:21.0433 3188 BHDrvx86 - ok
    16:57:21.0527 3188 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
    16:57:21.0535 3188 BITS - ok
    16:57:21.0540 3188 blbdrive - ok
    16:57:21.0625 3188 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    16:57:21.0628 3188 Bonjour Service - ok
    16:57:21.0654 3188 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    16:57:21.0655 3188 bowser - ok
    16:57:21.0700 3188 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
    16:57:21.0701 3188 BrFiltLo - ok
    16:57:21.0718 3188 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
    16:57:21.0718 3188 BrFiltUp - ok
    16:57:21.0763 3188 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
    16:57:21.0764 3188 Browser - ok
    16:57:21.0785 3188 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
    16:57:21.0786 3188 Brserid - ok
    16:57:21.0803 3188 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
    16:57:21.0804 3188 BrSerWdm - ok
    16:57:21.0827 3188 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
    16:57:21.0828 3188 BrUsbMdm - ok
    16:57:21.0849 3188 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
    16:57:21.0850 3188 BrUsbSer - ok
    16:57:21.0901 3188 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
    16:57:21.0902 3188 BthEnum - ok
    16:57:21.0937 3188 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
    16:57:21.0938 3188 BTHMODEM - ok
    16:57:21.0984 3188 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
    16:57:21.0987 3188 BthPan - ok
    16:57:22.0040 3188 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
    16:57:22.0051 3188 BTHPORT - ok
    16:57:22.0095 3188 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
    16:57:22.0097 3188 BthServ - ok
    16:57:22.0126 3188 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
    16:57:22.0127 3188 BTHUSB - ok
    16:57:22.0222 3188 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_N360 C:\Windows\system32\drivers\N360\1403010.016\ccSetx86.sys
    16:57:22.0226 3188 ccSet_N360 - ok
    16:57:22.0292 3188 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    16:57:22.0294 3188 cdfs - ok
    16:57:22.0345 3188 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
    16:57:22.0369 3188 cdrom - ok
    16:57:22.0437 3188 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
    16:57:22.0439 3188 CertPropSvc - ok
    16:57:22.0486 3188 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
    16:57:22.0487 3188 circlass - ok
    16:57:22.0536 3188 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
    16:57:22.0543 3188 CLFS - ok
    16:57:22.0604 3188 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    16:57:22.0607 3188 clr_optimization_v2.0.50727_32 - ok
    16:57:22.0677 3188 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    16:57:22.0682 3188 clr_optimization_v4.0.30319_32 - ok
    16:57:22.0729 3188 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    16:57:22.0730 3188 CmBatt - ok
    16:57:22.0777 3188 [ DFB94A6FC3A26972B0461AB5F1D8272B ] cmdide C:\Windows\system32\drivers\cmdide.sys
    16:57:22.0779 3188 cmdide - ok
    16:57:22.0819 3188 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    16:57:22.0820 3188 Compbatt - ok
    16:57:22.0833 3188 COMSysApp - ok
    16:57:22.0868 3188 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
    16:57:22.0869 3188 crcdisk - ok
    16:57:22.0902 3188 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
    16:57:22.0904 3188 Crusoe - ok
    16:57:22.0968 3188 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
    16:57:22.0972 3188 CryptSvc - ok
    16:57:23.0048 3188 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
    16:57:23.0062 3188 DcomLaunch - ok
    16:57:23.0119 3188 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    16:57:23.0121 3188 DfsC - ok
    16:57:23.0254 3188 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
    16:57:23.0323 3188 DFSR - ok
    16:57:23.0446 3188 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
    16:57:23.0450 3188 Dhcp - ok
    16:57:23.0505 3188 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
    16:57:23.0507 3188 disk - ok
    16:57:23.0566 3188 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
    16:57:23.0569 3188 Dnscache - ok
    16:57:23.0623 3188 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
    16:57:23.0626 3188 dot3svc - ok
    16:57:23.0669 3188 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
    16:57:23.0671 3188 Dot4 - ok
    16:57:23.0703 3188 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
    16:57:23.0704 3188 Dot4Print - ok
    16:57:23.0740 3188 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
    16:57:23.0741 3188 dot4usb - ok
    16:57:23.0793 3188 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
    16:57:23.0794 3188 DPS - ok
    16:57:23.0843 3188 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    16:57:23.0843 3188 drmkaud - ok
    16:57:23.0889 3188 [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    16:57:23.0910 3188 DXGKrnl - ok
    16:57:23.0944 3188 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
    16:57:23.0945 3188 E1G60 - ok
    16:57:23.0985 3188 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
    16:57:23.0987 3188 EapHost - ok
    16:57:24.0054 3188 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
    16:57:24.0055 3188 Ecache - ok
    16:57:24.0105 3188 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
    16:57:24.0111 3188 eeCtrl - ok
    16:57:24.0164 3188 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    16:57:24.0170 3188 ehRecvr - ok
    16:57:24.0196 3188 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
    16:57:24.0198 3188 ehSched - ok
    16:57:24.0212 3188 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
    16:57:24.0213 3188 ehstart - ok
    16:57:24.0263 3188 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
    16:57:24.0272 3188 elxstor - ok
    16:57:24.0328 3188 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
    16:57:24.0339 3188 EMDMgmt - ok
    16:57:24.0410 3188 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
    16:57:24.0412 3188 EraserUtilRebootDrv - ok
    16:57:24.0471 3188 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
    16:57:24.0474 3188 EventSystem - ok
    16:57:24.0520 3188 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
    16:57:24.0522 3188 exfat - ok
    16:57:24.0567 3188 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
    16:57:24.0570 3188 fastfat - ok
    16:57:24.0602 3188 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
    16:57:24.0603 3188 fdc - ok
    16:57:24.0638 3188 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
    16:57:24.0639 3188 fdPHost - ok
    16:57:24.0655 3188 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
    16:57:24.0657 3188 FDResPub - ok
    16:57:24.0698 3188 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    16:57:24.0699 3188 FileInfo - ok
    16:57:24.0740 3188 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    16:57:24.0741 3188 Filetrace - ok
    16:57:24.0770 3188 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
    16:57:24.0771 3188 flpydisk - ok
    16:57:24.0810 3188 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    16:57:24.0814 3188 FltMgr - ok
    16:57:24.0902 3188 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
    16:57:24.0912 3188 FontCache - ok
    16:57:24.0993 3188 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    16:57:24.0994 3188 FontCache3.0.0.0 - ok
    16:57:25.0032 3188 [ D909075FA72C090F27AA926C32CB4612 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
    16:57:25.0033 3188 fssfltr - ok
    16:57:25.0165 3188 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    16:57:25.0210 3188 fsssvc - ok
    16:57:25.0249 3188 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    16:57:25.0250 3188 Fs_Rec - ok
    16:57:25.0290 3188 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
    16:57:25.0292 3188 gagp30kx - ok
    16:57:25.0347 3188 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
    16:57:25.0348 3188 GEARAspiWDM - ok
    16:57:25.0402 3188 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
    16:57:25.0410 3188 gpsvc - ok
    16:57:25.0501 3188 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
    16:57:25.0504 3188 gupdate - ok
    16:57:25.0530 3188 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
    16:57:25.0531 3188 gupdatem - ok
    16:57:25.0579 3188 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    16:57:25.0585 3188 HdAudAddService - ok
    16:57:25.0637 3188 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
    16:57:25.0646 3188 HDAudBus - ok
    16:57:25.0696 3188 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
    16:57:25.0697 3188 HidBth - ok
    16:57:25.0725 3188 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
    16:57:25.0726 3188 HidIr - ok
    16:57:25.0765 3188 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
    16:57:25.0767 3188 hidserv - ok
    16:57:25.0799 3188 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    16:57:25.0800 3188 HidUsb - ok
    16:57:25.0829 3188 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
    16:57:25.0832 3188 hkmsvc - ok
    16:57:25.0853 3188 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
    16:57:25.0854 3188 HpCISSs - ok
    16:57:25.0900 3188 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
    16:57:25.0906 3188 HSFHWAZL - ok
    16:57:25.0972 3188 [ E9E589C9AB799F52E18F057635A2B362 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
    16:57:26.0006 3188 HSF_DPV - ok
    16:57:26.0041 3188 [ 7845D2385F4DC7DFB3CCAF0C2FA4948E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
    16:57:26.0045 3188 HSXHWAZL - ok
    16:57:26.0109 3188 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
    16:57:26.0117 3188 HTTP - ok
    16:57:26.0158 3188 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
    16:57:26.0159 3188 i2omp - ok
    16:57:26.0204 3188 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
    16:57:26.0205 3188 i8042prt - ok
    16:57:26.0254 3188 [ 582F2D900A3AC34C98FBDC2C0ABEF6B9 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    16:57:26.0259 3188 IAANTMON - ok
    16:57:26.0303 3188 [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
    16:57:26.0306 3188 iaStor - ok
    16:57:26.0337 3188 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
    16:57:26.0343 3188 iaStorV - ok
    16:57:26.0423 3188 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    16:57:26.0424 3188 IDriverT - ok
    16:57:26.0484 3188 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    16:57:26.0520 3188 idsvc - ok
    16:57:26.0646 3188 [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130531.001\IDSvix86.sys
    16:57:26.0653 3188 IDSVix86 - ok
    16:57:26.0748 3188 [ F7ECD4B9E7FAD4A01A0ED889D40E2494 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
    16:57:26.0804 3188 igfx - ok
    16:57:26.0844 3188 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
    16:57:26.0845 3188 iirsp - ok
    16:57:26.0895 3188 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
    16:57:26.0901 3188 IKEEXT - ok
    16:57:26.0960 3188 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
    16:57:26.0961 3188 intelide - ok
    16:57:27.0018 3188 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    16:57:27.0019 3188 intelppm - ok
    16:57:27.0066 3188 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    16:57:27.0069 3188 IPBusEnum - ok
    16:57:27.0111 3188 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    16:57:27.0112 3188 IpFilterDriver - ok
    16:57:27.0148 3188 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    16:57:27.0151 3188 iphlpsvc - ok
    Attached Files Attached Files

  2. #2
    Junior Member
    Join Date
    Jan 2009
    Posts
    6

    Default Win32.downloader.gen - Need OCD's help (MK) Part 2

    16:57:27.0156 3188 IpInIp - ok
    16:57:27.0183 3188 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
    16:57:27.0184 3188 IPMIDRV - ok
    16:57:27.0217 3188 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
    16:57:27.0219 3188 IPNAT - ok
    16:57:27.0283 3188 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    16:57:27.0300 3188 iPod Service - ok
    16:57:27.0353 3188 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
    16:57:27.0354 3188 IRENUM - ok
    16:57:27.0378 3188 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    16:57:27.0379 3188 isapnp - ok
    16:57:27.0423 3188 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
    16:57:27.0427 3188 iScsiPrt - ok
    16:57:27.0451 3188 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
    16:57:27.0453 3188 iteatapi - ok
    16:57:27.0469 3188 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
    16:57:27.0471 3188 iteraid - ok
    16:57:27.0511 3188 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
    16:57:27.0512 3188 kbdclass - ok
    16:57:27.0547 3188 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
    16:57:27.0548 3188 kbdhid - ok
    16:57:27.0589 3188 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
    16:57:27.0592 3188 KeyIso - ok
    16:57:27.0633 3188 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    16:57:27.0641 3188 KSecDD - ok
    16:57:27.0686 3188 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
    16:57:27.0690 3188 KtmRm - ok
    16:57:27.0732 3188 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
    16:57:27.0735 3188 LanmanServer - ok
    16:57:27.0783 3188 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    16:57:27.0787 3188 LanmanWorkstation - ok
    16:57:27.0825 3188 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    16:57:27.0826 3188 lltdio - ok
    16:57:27.0860 3188 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
    16:57:27.0864 3188 lltdsvc - ok
    16:57:27.0904 3188 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
    16:57:27.0906 3188 lmhosts - ok
    16:57:27.0968 3188 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
    16:57:27.0969 3188 LSI_FC - ok
    16:57:28.0017 3188 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
    16:57:28.0018 3188 LSI_SAS - ok
    16:57:28.0056 3188 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
    16:57:28.0057 3188 LSI_SCSI - ok
    16:57:28.0106 3188 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
    16:57:28.0108 3188 luafv - ok
    16:57:28.0204 3188 [ DDF15A42E27E8EFE27B18FD403151A86 ] MatSvc C:\Program Files\Microsoft Fix it Center\Matsvc.exe
    16:57:28.0207 3188 MatSvc - ok
    16:57:28.0246 3188 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    16:57:28.0249 3188 Mcx2Svc - ok
    16:57:28.0335 3188 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    16:57:28.0339 3188 MDM - ok
    16:57:28.0365 3188 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
    16:57:28.0366 3188 mdmxsdk - ok
    16:57:28.0420 3188 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
    16:57:28.0421 3188 megasas - ok
    16:57:28.0459 3188 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
    16:57:28.0462 3188 MMCSS - ok
    16:57:28.0501 3188 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
    16:57:28.0502 3188 Modem - ok
    16:57:28.0526 3188 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    16:57:28.0528 3188 monitor - ok
    16:57:28.0563 3188 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    16:57:28.0564 3188 mouclass - ok
    16:57:28.0581 3188 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    16:57:28.0582 3188 mouhid - ok
    16:57:28.0617 3188 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
    16:57:28.0618 3188 MountMgr - ok
    16:57:28.0635 3188 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
    16:57:28.0637 3188 mpio - ok
    16:57:28.0672 3188 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    16:57:28.0674 3188 mpsdrv - ok
    16:57:28.0723 3188 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
    16:57:28.0729 3188 MpsSvc - ok
    16:57:28.0758 3188 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
    16:57:28.0759 3188 Mraid35x - ok
    16:57:28.0795 3188 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    16:57:28.0799 3188 MRxDAV - ok
    16:57:28.0837 3188 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    16:57:28.0839 3188 mrxsmb - ok
    16:57:28.0882 3188 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    16:57:28.0887 3188 mrxsmb10 - ok
    16:57:28.0923 3188 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    16:57:28.0925 3188 mrxsmb20 - ok
    16:57:28.0966 3188 [ F0EC3A4E0693A34B148723B4DA31668C ] msahci C:\Windows\system32\drivers\msahci.sys
    16:57:28.0967 3188 msahci - ok
    16:57:29.0007 3188 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    16:57:29.0009 3188 msdsm - ok
    16:57:29.0042 3188 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
    16:57:29.0045 3188 MSDTC - ok
    16:57:29.0083 3188 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    16:57:29.0083 3188 Msfs - ok
    16:57:29.0130 3188 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    16:57:29.0130 3188 msisadrv - ok
    16:57:29.0174 3188 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    16:57:29.0176 3188 MSiSCSI - ok
    16:57:29.0181 3188 msiserver - ok
    16:57:29.0231 3188 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    16:57:29.0232 3188 MSKSSRV - ok
    16:57:29.0272 3188 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    16:57:29.0274 3188 MSPCLOCK - ok
    16:57:29.0310 3188 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    16:57:29.0311 3188 MSPQM - ok
    16:57:29.0359 3188 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    16:57:29.0362 3188 MsRPC - ok
    16:57:29.0376 3188 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
    16:57:29.0377 3188 mssmbios - ok
    16:57:29.0399 3188 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    16:57:29.0400 3188 MSTEE - ok
    16:57:29.0421 3188 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
    16:57:29.0422 3188 Mup - ok
    16:57:29.0532 3188 [ 241BD3019FB31E812A51B31B06906335 ] N360 C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccSvcHst.exe
    16:57:29.0536 3188 N360 - ok
    16:57:29.0558 3188 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
    16:57:29.0564 3188 napagent - ok
    16:57:29.0615 3188 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    16:57:29.0619 3188 NativeWifiP - ok
    16:57:29.0728 3188 [ CE2156DF796D41614AB60E68D107D573 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130601.022\NAVENG.SYS
    16:57:29.0730 3188 NAVENG - ok
    16:57:29.0813 3188 [ 19CEB8F4EC8C800A53D0B67E658E0367 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130601.022\NAVEX15.SYS
    16:57:29.0867 3188 NAVEX15 - ok
    16:57:29.0948 3188 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
    16:57:29.0967 3188 NDIS - ok
    16:57:30.0022 3188 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    16:57:30.0024 3188 NdisTapi - ok
    16:57:30.0059 3188 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    16:57:30.0061 3188 Ndisuio - ok
    16:57:30.0124 3188 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    16:57:30.0128 3188 NdisWan - ok
    16:57:30.0194 3188 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    16:57:30.0196 3188 NDProxy - ok
    16:57:30.0257 3188 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
    16:57:30.0259 3188 Net Driver HPZ12 - ok
    16:57:30.0287 3188 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    16:57:30.0288 3188 NetBIOS - ok
    16:57:30.0325 3188 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
    16:57:30.0330 3188 netbt - ok
    16:57:30.0348 3188 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
    16:57:30.0351 3188 Netlogon - ok
    16:57:30.0386 3188 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
    16:57:30.0392 3188 Netman - ok
    16:57:30.0425 3188 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    16:57:30.0428 3188 NetMsmqActivator - ok
    16:57:30.0436 3188 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    16:57:30.0438 3188 NetPipeActivator - ok
    16:57:30.0486 3188 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
    16:57:30.0491 3188 netprofm - ok
    16:57:30.0502 3188 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    16:57:30.0504 3188 NetTcpActivator - ok
    16:57:30.0517 3188 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    16:57:30.0519 3188 NetTcpPortSharing - ok
    16:57:30.0568 3188 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
    16:57:30.0569 3188 nfrd960 - ok
    16:57:30.0604 3188 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
    16:57:30.0609 3188 NlaSvc - ok
    16:57:30.0633 3188 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
    16:57:30.0635 3188 Npfs - ok
    16:57:30.0667 3188 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
    16:57:30.0671 3188 nsi - ok
    16:57:30.0705 3188 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    16:57:30.0706 3188 nsiproxy - ok
    16:57:30.0780 3188 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    16:57:30.0831 3188 Ntfs - ok
    16:57:30.0881 3188 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
    16:57:30.0883 3188 ntrigdigi - ok
    16:57:30.0928 3188 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
    16:57:30.0929 3188 Null - ok
    16:57:30.0956 3188 [ 6F785DB62A6D8F3FAFD3E5695277E849 ] nvraid C:\Windows\system32\drivers\nvraid.sys
    16:57:30.0957 3188 nvraid - ok
    16:57:30.0979 3188 [ 4A5FCAB82D9BF6AF8A023A66802FE9E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
    16:57:30.0980 3188 nvstor - ok
    16:57:31.0006 3188 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    16:57:31.0008 3188 nv_agp - ok
    16:57:31.0059 3188 [ 0973C0C696780161F4526586D5EAC422 ] NWADI C:\Windows\system32\DRIVERS\NWADIenum.sys
    16:57:31.0065 3188 NWADI - ok
    16:57:31.0072 3188 NwlnkFlt - ok
    16:57:31.0081 3188 NwlnkFwd - ok
    16:57:31.0127 3188 [ 1FDE5B2D61D97D803594DF4B3BC28C4B ] NWUSBCDFIL C:\Windows\system32\DRIVERS\NwUsbCdFil.sys
    16:57:31.0128 3188 NWUSBCDFIL - ok
    16:57:31.0168 3188 [ 65B471BB7E57C416A1E685EC07D4ABFA ] NWUSBModem C:\Windows\system32\DRIVERS\nwusbmdm.sys
    16:57:31.0171 3188 NWUSBModem - ok
    16:57:31.0201 3188 [ 65B471BB7E57C416A1E685EC07D4ABFA ] NWUSBPort C:\Windows\system32\DRIVERS\nwusbser.sys
    16:57:31.0205 3188 NWUSBPort - ok
    16:57:31.0239 3188 [ 65B471BB7E57C416A1E685EC07D4ABFA ] NWUSBPort2 C:\Windows\system32\DRIVERS\nwusbser2.sys
    16:57:31.0242 3188 NWUSBPort2 - ok
    16:57:31.0276 3188 [ 19CAC780B858822055F46C58A111723C ] OEM02Dev C:\Windows\system32\DRIVERS\OEM02Dev.sys
    16:57:31.0281 3188 OEM02Dev - ok
    16:57:31.0312 3188 [ 86326062A90494BDD79CE383511D7D69 ] OEM02Vfx C:\Windows\system32\DRIVERS\OEM02Vfx.sys
    16:57:31.0313 3188 OEM02Vfx - ok
    16:57:31.0367 3188 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
    16:57:31.0368 3188 ohci1394 - ok
    16:57:31.0437 3188 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
    16:57:31.0500 3188 p2pimsvc - ok
    16:57:31.0533 3188 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
    16:57:31.0548 3188 p2psvc - ok
    16:57:31.0583 3188 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
    16:57:31.0586 3188 Parport - ok
    16:57:31.0610 3188 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
    16:57:31.0612 3188 partmgr - ok
    16:57:31.0646 3188 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
    16:57:31.0647 3188 Parvdm - ok
    16:57:31.0691 3188 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
    16:57:31.0695 3188 PcaSvc - ok
    16:57:31.0752 3188 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
    16:57:31.0761 3188 pci - ok
    16:57:31.0790 3188 [ 20B869152448F80AC49CF10264E91F5E ] pciide C:\Windows\system32\drivers\pciide.sys
    16:57:31.0790 3188 pciide - ok
    16:57:31.0820 3188 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
    16:57:31.0824 3188 pcmcia - ok
    16:57:31.0876 3188 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    16:57:31.0896 3188 PEAUTH - ok
    16:57:31.0979 3188 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
    16:57:32.0037 3188 pla - ok
    16:57:32.0087 3188 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    16:57:32.0097 3188 PlugPlay - ok
    16:57:32.0134 3188 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
    16:57:32.0136 3188 Pml Driver HPZ12 - ok
    16:57:32.0163 3188 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
    16:57:32.0169 3188 PNRPAutoReg - ok
    16:57:32.0197 3188 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
    16:57:32.0203 3188 PNRPsvc - ok
    16:57:32.0246 3188 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    16:57:32.0249 3188 PolicyAgent - ok
    16:57:32.0265 3188 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    16:57:32.0268 3188 PptpMiniport - ok
    16:57:32.0286 3188 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
    16:57:32.0287 3188 Processor - ok
    16:57:32.0314 3188 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
    16:57:32.0317 3188 ProfSvc - ok
    16:57:32.0329 3188 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
    16:57:32.0332 3188 ProtectedStorage - ok
    16:57:32.0395 3188 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
    16:57:32.0396 3188 PSched - ok
    16:57:32.0479 3188 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
    16:57:32.0512 3188 ql2300 - ok
    16:57:32.0561 3188 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
    16:57:32.0562 3188 ql40xx - ok
    16:57:32.0606 3188 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
    16:57:32.0611 3188 QWAVE - ok
    16:57:32.0642 3188 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    16:57:32.0644 3188 QWAVEdrv - ok
    16:57:32.0665 3188 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    16:57:32.0667 3188 RasAcd - ok
    16:57:32.0714 3188 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
    16:57:32.0720 3188 RasAuto - ok
    16:57:32.0758 3188 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    16:57:32.0759 3188 Rasl2tp - ok
    16:57:32.0785 3188 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
    16:57:32.0792 3188 RasMan - ok
    16:57:32.0819 3188 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    16:57:32.0820 3188 RasPppoe - ok
    16:57:32.0859 3188 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    16:57:32.0861 3188 RasSstp - ok
    16:57:32.0881 3188 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    16:57:32.0887 3188 rdbss - ok
    16:57:32.0905 3188 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    16:57:32.0906 3188 RDPCDD - ok
    16:57:32.0956 3188 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
    16:57:32.0958 3188 rdpdr - ok
    16:57:32.0983 3188 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    16:57:32.0984 3188 RDPENCDD - ok
    16:57:33.0015 3188 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    16:57:33.0018 3188 RDPWD - ok
    16:57:33.0101 3188 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    16:57:33.0102 3188 RealNetworks Downloader Resolver Service - ok
    16:57:33.0154 3188 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
    16:57:33.0156 3188 RemoteAccess - ok
    16:57:33.0196 3188 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
    16:57:33.0200 3188 RemoteRegistry - ok
    16:57:33.0238 3188 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
    16:57:33.0242 3188 RFCOMM - ok
    16:57:33.0348 3188 [ 805AE1F90C64758D19AAA001CF8CBA12 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    16:57:33.0352 3188 RichVideo - ok
    16:57:33.0386 3188 [ D85E3FA9F5B1F29BB4ED185C450D1470 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
    16:57:33.0387 3188 rimmptsk - ok
    16:57:33.0416 3188 [ DB8EB01C58C9FADA00C70B1775278AE0 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
    16:57:33.0417 3188 rimsptsk - ok
    16:57:33.0442 3188 RimUsb - ok
    16:57:33.0478 3188 [ 3A5633AD615E2B15291BD0B1B97CCD8A ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
    16:57:33.0479 3188 RimVSerPort - ok
    16:57:33.0500 3188 [ 6C1F93C0760C9F79A1869D07233DF39D ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
    16:57:33.0501 3188 rismxdp - ok
    16:57:33.0542 3188 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
    16:57:33.0543 3188 ROOTMODEM - ok
    16:57:33.0565 3188 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
    16:57:33.0568 3188 RpcLocator - ok
    16:57:33.0615 3188 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
    16:57:33.0624 3188 RpcSs - ok
    16:57:33.0676 3188 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    16:57:33.0677 3188 rspndr - ok
    16:57:33.0685 3188 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
    16:57:33.0688 3188 SamSs - ok
    16:57:33.0736 3188 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    16:57:33.0737 3188 sbp2port - ok
    16:57:33.0787 3188 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
    16:57:33.0792 3188 SCardSvr - ok
    16:57:33.0848 3188 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
    16:57:33.0858 3188 Schedule - ok
    16:57:33.0919 3188 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
    16:57:33.0921 3188 SCPolicySvc - ok
    16:57:33.0978 3188 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
    16:57:33.0981 3188 sdbus - ok
    16:57:34.0020 3188 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    16:57:34.0027 3188 SDRSVC - ok
    16:57:34.0042 3188 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
    16:57:34.0044 3188 secdrv - ok
    16:57:34.0088 3188 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
    16:57:34.0094 3188 seclogon - ok
    16:57:34.0127 3188 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
    16:57:34.0129 3188 SENS - ok
    16:57:34.0152 3188 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
    16:57:34.0153 3188 Serenum - ok
    16:57:34.0175 3188 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
    16:57:34.0176 3188 Serial - ok
    16:57:34.0205 3188 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
    16:57:34.0206 3188 sermouse - ok
    16:57:34.0252 3188 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
    16:57:34.0255 3188 SessionEnv - ok
    16:57:34.0277 3188 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    16:57:34.0277 3188 sffdisk - ok
    16:57:34.0298 3188 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    16:57:34.0298 3188 sffp_mmc - ok
    16:57:34.0315 3188 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    16:57:34.0316 3188 sffp_sd - ok
    16:57:34.0333 3188 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
    16:57:34.0334 3188 sfloppy - ok
    16:57:34.0356 3188 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
    16:57:34.0362 3188 SharedAccess - ok
    16:57:34.0409 3188 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    16:57:34.0414 3188 ShellHWDetection - ok
    16:57:34.0442 3188 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
    16:57:34.0443 3188 sisagp - ok
    16:57:34.0468 3188 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
    16:57:34.0469 3188 SiSRaid2 - ok
    16:57:34.0492 3188 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
    16:57:34.0493 3188 SiSRaid4 - ok
    16:57:34.0723 3188 [ 0C1B2E3A897397738D9F81CD3D152AF0 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    16:57:34.0835 3188 Skype C2C Service - ok
    16:57:34.0908 3188 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
    16:57:34.0911 3188 SkypeUpdate - ok
    16:57:35.0049 3188 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
    16:57:35.0143 3188 slsvc - ok
    16:57:35.0178 3188 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
    16:57:35.0183 3188 SLUINotify - ok
    16:57:35.0228 3188 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    16:57:35.0230 3188 Smb - ok
    16:57:35.0289 3188 [ 1E715247EFFFDDA938C085913045D599 ] SMSIVZAM5 C:\PROGRA~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS
    16:57:35.0290 3188 SMSIVZAM5 - ok
    16:57:35.0334 3188 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    16:57:35.0338 3188 SNMPTRAP - ok
    16:57:35.0368 3188 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
    16:57:35.0369 3188 spldr - ok
    16:57:35.0401 3188 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
    16:57:35.0406 3188 Spooler - ok
    16:57:35.0523 3188 [ 0A8F71E1DB5432A5B9285111421E77EC ] SRTSP C:\Windows\System32\Drivers\N360\1403010.016\SRTSP.SYS
    16:57:35.0546 3188 SRTSP - ok
    16:57:35.0571 3188 [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX C:\Windows\system32\drivers\N360\1403010.016\SRTSPX.SYS
    16:57:35.0572 3188 SRTSPX - ok
    16:57:35.0616 3188 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
    16:57:35.0623 3188 srv - ok
    16:57:35.0666 3188 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    16:57:35.0670 3188 srv2 - ok
    16:57:35.0698 3188 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    16:57:35.0701 3188 srvnet - ok
    16:57:35.0718 3188 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    16:57:35.0723 3188 SSDPSRV - ok
    16:57:35.0770 3188 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
    16:57:35.0775 3188 SstpSvc - ok
    16:57:35.0829 3188 [ 686FA4ACFDCB4E16B7F0230B88F6D17E ] STacSV C:\Windows\system32\STacSV.exe
    16:57:35.0834 3188 STacSV - ok
    16:57:35.0891 3188 [ 53D5E8638EA1A387E4FA82A8F062AA11 ] STHDA C:\Windows\system32\drivers\stwrt.sys
    16:57:35.0900 3188 STHDA - ok
    16:57:35.0951 3188 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
    16:57:35.0952 3188 StillCam - ok
    16:57:35.0992 3188 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
    16:57:36.0013 3188 stisvc - ok
    16:57:36.0050 3188 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
    16:57:36.0051 3188 swenum - ok
    16:57:36.0089 3188 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
    16:57:36.0096 3188 swprv - ok
    16:57:36.0135 3188 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
    16:57:36.0136 3188 Symc8xx - ok
    16:57:36.0185 3188 [ 6EA77FF0CE4E839EA8B1CEA5F5B28C00 ] SymDS C:\Windows\system32\drivers\N360\1403010.016\SYMDS.SYS
    16:57:36.0193 3188 SymDS - ok
    16:57:36.0235 3188 [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA C:\Windows\system32\drivers\N360\1403010.016\SYMEFA.SYS
    16:57:36.0266 3188 SymEFA - ok
    16:57:36.0314 3188 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
    16:57:36.0316 3188 SymEvent - ok
    16:57:36.0344 3188 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\Windows\system32\drivers\N360\1403010.016\Ironx86.SYS
    16:57:36.0347 3188 SymIRON - ok
    16:57:36.0374 3188 [ 93DE018EC6FBAA9A58FF9F2EB9198092 ] SYMTDIv C:\Windows\System32\Drivers\N360\1403010.016\SYMTDIV.SYS
    16:57:36.0380 3188 SYMTDIv - ok
    16:57:36.0403 3188 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
    16:57:36.0404 3188 Sym_hi - ok
    16:57:36.0422 3188 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
    16:57:36.0422 3188 Sym_u3 - ok
    16:57:36.0471 3188 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
    16:57:36.0481 3188 SysMain - ok
    16:57:36.0542 3188 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
    16:57:36.0549 3188 TabletInputService - ok
    16:57:36.0602 3188 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
    16:57:36.0612 3188 TapiSrv - ok
    16:57:36.0646 3188 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
    16:57:36.0650 3188 TBS - ok
    16:57:36.0716 3188 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    16:57:36.0749 3188 Tcpip - ok
    16:57:36.0789 3188 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
    16:57:36.0799 3188 Tcpip6 - ok
    16:57:36.0836 3188 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    16:57:36.0837 3188 tcpipreg - ok
    16:57:36.0878 3188 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    16:57:36.0879 3188 TDPIPE - ok
    16:57:36.0918 3188 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    16:57:36.0919 3188 TDTCP - ok
    16:57:36.0951 3188 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    16:57:36.0953 3188 tdx - ok
    16:57:36.0963 3188 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
    16:57:36.0964 3188 TermDD - ok
    16:57:36.0993 3188 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
    16:57:37.0001 3188 TermService - ok
    16:57:37.0024 3188 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
    16:57:37.0031 3188 Themes - ok
    16:57:37.0049 3188 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
    16:57:37.0053 3188 THREADORDER - ok
    16:57:37.0083 3188 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
    16:57:37.0088 3188 TrkWks - ok
    16:57:37.0141 3188 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    16:57:37.0142 3188 TrustedInstaller - ok
    16:57:37.0186 3188 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    16:57:37.0187 3188 tssecsrv - ok
    16:57:37.0236 3188 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
    16:57:37.0238 3188 tunmp - ok
    16:57:37.0278 3188 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    16:57:37.0279 3188 tunnel - ok
    16:57:37.0323 3188 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
    16:57:37.0325 3188 uagp35 - ok
    16:57:37.0372 3188 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    16:57:37.0378 3188 udfs - ok
    16:57:37.0453 3188 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
    16:57:37.0458 3188 UI0Detect - ok
    16:57:37.0479 3188 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    16:57:37.0481 3188 uliagpkx - ok
    16:57:37.0516 3188 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
    16:57:37.0519 3188 uliahci - ok
    16:57:37.0543 3188 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
    16:57:37.0545 3188 UlSata - ok
    16:57:37.0569 3188 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
    16:57:37.0571 3188 ulsata2 - ok
    16:57:37.0607 3188 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
    16:57:37.0608 3188 umbus - ok
    16:57:37.0650 3188 [ 88BD96A1BAEED33EE8BDF9499C07A841 ] UMPass C:\Windows\system32\DRIVERS\umpass.sys
    16:57:37.0651 3188 UMPass - ok
    16:57:37.0694 3188 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
    16:57:37.0701 3188 upnphost - ok
    16:57:37.0755 3188 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
    16:57:37.0757 3188 USBAAPL - ok
    16:57:37.0794 3188 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    16:57:37.0796 3188 usbccgp - ok
    16:57:37.0824 3188 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
    16:57:37.0826 3188 usbcir - ok
    16:57:37.0884 3188 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
    16:57:37.0886 3188 usbehci - ok
    16:57:37.0934 3188 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    16:57:37.0941 3188 usbhub - ok
    16:57:37.0967 3188 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
    16:57:37.0969 3188 usbohci - ok
    16:57:38.0015 3188 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    16:57:38.0017 3188 usbprint - ok
    16:57:38.0073 3188 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
    16:57:38.0075 3188 usbscan - ok
    16:57:38.0134 3188 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    16:57:38.0137 3188 USBSTOR - ok
    16:57:38.0175 3188 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
    16:57:38.0177 3188 usbuhci - ok
    16:57:38.0220 3188 [ 0A6B81F01BC86399482E27E6FDA7B33B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
    16:57:38.0225 3188 usbvideo - ok
    16:57:38.0263 3188 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
    16:57:38.0266 3188 UxSms - ok
    16:57:38.0304 3188 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
    16:57:38.0308 3188 vds - ok
    16:57:38.0349 3188 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    16:57:38.0350 3188 vga - ok
    16:57:38.0385 3188 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
    16:57:38.0386 3188 VgaSave - ok
    16:57:38.0403 3188 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
    16:57:38.0404 3188 viaagp - ok
    16:57:38.0417 3188 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
    16:57:38.0418 3188 ViaC7 - ok
    16:57:38.0459 3188 [ 58C8D5AC5C3EEF40E7E704A5CED7987D ] viaide C:\Windows\system32\drivers\viaide.sys
    16:57:38.0460 3188 viaide - ok
    16:57:38.0508 3188 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    16:57:38.0510 3188 volmgr - ok
    16:57:38.0554 3188 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    16:57:38.0560 3188 volmgrx - ok
    16:57:38.0599 3188 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
    16:57:38.0604 3188 volsnap - ok
    16:57:38.0667 3188 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
    16:57:38.0668 3188 vsmraid - ok
    16:57:38.0724 3188 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
    16:57:38.0765 3188 VSS - ok
    16:57:38.0809 3188 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
    16:57:38.0819 3188 W32Time - ok
    16:57:38.0847 3188 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
    16:57:38.0848 3188 WacomPen - ok
    16:57:38.0880 3188 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
    16:57:38.0882 3188 Wanarp - ok
    16:57:38.0891 3188 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    16:57:38.0892 3188 Wanarpv6 - ok
    16:57:38.0938 3188 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
    16:57:38.0960 3188 wcncsvc - ok
    16:57:38.0997 3188 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    16:57:39.0001 3188 WcsPlugInService - ok
    16:57:39.0032 3188 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
    16:57:39.0033 3188 Wd - ok
    16:57:39.0083 3188 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    16:57:39.0103 3188 Wdf01000 - ok
    16:57:39.0142 3188 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
    16:57:39.0145 3188 WdiServiceHost - ok
    16:57:39.0150 3188 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
    16:57:39.0154 3188 WdiSystemHost - ok
    16:57:39.0194 3188 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
    16:57:39.0198 3188 WebClient - ok
    16:57:39.0237 3188 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
    16:57:39.0240 3188 Wecsvc - ok
    16:57:39.0281 3188 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    16:57:39.0284 3188 wercplsupport - ok
    16:57:39.0320 3188 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
    16:57:39.0323 3188 WerSvc - ok
    16:57:39.0367 3188 [ 4DACA8F07537D4D7E3534BB99294AA26 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
    16:57:39.0391 3188 winachsf - ok
    16:57:39.0462 3188 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
    16:57:39.0467 3188 WinDefend - ok
    16:57:39.0480 3188 WinHttpAutoProxySvc - ok
    16:57:39.0543 3188 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    16:57:39.0547 3188 Winmgmt - ok
    16:57:39.0618 3188 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
    16:57:39.0663 3188 WinRM - ok
    16:57:39.0729 3188 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
    16:57:39.0731 3188 WinUSB - ok
    16:57:39.0773 3188 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
    16:57:39.0783 3188 Wlansvc - ok
    16:57:39.0920 3188 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    16:57:39.0972 3188 wlidsvc - ok
    16:57:39.0978 3188 wltrysvc - ok
    16:57:40.0012 3188 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
    16:57:40.0013 3188 WmiAcpi - ok
    16:57:40.0046 3188 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    16:57:40.0047 3188 wmiApSrv - ok
    16:57:40.0115 3188 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
    16:57:40.0123 3188 WMPNetworkSvc - ok
    16:57:40.0140 3188 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
    16:57:40.0146 3188 WPCSvc - ok
    16:57:40.0186 3188 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    16:57:40.0191 3188 WPDBusEnum - ok
    16:57:40.0240 3188 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
    16:57:40.0241 3188 WpdUsb - ok
    16:57:40.0331 3188 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    16:57:40.0354 3188 WPFFontCache_v0400 - ok
    16:57:40.0388 3188 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    16:57:40.0389 3188 ws2ifsl - ok
    16:57:40.0427 3188 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
    16:57:40.0433 3188 wscsvc - ok
    16:57:40.0482 3188 [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
    16:57:40.0483 3188 WSDPrintDevice - ok
    16:57:40.0490 3188 WSearch - ok
    16:57:40.0607 3188 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
    16:57:40.0673 3188 wuauserv - ok
    16:57:40.0712 3188 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    16:57:40.0714 3188 WudfPf - ok
    16:57:40.0741 3188 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    16:57:40.0745 3188 WUDFRd - ok
    16:57:40.0776 3188 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    16:57:40.0781 3188 wudfsvc - ok
    16:57:40.0812 3188 [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
    16:57:40.0813 3188 XAudio - ok
    16:57:40.0877 3188 [ 28DC5D626E036A75A572556F0A6EB1F6 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
    16:57:40.0882 3188 XAudioService - ok
    16:57:40.0955 3188 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    16:57:40.0965 3188 YahooAUService - ok
    16:57:40.0978 3188 ================ Scan global ===============================
    16:57:41.0016 3188 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
    16:57:41.0066 3188 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
    16:57:41.0099 3188 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
    16:57:41.0149 3188 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
    16:57:41.0153 3188 [Global] - ok
    16:57:41.0154 3188 ================ Scan MBR ==================================
    16:57:41.0161 3188 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
    16:57:41.0645 3188 \Device\Harddisk0\DR0 - ok
    16:57:41.0646 3188 ================ Scan VBR ==================================
    16:57:41.0658 3188 [ A0AC5FC9DA3D46BA2446E2B1ADA9B6E2 ] \Device\Harddisk0\DR0\Partition1
    16:57:41.0661 3188 \Device\Harddisk0\DR0\Partition1 - ok
    16:57:41.0674 3188 [ 1FD9C86D3750328088516E622429136C ] \Device\Harddisk0\DR0\Partition2
    16:57:41.0678 3188 \Device\Harddisk0\DR0\Partition2 - ok
    16:57:41.0679 3188 ============================================================
    16:57:41.0679 3188 Scan finished
    16:57:41.0679 3188 ============================================================
    16:57:41.0705 1440 Detected object count: 0
    16:57:41.0705 1440 Actual detected object count: 0
    16:57:49.0368 4236 Deinitialize success


    **********************************************************************************************************

    DDS Log



    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16496 BrowserJavaVersion: 10.7.2
    Run by Road King at 20:07:02 on 2013-07-13
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3573.1671 [GMT -4:00]
    .
    AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\System32\WLTRYSVC.EXE
    C:\Windows\System32\bcmwltry.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccSvcHst.exe
    C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\Windows\system32\STacSV.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\DRIVERS\xaudio.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccSvcHst.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\System32\WLTRAY.EXE
    C:\Windows\OEM02Mon.exe
    C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
    C:\Program Files\DellTPad\Apoint.exe
    C:\Windows\sttray.exe
    C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\real\realplayer\Update\realsched.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
    C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
    C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\WinZip\WZQKPICK32.EXE
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\DellTPad\ApMsgFwd.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\DellTPad\Apntex.exe
    C:\Program Files\DellTPad\HidFind.exe
    C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\system32\hkcmd.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k SDRSVC
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.bing.com/
    uDefault_Page_URL = hxxp://www.msn.com
    dURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - <orphaned>
    BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
    BHO: Updater For Comcast Toolbar 3.5: {164d3751-cac6-4a6d-becd-ea67df61d232} - c:\program files\comcasttb\auxi\comcastAu.dll
    BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
    BHO: Comcast Toolbar 3.5: {4E77EDAD-9566-4089-88D1-C81498CEE770} - c:\program files\comcasttb\comcasttb.dll
    BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
    BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton security suite\engine\20.3.1.22\coieplg.dll
    BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton security suite\engine\20.3.1.22\ips\ipsbho.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
    BHO: Comcast Toolbar: {79CEEA4E-C231-4614-9E3B-53B2A02F39B7} - c:\program files\comcasttb\comcastdx.dll
    BHO: Advertising Cookie Opt-out: {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} - c:\program files\google\advertising cookie opt-out\opt_out.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\20.3.1.22\coieplg.dll
    TB: Comcast Toolbar: {79CEEA4E-C231-4614-9E3B-53B2A02F39B7} - c:\program files\comcasttb\comcastdx.dll
    TB: Comcast Toolbar 3.5: {4E77EDAD-9566-4089-88D1-C81498CEE770} - c:\program files\comcasttb\comcasttb.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\20.3.1.22\coieplg.dll
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
    uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    uRun: [ComcastAntispyClient] "c:\program files\comcasttb\comcastspywarescan\ComcastAntispy.exe" /hide
    uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
    uRun: [DW7] "c:\program files\the weather channel\the weather channel app\TWCApp.exe"
    uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe
    uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
    mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
    mRun: [EverioService] "c:\program files\cyberlink\pcm4everio\EverioService.exe"
    mRun: [Apoint] c:\program files\delltpad\Apoint.exe
    mRun: [UpdatePDRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"
    mRun: [SigmatelSysTrayApp] sttray.exe
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [OtShot] c:\program files\otshot\otshot.exe -minimize
    StartupFolder: c:\users\roadki~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\windows\installer\{7f0c4457-8e64-491b-8d7b-991504365d1e}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK32.EXE
    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: NameServer = 75.75.75.75 75.75.76.76 192.168.1.1
    TCP: Interfaces\{6B868A5B-0DF3-4112-9BBE-C9654C0D1DA6} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
    TCP: Interfaces\{A7B6EB6E-E9F9-456E-B3D9-AD0448FB6F5E} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Notify: igfxcui - igfxdev.dll
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1403010.016\symds.sys [2013-5-16 367704]
    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1403010.016\symefa.sys [2013-5-16 934488]
    R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\bashdefs\20130702.001\BHDrvx86.sys [2013-7-2 1002072]
    R1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\n360\1403010.016\ccsetx86.sys [2013-5-16 134304]
    R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\ipsdefs\20130712.001\IDSvix86.sys [2013-7-12 386720]
    R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1403010.016\ironx86.sys [2013-5-16 175264]
    R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\1403010.016\symtdiv.sys [2013-5-16 350368]
    R2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\comcastspywarescan\ComcastAntiSpyService.exe [2009-6-17 616408]
    R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-12 21504]
    R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\20.3.1.22\ccsvchst.exe [2013-5-16 144520]
    R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608]
    R2 ReimageRealTimeProtection;Reimage Real Time Protection;c:\program files\reimage\reimage repair\ReiGuard.exe [2013-7-10 3380584]
    R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-5-14 3289208]
    R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-9-12 179712]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-9 106656]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
    S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-24 39272]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
    S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568]
    S3 NWUSBCDFIL;Novatel Wireless Installation CD;c:\windows\system32\drivers\NwUsbCdFil.sys [2008-7-7 20480]
    S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2008-5-9 174336]
    S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\verizo~1\vzacce~1\SMSIVZAM5.SYS [2009-3-20 32408]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856]
    .
    =============== Created Last 30 ================
    .
    2013-07-13 20:02:48 -------- d-----w- C:\rei
    2013-07-13 20:02:41 -------- d-----w- c:\program files\Reimage
    2013-07-13 19:52:32 -------- d-----w- C:\_OTL
    2013-07-12 22:41:11 7068072 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{a79f8407-04bf-4cfc-bbfd-4cf747c7ad58}\mpengine.dll
    2013-07-10 21:37:24 983552 ----a-w- c:\program files\windows journal\JNTFiltr.dll
    2013-06-16 03:00:23 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    2013-06-16 02:00:25 -------- d-----w- c:\users\road king\appdata\local\WinZip
    .
    ==================== Find3M ====================
    .
    2013-06-12 22:59:12 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-06-12 22:59:11 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-06-04 01:50:43 2049024 ----a-w- c:\windows\system32\win32k.sys
    2013-06-01 04:06:08 505344 ----a-w- c:\windows\system32\qedit.dll
    2013-05-29 01:50:14 1800704 ----a-w- c:\windows\system32\jscript9.dll
    2013-05-29 01:41:52 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2013-05-29 01:41:08 1129472 ----a-w- c:\windows\system32\wininet.dll
    2013-05-29 01:37:15 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2013-05-29 01:36:09 420864 ----a-w- c:\windows\system32\vbscript.dll
    2013-05-29 01:33:22 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2013-05-08 04:37:21 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2013-05-08 03:14:09 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
    2013-05-02 22:03:36 3603832 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2013-05-02 22:03:36 3551096 ----a-w- c:\windows\system32\ntoskrnl.exe
    2013-05-02 06:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe
    2013-05-02 04:04:25 443904 ----a-w- c:\windows\system32\win32spl.dll
    2013-05-02 04:03:42 37376 ----a-w- c:\windows\system32\printcom.dll
    2013-04-24 04:00:30 985600 ----a-w- c:\windows\system32\crypt32.dll
    2013-04-24 04:00:30 98304 ----a-w- c:\windows\system32\cryptnet.dll
    2013-04-24 04:00:30 133120 ----a-w- c:\windows\system32\cryptsvc.dll
    2013-04-24 04:00:24 41984 ----a-w- c:\windows\system32\certenc.dll
    2013-04-24 01:46:29 812544 ----a-w- c:\windows\system32\certutil.exe
    2013-04-17 12:30:06 24576 ----a-w- c:\windows\system32\cryptdlg.dll
    2013-04-17 11:28:53 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
    2013-04-17 11:28:53 189952 ----a-w- c:\windows\system32\d3d10core.dll
    2013-04-17 11:28:53 160768 ----a-w- c:\windows\system32\d3d10_1.dll
    2013-04-17 11:28:53 1029120 ----a-w- c:\windows\system32\d3d10.dll
    2013-04-17 10:34:33 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
    2013-04-17 10:33:05 486400 ----a-w- c:\windows\system32\d3d10level9.dll
    2013-04-17 10:14:27 683008 ----a-w- c:\windows\system32\d2d1.dll
    2013-04-17 10:10:35 1069056 ----a-w- c:\windows\system32\DWrite.dll
    2013-04-17 10:10:34 798208 ----a-w- c:\windows\system32\FntCache.dll
    2013-04-15 14:20:04 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
    .
    ============= FINISH: 20:08:16.44 ===============


    aswMBR log


    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2013-07-13 20:20:04
    -----------------------------
    20:20:04.071 OS Version: Windows 6.0.6002 Service Pack 2
    20:20:04.071 Number of processors: 2 586 0xF0D
    20:20:04.072 ComputerName: ROADKING-LT UserName: Road King
    20:20:05.816 Initialize success
    20:20:28.906 The log file has been saved successfully to "C:\Users\Road King\Desktop\aswMBR.txt"rged two topics
    Last edited by tashi; 2013-07-14 at 04:30. Reason: Merged two topics

  3. #3
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,484

    Default

    Hello mkacmarik,
    Quote Originally Posted by mkacmarik View Post
    Hello OCD,My original thread was closed. Since I travel I can't get back to my PC within three days so please keep this thread open for 10 days. Thank you.
    Sorry it doesn't work like that. A helper may be able to allow some leeway at their own discretion but a gap of ten days is just too long. Twelve days had already lapsed since your last post, Jun 30th.

    Note:
    When a volunteer posted a response to which you did not reply.

    At this time threads may now be closed three days after last post in topic at the discretion of the volunteer. Please subscribe to your topic so you know when a reply has been posted. If the topic has been archived and you still require help start a new topic and include fresh DDS & aswMBR logs with a link to your previous thread. Please do not post any other logs, you'd be starting fresh.

    It takes time to analyze logs and prepare a response. Volunteers help users at several sites, and take X number of new topics in order to give each member their attention and avoid burnout.

    Thank you.
    http://forums.spybot.info/showthread...-Assistance%29

    When you are back at your PC and able to reply promptly to the person who may respond "start a new topic and include fresh DDS & aswMBR logs with a link to your previous thread."

    Which is: http://forums.spybot.info/showthread...eeded-%28MK%29

    Best regards.
    Last edited by tashi; 2013-07-14 at 05:01. Reason: clarify
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •