Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Won't complete updates and slow performance


  • Please log in to reply
16 replies to this topic

#1 bjohnson1982

bjohnson1982

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 21 November 2012 - 07:21 PM

My computer hasn't been able to finish it updates. After it updates, I restart and it says failure to update and converts back to previous configuration. Also, my computer has been performing a lot slower than normal. Any help is greatly appreciated.
Thank you.
I have run malware and it found 9 objects which I deleted.

BC AdBot (Login to Remove)

 


#2 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:09:46 PM

Posted 21 November 2012 - 07:48 PM

Download TDSSkiller
  • Right Click it Run as Admin.
  • Click on Change parameters
  • Select TDLFS file system
  • Click the Scan button
  • Post the LOG In your next reply

    Do not change the default options on scan results

Some types of malware will disable MBAM and other security tools. If MBAM will not install, try renaming it.

  • Before saving any of your security programs, rename them first. For example, before you save Malwarebytes', rename it to something like MBblah.exe and then click on Save and save it to your desktop. Same thing after you install it. Before running it, rename the main executable file first

    Right-click on the mbam-setup.exe file and change the .exe extension to .bat, .com, .pif, or .scr and then double-click on it to run.

    If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files, right-click on mbam.exe and change the .exe as noted above. Then double-click on it to run..
  • Another work around is by not using the mouse to install it, Just use the arrow keys, tab, and enter keys.



Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here or here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.
For a complete visual tutorial of MBAM, see http://thespykiller.co.uk/index.php/topic,5946.0.html


Please include the following in your reply:
MBAM log
TDSSKiller Log

Edited by Sightless, 21 November 2012 - 07:49 PM.


#3 bjohnson1982

bjohnson1982
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 21 November 2012 - 09:44 PM

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.22.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Beejous :: BRIANS-PC [administrator]

11/21/2012 8:33:04 PM
mbam-log-2012-11-21 (20-33-04).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 217078
Time elapsed: 7 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Beejous\AppData\Local\Temp\is357113909\FunmoodsLatest.exe (PUP.FunMoods) -> Quarantined and deleted successfully.

(end)


--------------------------------------------------------------------------------------
20:30:20.0926 5916 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:30:21.0581 5916 ============================================================
20:30:21.0581 5916 Current date / time: 2012/11/21 20:30:21.0581
20:30:21.0581 5916 SystemInfo:
20:30:21.0581 5916
20:30:21.0581 5916 OS Version: 6.1.7601 ServicePack: 1.0
20:30:21.0581 5916 Product type: Workstation
20:30:21.0581 5916 ComputerName: BRIANS-PC
20:30:21.0581 5916 UserName: Beejous
20:30:21.0581 5916 Windows directory: C:\windows
20:30:21.0581 5916 System windows directory: C:\windows
20:30:21.0581 5916 Running under WOW64
20:30:21.0581 5916 Processor architecture: Intel x64
20:30:21.0581 5916 Number of processors: 4
20:30:21.0581 5916 Page size: 0x1000
20:30:21.0581 5916 Boot type: Normal boot
20:30:21.0581 5916 ============================================================
20:30:22.0121 5916 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:30:22.0126 5916 ============================================================
20:30:22.0126 5916 \Device\Harddisk0\DR0:
20:30:22.0126 5916 MBR partitions:
20:30:22.0126 5916 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38C58000
20:30:22.0126 5916 ============================================================
20:30:22.0156 5916 C: <-> \Device\Harddisk0\DR0\Partition1
20:30:22.0156 5916 ============================================================
20:30:22.0156 5916 Initialize success
20:30:22.0156 5916 ============================================================
20:30:24.0006 5436 ============================================================
20:30:24.0006 5436 Scan started
20:30:24.0006 5436 Mode: Manual;
20:30:24.0006 5436 ============================================================
20:30:25.0591 5436 ================ Scan system memory ========================
20:30:25.0591 5436 System memory - ok
20:30:25.0591 5436 ================ Scan services =============================
20:30:25.0821 5436 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
20:30:25.0826 5436 1394ohci - ok
20:30:25.0851 5436 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
20:30:25.0856 5436 ACPI - ok
20:30:25.0916 5436 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
20:30:25.0921 5436 AcpiPmi - ok
20:30:26.0071 5436 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:30:26.0071 5436 AdobeARMservice - ok
20:30:26.0781 5436 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:30:26.0786 5436 AdobeFlashPlayerUpdateSvc - ok
20:30:27.0056 5436 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
20:30:27.0066 5436 adp94xx - ok
20:30:27.0131 5436 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
20:30:27.0141 5436 adpahci - ok
20:30:27.0186 5436 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
20:30:27.0191 5436 adpu320 - ok
20:30:27.0251 5436 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
20:30:27.0256 5436 AeLookupSvc - ok
20:30:27.0316 5436 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
20:30:27.0326 5436 AFD - ok
20:30:27.0451 5436 [ 7E077309910CE334C3B2B7B8665A55C4 ] AffinegyService C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
20:30:27.0456 5436 AffinegyService - ok
20:30:27.0526 5436 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
20:30:27.0551 5436 AgereSoftModem - ok
20:30:27.0596 5436 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
20:30:27.0601 5436 agp440 - ok
20:30:27.0646 5436 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
20:30:27.0646 5436 ALG - ok
20:30:27.0706 5436 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
20:30:27.0711 5436 aliide - ok
20:30:27.0721 5436 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
20:30:27.0726 5436 amdide - ok
20:30:27.0756 5436 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
20:30:27.0756 5436 AmdK8 - ok
20:30:27.0801 5436 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
20:30:27.0801 5436 AmdPPM - ok
20:30:27.0881 5436 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
20:30:27.0881 5436 amdsata - ok
20:30:27.0916 5436 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
20:30:27.0941 5436 amdsbs - ok
20:30:27.0996 5436 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
20:30:28.0001 5436 amdxata - ok
20:30:28.0056 5436 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
20:30:28.0056 5436 AppID - ok
20:30:28.0076 5436 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
20:30:28.0076 5436 AppIDSvc - ok
20:30:28.0116 5436 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
20:30:28.0116 5436 Appinfo - ok
20:30:28.0236 5436 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:30:28.0241 5436 Apple Mobile Device - ok
20:30:28.0306 5436 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
20:30:28.0306 5436 arc - ok
20:30:28.0336 5436 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
20:30:28.0336 5436 arcsas - ok
20:30:28.0391 5436 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
20:30:28.0396 5436 AsyncMac - ok
20:30:28.0436 5436 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
20:30:28.0436 5436 atapi - ok
20:30:28.0506 5436 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:30:28.0516 5436 AudioEndpointBuilder - ok
20:30:28.0541 5436 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
20:30:28.0546 5436 AudioSrv - ok
20:30:28.0606 5436 [ 96B4456F1DCA4EDA506ED31C7D2D6B05 ] Avgfwfd C:\windows\system32\DRIVERS\avgfwd6a.sys
20:30:28.0606 5436 Avgfwfd - ok
20:30:28.0761 5436 [ BB8214A1EC4F74D67B51DC3C1BA11343 ] avgfws C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
20:30:28.0801 5436 avgfws - ok
20:30:29.0021 5436 [ 6EAD3146A0894F5EB9AD02542B1C7DE5 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
20:30:29.0156 5436 AVGIDSAgent - ok
20:30:29.0186 5436 [ E29EA1A0EC7AB9FA2DC7E75A03F12A4F ] AVGIDSDriver C:\windows\system32\DRIVERS\AVGIDSDriver.Sys
20:30:29.0191 5436 AVGIDSDriver - ok
20:30:29.0216 5436 [ F823D184B8E8FFB8DA3EAD45DBF5BD6A ] AVGIDSEH C:\windows\system32\DRIVERS\AVGIDSEH.Sys
20:30:29.0216 5436 AVGIDSEH - ok
20:30:29.0236 5436 [ ED2B25BD7FE35D1944211968842D30DA ] AVGIDSFilter C:\windows\system32\DRIVERS\AVGIDSFilter.Sys
20:30:29.0241 5436 AVGIDSFilter - ok
20:30:29.0311 5436 [ DADFCCFB036DA99FA83E7E1D29290A6C ] Avgldx64 C:\windows\system32\DRIVERS\avgldx64.sys
20:30:29.0316 5436 Avgldx64 - ok
20:30:29.0346 5436 [ 36B1A5843695766EAC714DAFFC5B84D1 ] Avgmfx64 C:\windows\system32\DRIVERS\avgmfx64.sys
20:30:29.0346 5436 Avgmfx64 - ok
20:30:29.0396 5436 [ 5A7AA579D4FA072FB9715F8D83EB1F00 ] Avgrkx64 C:\windows\system32\DRIVERS\avgrkx64.sys
20:30:29.0396 5436 Avgrkx64 - ok
20:30:29.0426 5436 [ 11F36D3EA82D9DB9AA05A476A210551B ] Avgtdia C:\windows\system32\DRIVERS\avgtdia.sys
20:30:29.0431 5436 Avgtdia - ok
20:30:29.0476 5436 [ 6699ECE24FE4B3F752A66C66A602EE86 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
20:30:29.0481 5436 avgwd - ok
20:30:29.0551 5436 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
20:30:29.0551 5436 AxInstSV - ok
20:30:29.0601 5436 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
20:30:29.0611 5436 b06bdrv - ok
20:30:29.0661 5436 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
20:30:29.0666 5436 b57nd60a - ok
20:30:29.0796 5436 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
20:30:29.0801 5436 BDESVC - ok
20:30:29.0831 5436 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
20:30:29.0831 5436 Beep - ok
20:30:29.0976 5436 [ 299E54DB3638A18E47BD3A2D2EF499F7 ] Belkin Local Backup Service C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
20:30:29.0981 5436 Belkin Local Backup Service - ok
20:30:30.0036 5436 [ E62A04D615A8CAC83601E1F07C010D3C ] Belkin Network USB Helper C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
20:30:30.0041 5436 Belkin Network USB Helper - ok
20:30:30.0116 5436 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
20:30:30.0126 5436 BFE - ok
20:30:30.0181 5436 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
20:30:30.0196 5436 BITS - ok
20:30:30.0216 5436 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
20:30:30.0216 5436 blbdrive - ok
20:30:30.0306 5436 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:30:30.0316 5436 Bonjour Service - ok
20:30:30.0371 5436 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
20:30:30.0376 5436 bowser - ok
20:30:30.0401 5436 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
20:30:30.0401 5436 BrFiltLo - ok
20:30:30.0441 5436 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
20:30:30.0446 5436 BrFiltUp - ok
20:30:30.0511 5436 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\windows\System32\browser.dll
20:30:30.0511 5436 Browser - ok
20:30:30.0541 5436 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
20:30:30.0546 5436 Brserid - ok
20:30:30.0576 5436 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
20:30:30.0576 5436 BrSerWdm - ok
20:30:30.0611 5436 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
20:30:30.0611 5436 BrUsbMdm - ok
20:30:30.0636 5436 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
20:30:30.0641 5436 BrUsbSer - ok
20:30:30.0676 5436 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
20:30:30.0681 5436 BTHMODEM - ok
20:30:30.0736 5436 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
20:30:30.0741 5436 bthserv - ok
20:30:30.0791 5436 catchme - ok
20:30:30.0841 5436 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
20:30:30.0846 5436 cdfs - ok
20:30:30.0911 5436 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys
20:30:30.0916 5436 cdrom - ok
20:30:30.0956 5436 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
20:30:30.0961 5436 CertPropSvc - ok
20:30:31.0011 5436 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
20:30:31.0011 5436 circlass - ok
20:30:31.0071 5436 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
20:30:31.0076 5436 CLFS - ok
20:30:31.0156 5436 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:30:31.0161 5436 clr_optimization_v2.0.50727_32 - ok
20:30:31.0206 5436 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:30:31.0206 5436 clr_optimization_v2.0.50727_64 - ok
20:30:31.0301 5436 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:30:31.0306 5436 clr_optimization_v4.0.30319_32 - ok
20:30:31.0402 5436 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:30:31.0407 5436 clr_optimization_v4.0.30319_64 - ok
20:30:31.0427 5436 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
20:30:31.0427 5436 CmBatt - ok
20:30:31.0462 5436 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
20:30:31.0467 5436 cmdide - ok
20:30:31.0517 5436 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
20:30:31.0522 5436 CNG - ok
20:30:31.0542 5436 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
20:30:31.0542 5436 Compbatt - ok
20:30:31.0602 5436 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
20:30:31.0607 5436 CompositeBus - ok
20:30:31.0617 5436 COMSysApp - ok
20:30:31.0657 5436 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
20:30:31.0657 5436 crcdisk - ok
20:30:31.0737 5436 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
20:30:31.0742 5436 CryptSvc - ok
20:30:32.0217 5436 [ 9E24CB0740B17C6ADCB0170B48820EF4 ] cypherixservice C:\windows\SysWOW64\cypherixsrv.exe
20:30:32.0227 5436 cypherixservice - ok
20:30:32.0372 5436 [ BF1F536BC7916EDE926434B5F436A35A ] cyphxdrv C:\windows\system32\Drivers\cyphxdrv.sys
20:30:32.0372 5436 cyphxdrv - ok
20:30:32.0442 5436 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
20:30:32.0452 5436 DcomLaunch - ok
20:30:32.0482 5436 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
20:30:32.0487 5436 defragsvc - ok
20:30:32.0532 5436 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
20:30:32.0537 5436 DfsC - ok
20:30:32.0592 5436 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
20:30:32.0597 5436 Dhcp - ok
20:30:32.0642 5436 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
20:30:32.0642 5436 discache - ok
20:30:32.0702 5436 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
20:30:32.0707 5436 Disk - ok
20:30:32.0752 5436 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
20:30:32.0752 5436 Dnscache - ok
20:30:32.0792 5436 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
20:30:32.0802 5436 dot3svc - ok
20:30:32.0877 5436 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\windows\system32\DRIVERS\Dot4.sys
20:30:32.0882 5436 Dot4 - ok
20:30:32.0947 5436 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\windows\system32\drivers\Dot4Prt.sys
20:30:32.0952 5436 Dot4Print - ok
20:30:32.0982 5436 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
20:30:32.0987 5436 dot4usb - ok
20:30:33.0027 5436 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
20:30:33.0032 5436 DPS - ok
20:30:33.0082 5436 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
20:30:33.0082 5436 drmkaud - ok
20:30:33.0147 5436 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
20:30:33.0162 5436 DXGKrnl - ok
20:30:33.0187 5436 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
20:30:33.0187 5436 EapHost - ok
20:30:33.0317 5436 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
20:30:33.0442 5436 ebdrv - ok
20:30:33.0502 5436 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
20:30:33.0502 5436 EFS - ok
20:30:33.0587 5436 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
20:30:33.0597 5436 ehRecvr - ok
20:30:33.0637 5436 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
20:30:33.0637 5436 ehSched - ok
20:30:33.0672 5436 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
20:30:33.0682 5436 elxstor - ok
20:30:33.0722 5436 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
20:30:33.0722 5436 ErrDev - ok
20:30:33.0762 5436 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
20:30:33.0767 5436 EventSystem - ok
20:30:33.0807 5436 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
20:30:33.0812 5436 exfat - ok
20:30:33.0832 5436 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
20:30:33.0837 5436 fastfat - ok
20:30:33.0947 5436 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
20:30:33.0957 5436 Fax - ok
20:30:34.0002 5436 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
20:30:34.0002 5436 fdc - ok
20:30:34.0037 5436 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
20:30:34.0037 5436 fdPHost - ok
20:30:34.0052 5436 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
20:30:34.0057 5436 FDResPub - ok
20:30:34.0092 5436 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
20:30:34.0092 5436 FileInfo - ok
20:30:34.0112 5436 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
20:30:34.0117 5436 Filetrace - ok
20:30:34.0247 5436 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:30:34.0262 5436 FLEXnet Licensing Service - ok
20:30:34.0277 5436 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
20:30:34.0282 5436 flpydisk - ok
20:30:34.0322 5436 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
20:30:34.0327 5436 FltMgr - ok
20:30:34.0402 5436 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
20:30:34.0422 5436 FontCache - ok
20:30:34.0512 5436 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:30:34.0512 5436 FontCache3.0.0.0 - ok
20:30:34.0537 5436 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
20:30:34.0542 5436 FsDepends - ok
20:30:34.0592 5436 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
20:30:34.0592 5436 Fs_Rec - ok
20:30:34.0642 5436 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
20:30:34.0647 5436 fvevol - ok
20:30:34.0672 5436 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
20:30:34.0677 5436 gagp30kx - ok
20:30:34.0797 5436 [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
20:30:34.0807 5436 GameConsoleService - ok
20:30:34.0857 5436 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
20:30:34.0862 5436 GEARAspiWDM - ok
20:30:34.0907 5436 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
20:30:34.0922 5436 gpsvc - ok
20:30:35.0022 5436 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:30:35.0027 5436 gupdate - ok
20:30:35.0052 5436 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:30:35.0052 5436 gupdatem - ok
20:30:35.0092 5436 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
20:30:35.0092 5436 hcw85cir - ok
20:30:35.0152 5436 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:30:35.0162 5436 HdAudAddService - ok
20:30:35.0192 5436 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
20:30:35.0197 5436 HDAudBus - ok
20:30:35.0227 5436 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
20:30:35.0227 5436 HECIx64 - ok
20:30:35.0262 5436 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
20:30:35.0267 5436 HidBatt - ok
20:30:35.0287 5436 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
20:30:35.0287 5436 HidBth - ok
20:30:35.0322 5436 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
20:30:35.0322 5436 HidIr - ok
20:30:35.0348 5436 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
20:30:35.0348 5436 hidserv - ok
20:30:35.0408 5436 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys
20:30:35.0408 5436 HidUsb - ok
20:30:35.0478 5436 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
20:30:35.0483 5436 hkmsvc - ok
20:30:35.0543 5436 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:30:35.0548 5436 HomeGroupListener - ok
20:30:35.0588 5436 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:30:35.0593 5436 HomeGroupProvider - ok
20:30:35.0713 5436 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:30:35.0718 5436 hpqcxs08 - ok
20:30:35.0748 5436 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:30:35.0753 5436 hpqddsvc - ok
20:30:35.0798 5436 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
20:30:35.0803 5436 HpSAMD - ok
20:30:35.0868 5436 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
20:30:35.0883 5436 HTTP - ok
20:30:35.0918 5436 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
20:30:35.0918 5436 hwpolicy - ok
20:30:35.0983 5436 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
20:30:35.0983 5436 i8042prt - ok
20:30:36.0058 5436 [ 42E00996DFC13C46366689C0EA8ABC5E ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
20:30:36.0063 5436 iaStor - ok
20:30:36.0118 5436 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
20:30:36.0123 5436 iaStorV - ok
20:30:36.0198 5436 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:30:36.0213 5436 idsvc - ok
20:30:36.0489 5436 [ 898AB5BFED7040D7AB07AF01885EB944 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
20:30:36.0714 5436 igfx - ok
20:30:36.0784 5436 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
20:30:36.0789 5436 iirsp - ok
20:30:36.0844 5436 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
20:30:36.0859 5436 IKEEXT - ok
20:30:36.0894 5436 [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
20:30:36.0894 5436 Impcd - ok
20:30:37.0009 5436 [ 490947A9AFF7CA31EF2E08F5776105EB ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
20:30:37.0039 5436 IntcAzAudAddService - ok
20:30:37.0079 5436 [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
20:30:37.0084 5436 IntcDAud - ok
20:30:37.0124 5436 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
20:30:37.0129 5436 intelide - ok
20:30:37.0184 5436 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
20:30:37.0189 5436 intelppm - ok
20:30:37.0219 5436 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
20:30:37.0224 5436 IPBusEnum - ok
20:30:37.0264 5436 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
20:30:37.0269 5436 IpFilterDriver - ok
20:30:37.0309 5436 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
20:30:37.0319 5436 iphlpsvc - ok
20:30:37.0359 5436 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
20:30:37.0364 5436 IPMIDRV - ok
20:30:37.0399 5436 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
20:30:37.0404 5436 IPNAT - ok
20:30:37.0509 5436 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:30:37.0524 5436 iPod Service - ok
20:30:37.0559 5436 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
20:30:37.0559 5436 IRENUM - ok
20:30:37.0594 5436 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
20:30:37.0594 5436 isapnp - ok
20:30:37.0644 5436 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
20:30:37.0649 5436 iScsiPrt - ok
20:30:37.0694 5436 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
20:30:37.0694 5436 kbdclass - ok
20:30:37.0754 5436 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
20:30:37.0754 5436 kbdhid - ok
20:30:37.0779 5436 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
20:30:37.0784 5436 KeyIso - ok
20:30:37.0824 5436 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
20:30:37.0829 5436 KSecDD - ok
20:30:37.0849 5436 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
20:30:37.0854 5436 KSecPkg - ok
20:30:37.0904 5436 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
20:30:37.0909 5436 ksthunk - ok
20:30:37.0944 5436 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
20:30:37.0949 5436 KtmRm - ok
20:30:38.0004 5436 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
20:30:38.0009 5436 LanmanServer - ok
20:30:38.0059 5436 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:30:38.0064 5436 LanmanWorkstation - ok
20:30:38.0114 5436 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
20:30:38.0114 5436 lltdio - ok
20:30:38.0149 5436 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
20:30:38.0159 5436 lltdsvc - ok
20:30:38.0194 5436 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
20:30:38.0194 5436 lmhosts - ok
20:30:38.0329 5436 [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:30:38.0329 5436 LMS - ok
20:30:38.0389 5436 [ 41E122F6D1448C94CC05196BC41D6BFB ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
20:30:38.0394 5436 LPCFilter - ok
20:30:38.0429 5436 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
20:30:38.0434 5436 LSI_FC - ok
20:30:38.0454 5436 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
20:30:38.0459 5436 LSI_SAS - ok
20:30:38.0499 5436 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
20:30:38.0504 5436 LSI_SAS2 - ok
20:30:38.0544 5436 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
20:30:38.0549 5436 LSI_SCSI - ok
20:30:38.0584 5436 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
20:30:38.0589 5436 luafv - ok
20:30:38.0644 5436 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
20:30:38.0644 5436 MBAMProtector - ok
20:30:38.0769 5436 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:30:38.0774 5436 MBAMScheduler - ok
20:30:38.0849 5436 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:30:38.0864 5436 MBAMService - ok
20:30:38.0949 5436 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
20:30:38.0954 5436 McComponentHostService - ok
20:30:39.0004 5436 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
20:30:39.0009 5436 Mcx2Svc - ok
20:30:39.0024 5436 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
20:30:39.0024 5436 megasas - ok
20:30:39.0084 5436 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
20:30:39.0089 5436 MegaSR - ok
20:30:39.0119 5436 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
20:30:39.0124 5436 MMCSS - ok
20:30:39.0149 5436 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
20:30:39.0154 5436 Modem - ok
20:30:39.0179 5436 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
20:30:39.0179 5436 monitor - ok
20:30:39.0214 5436 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys
20:30:39.0214 5436 mouclass - ok
20:30:39.0254 5436 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
20:30:39.0254 5436 mouhid - ok
20:30:39.0430 5436 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
20:30:39.0435 5436 mountmgr - ok
20:30:39.0510 5436 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:30:39.0515 5436 MozillaMaintenance - ok
20:30:39.0560 5436 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
20:30:39.0565 5436 mpio - ok
20:30:39.0600 5436 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
20:30:39.0600 5436 mpsdrv - ok
20:30:39.0655 5436 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
20:30:39.0670 5436 MpsSvc - ok
20:30:39.0720 5436 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
20:30:39.0725 5436 MRxDAV - ok
20:30:39.0780 5436 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
20:30:39.0780 5436 mrxsmb - ok
20:30:39.0830 5436 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
20:30:39.0835 5436 mrxsmb10 - ok
20:30:39.0875 5436 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
20:30:39.0880 5436 mrxsmb20 - ok
20:30:39.0915 5436 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
20:30:39.0920 5436 msahci - ok
20:30:39.0960 5436 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
20:30:39.0965 5436 msdsm - ok
20:30:39.0990 5436 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
20:30:39.0995 5436 MSDTC - ok
20:30:40.0025 5436 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
20:30:40.0030 5436 Msfs - ok
20:30:40.0065 5436 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
20:30:40.0070 5436 mshidkmdf - ok
20:30:40.0115 5436 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
20:30:40.0120 5436 msisadrv - ok
20:30:40.0155 5436 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
20:30:40.0160 5436 MSiSCSI - ok
20:30:40.0165 5436 msiserver - ok
20:30:40.0200 5436 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
20:30:40.0205 5436 MSKSSRV - ok
20:30:40.0235 5436 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
20:30:40.0235 5436 MSPCLOCK - ok
20:30:40.0245 5436 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
20:30:40.0250 5436 MSPQM - ok
20:30:40.0300 5436 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
20:30:40.0305 5436 MsRPC - ok
20:30:40.0355 5436 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
20:30:40.0355 5436 mssmbios - ok
20:30:40.0405 5436 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
20:30:40.0410 5436 MSTEE - ok
20:30:40.0475 5436 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
20:30:40.0480 5436 MTConfig - ok
20:30:40.0505 5436 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
20:30:40.0505 5436 Mup - ok
20:30:40.0555 5436 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
20:30:40.0565 5436 napagent - ok
20:30:40.0640 5436 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
20:30:40.0645 5436 NativeWifiP - ok
20:30:40.0725 5436 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
20:30:40.0745 5436 NDIS - ok
20:30:40.0790 5436 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
20:30:40.0790 5436 NdisCap - ok
20:30:40.0820 5436 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
20:30:40.0820 5436 NdisTapi - ok
20:30:40.0860 5436 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
20:30:40.0865 5436 Ndisuio - ok
20:30:40.0910 5436 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
20:30:40.0915 5436 NdisWan - ok
20:30:40.0950 5436 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
20:30:40.0950 5436 NDProxy - ok
20:30:41.0015 5436 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:30:41.0015 5436 Net Driver HPZ12 - ok
20:30:41.0050 5436 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
20:30:41.0055 5436 NetBIOS - ok
20:30:41.0095 5436 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
20:30:41.0105 5436 NetBT - ok
20:30:41.0135 5436 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
20:30:41.0140 5436 Netlogon - ok
20:30:41.0185 5436 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
20:30:41.0195 5436 Netman - ok
20:30:41.0220 5436 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
20:30:41.0230 5436 netprofm - ok
20:30:41.0255 5436 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:30:41.0260 5436 NetTcpPortSharing - ok
20:30:41.0295 5436 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
20:30:41.0300 5436 nfrd960 - ok
20:30:41.0355 5436 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
20:30:41.0365 5436 NlaSvc - ok
20:30:41.0405 5436 Norton PC Checkup Application Launcher - ok
20:30:41.0425 5436 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
20:30:41.0425 5436 Npfs - ok
20:30:41.0445 5436 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
20:30:41.0445 5436 nsi - ok
20:30:41.0470 5436 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
20:30:41.0470 5436 nsiproxy - ok
20:30:41.0555 5436 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
20:30:41.0595 5436 Ntfs - ok
20:30:41.0625 5436 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
20:30:41.0630 5436 Null - ok
20:30:41.0685 5436 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
20:30:41.0690 5436 nvraid - ok
20:30:41.0715 5436 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
20:30:41.0720 5436 nvstor - ok
20:30:41.0770 5436 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
20:30:41.0775 5436 nv_agp - ok
20:30:41.0870 5436 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:30:41.0875 5436 odserv - ok
20:30:41.0925 5436 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
20:30:41.0925 5436 ohci1394 - ok
20:30:41.0985 5436 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:30:41.0985 5436 ose - ok
20:30:42.0025 5436 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
20:30:42.0030 5436 p2pimsvc - ok
20:30:42.0070 5436 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
20:30:42.0080 5436 p2psvc - ok
20:30:42.0120 5436 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
20:30:42.0125 5436 Parport - ok
20:30:42.0165 5436 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
20:30:42.0165 5436 partmgr - ok
20:30:42.0200 5436 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
20:30:42.0205 5436 PcaSvc - ok
20:30:42.0255 5436 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
20:30:42.0255 5436 PCCUJobMgr - ok
20:30:42.0300 5436 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
20:30:42.0305 5436 pci - ok
20:30:42.0320 5436 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
20:30:42.0325 5436 pciide - ok
20:30:42.0370 5436 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
20:30:42.0375 5436 pcmcia - ok
20:30:42.0400 5436 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
20:30:42.0405 5436 pcw - ok
20:30:42.0435 5436 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
20:30:42.0445 5436 PEAUTH - ok
20:30:42.0855 5436 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
20:30:42.0860 5436 PerfHost - ok
20:30:43.0090 5436 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
20:30:43.0090 5436 PGEffect - ok
20:30:43.0180 5436 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
20:30:43.0200 5436 pla - ok
20:30:43.0255 5436 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
20:30:43.0265 5436 PlugPlay - ok
20:30:43.0340 5436 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:30:43.0345 5436 Pml Driver HPZ12 - ok
20:30:43.0370 5436 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
20:30:43.0370 5436 PNRPAutoReg - ok
20:30:43.0390 5436 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
20:30:43.0395 5436 PNRPsvc - ok
20:30:43.0445 5436 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
20:30:43.0455 5436 PolicyAgent - ok
20:30:43.0490 5436 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
20:30:43.0495 5436 Power - ok
20:30:43.0545 5436 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
20:30:43.0550 5436 PptpMiniport - ok
20:30:43.0585 5436 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
20:30:43.0585 5436 Processor - ok
20:30:43.0635 5436 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
20:30:43.0645 5436 ProfSvc - ok
20:30:43.0680 5436 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
20:30:43.0685 5436 ProtectedStorage - ok
20:30:43.0730 5436 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
20:30:43.0730 5436 Psched - ok
20:30:43.0795 5436 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\windows\system32\DRIVERS\psi_mf.sys
20:30:43.0795 5436 PSI - ok
20:30:43.0860 5436 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
20:30:43.0880 5436 ql2300 - ok
20:30:43.0905 5436 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
20:30:43.0910 5436 ql40xx - ok
20:30:43.0955 5436 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
20:30:43.0965 5436 QWAVE - ok
20:30:43.0995 5436 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
20:30:43.0995 5436 QWAVEdrv - ok
20:30:44.0015 5436 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
20:30:44.0020 5436 RasAcd - ok
20:30:44.0095 5436 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
20:30:44.0100 5436 RasAgileVpn - ok
20:30:44.0160 5436 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
20:30:44.0165 5436 RasAuto - ok
20:30:44.0210 5436 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
20:30:44.0215 5436 Rasl2tp - ok
20:30:44.0270 5436 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
20:30:44.0280 5436 RasMan - ok
20:30:44.0315 5436 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
20:30:44.0315 5436 RasPppoe - ok
20:30:44.0350 5436 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
20:30:44.0350 5436 RasSstp - ok
20:30:44.0390 5436 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
20:30:44.0395 5436 rdbss - ok
20:30:44.0415 5436 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
20:30:44.0420 5436 rdpbus - ok
20:30:44.0450 5436 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
20:30:44.0455 5436 RDPCDD - ok
20:30:44.0475 5436 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
20:30:44.0475 5436 RDPENCDD - ok
20:30:44.0495 5436 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
20:30:44.0495 5436 RDPREFMP - ok
20:30:44.0545 5436 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
20:30:44.0550 5436 RDPWD - ok
20:30:44.0605 5436 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
20:30:44.0610 5436 rdyboost - ok
20:30:44.0635 5436 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
20:30:44.0640 5436 RemoteAccess - ok
20:30:44.0745 5436 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
20:30:44.0750 5436 RemoteRegistry - ok
20:30:44.0770 5436 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
20:30:44.0775 5436 RpcEptMapper - ok
20:30:44.0805 5436 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
20:30:44.0805 5436 RpcLocator - ok
20:30:44.0865 5436 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\System32\rpcss.dll
20:30:44.0875 5436 RpcSs - ok
20:30:44.0905 5436 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
20:30:44.0910 5436 rspndr - ok
20:30:44.0965 5436 [ 907C4464381B5EBDFDC60F6C7D0DEDFC ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
20:30:44.0970 5436 RSUSBSTOR - ok
20:30:44.0990 5436 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
20:30:45.0000 5436 RTL8167 - ok
20:30:45.0030 5436 [ A8ED9726734D403217A4861A6788B144 ] rtl8192se C:\windows\system32\DRIVERS\rtl8192se.sys
20:30:45.0045 5436 rtl8192se - ok
20:30:45.0060 5436 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
20:30:45.0060 5436 SamSs - ok
20:30:45.0110 5436 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
20:30:45.0115 5436 sbp2port - ok
20:30:45.0150 5436 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
20:30:45.0155 5436 SCardSvr - ok
20:30:45.0185 5436 SCardSvr32 - ok
20:30:45.0225 5436 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
20:30:45.0230 5436 scfilter - ok
20:30:45.0290 5436 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
20:30:45.0310 5436 Schedule - ok
20:30:45.0350 5436 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
20:30:45.0350 5436 SCPolicySvc - ok
20:30:45.0395 5436 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
20:30:45.0400 5436 SDRSVC - ok
20:30:45.0455 5436 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
20:30:45.0455 5436 secdrv - ok
20:30:45.0510 5436 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
20:30:45.0510 5436 seclogon - ok
20:30:45.0620 5436 [ FC4842CECAF2A938BE13A6C534034088 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
20:30:45.0635 5436 Secunia PSI Agent - ok
20:30:45.0690 5436 [ 401C960E9C95D35CFFB17CA57C4406FB ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
20:30:45.0700 5436 Secunia Update Agent - ok
20:30:45.0735 5436 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
20:30:45.0740 5436 SENS - ok
20:30:45.0760 5436 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
20:30:45.0760 5436 SensrSvc - ok
20:30:45.0785 5436 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
20:30:45.0785 5436 Serenum - ok
20:30:45.0845 5436 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
20:30:45.0845 5436 Serial - ok
20:30:45.0915 5436 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
20:30:45.0920 5436 sermouse - ok
20:30:45.0970 5436 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
20:30:45.0975 5436 SessionEnv - ok
20:30:46.0010 5436 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
20:30:46.0015 5436 sffdisk - ok
20:30:46.0025 5436 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
20:30:46.0025 5436 sffp_mmc - ok
20:30:46.0040 5436 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
20:30:46.0045 5436 sffp_sd - ok
20:30:46.0095 5436 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
20:30:46.0095 5436 sfloppy - ok
20:30:46.0145 5436 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
20:30:46.0155 5436 SharedAccess - ok
20:30:46.0205 5436 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:30:46.0215 5436 ShellHWDetection - ok
20:30:46.0250 5436 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
20:30:46.0250 5436 SiSRaid2 - ok
20:30:46.0275 5436 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
20:30:46.0275 5436 SiSRaid4 - ok
20:30:46.0345 5436 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:30:46.0350 5436 SkypeUpdate - ok
20:30:46.0380 5436 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
20:30:46.0385 5436 Smb - ok
20:30:46.0435 5436 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
20:30:46.0435 5436 SNMPTRAP - ok
20:30:46.0475 5436 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
20:30:46.0475 5436 spldr - ok
20:30:46.0525 5436 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\windows\System32\spoolsv.exe
20:30:46.0540 5436 Spooler - ok
20:30:46.0665 5436 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
20:30:46.0755 5436 sppsvc - ok
20:30:46.0780 5436 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
20:30:46.0785 5436 sppuinotify - ok
20:30:46.0830 5436 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
20:30:46.0835 5436 srv - ok
20:30:46.0890 5436 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
20:30:46.0900 5436 srv2 - ok
20:30:46.0920 5436 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
20:30:46.0925 5436 srvnet - ok
20:30:46.0960 5436 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
20:30:46.0965 5436 SSDPSRV - ok
20:30:46.0980 5436 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
20:30:46.0985 5436 SstpSvc - ok
20:30:47.0020 5436 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
20:30:47.0025 5436 stexstor - ok
20:30:47.0100 5436 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
20:30:47.0110 5436 stisvc - ok
20:30:47.0150 5436 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
20:30:47.0150 5436 swenum - ok
20:30:47.0190 5436 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
20:30:47.0200 5436 swprv - ok
20:30:47.0235 5436 [ 52EB25BD8AB4E331028C48B178441B36 ] sxuptp C:\windows\system32\DRIVERS\sxuptp.sys
20:30:47.0240 5436 sxuptp - ok
20:30:47.0265 5436 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
20:30:47.0270 5436 SynTP - ok
20:30:47.0351 5436 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
20:30:47.0376 5436 SysMain - ok
20:30:47.0416 5436 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
20:30:47.0421 5436 TabletInputService - ok
20:30:47.0446 5436 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
20:30:47.0451 5436 TapiSrv - ok
20:30:47.0486 5436 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
20:30:47.0486 5436 TBS - ok
20:30:47.0581 5436 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
20:30:47.0616 5436 Tcpip - ok
20:30:47.0691 5436 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
20:30:47.0711 5436 TCPIP6 - ok
20:30:47.0756 5436 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
20:30:47.0756 5436 tcpipreg - ok
20:30:47.0821 5436 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
20:30:47.0821 5436 tdcmdpst - ok
20:30:47.0856 5436 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
20:30:47.0861 5436 TDPIPE - ok
20:30:47.0896 5436 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
20:30:47.0901 5436 TDTCP - ok
20:30:47.0956 5436 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
20:30:47.0961 5436 tdx - ok
20:30:48.0006 5436 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
20:30:48.0011 5436 TermDD - ok
20:30:48.0066 5436 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
20:30:48.0081 5436 TermService - ok
20:30:48.0111 5436 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
20:30:48.0116 5436 Themes - ok
20:30:48.0156 5436 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
20:30:48.0156 5436 THREADORDER - ok
20:30:48.0251 5436 [ 28644B0523D64EFF2FC7312A2EE74B0A ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
20:30:48.0251 5436 TMachInfo - ok
20:30:48.0301 5436 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
20:30:48.0306 5436 TODDSrv - ok
20:30:48.0436 5436 [ 98C864481D62F86EC8AF65BE3419A95B ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
20:30:48.0446 5436 TosCoSrv - ok
20:30:48.0526 5436 [ 2AB7A4697462EDB0C9DFAFC529746BA9 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
20:30:48.0531 5436 TOSHIBA eco Utility Service - ok
20:30:48.0586 5436 [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
20:30:48.0591 5436 TOSHIBA HDD SSD Alert Service - ok
20:30:48.0696 5436 [ 97687D094AA597DA366E1194B218CC6C ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
20:30:48.0706 5436 TPCHSrv - ok
20:30:48.0751 5436 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
20:30:48.0756 5436 TrkWks - ok
20:30:48.0826 5436 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:30:48.0831 5436 TrustedInstaller - ok
20:30:48.0876 5436 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
20:30:48.0881 5436 tssecsrv - ok
20:30:48.0951 5436 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
20:30:48.0956 5436 TsUsbFlt - ok
20:30:49.0021 5436 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
20:30:49.0026 5436 tunnel - ok
20:30:49.0041 5436 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
20:30:49.0041 5436 TVALZ - ok
20:30:49.0061 5436 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
20:30:49.0061 5436 TVALZFL - ok
20:30:49.0096 5436 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
20:30:49.0101 5436 uagp35 - ok
20:30:49.0151 5436 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
20:30:49.0161 5436 udfs - ok
20:30:49.0191 5436 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
20:30:49.0191 5436 UI0Detect - ok
20:30:49.0256 5436 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
20:30:49.0261 5436 uliagpkx - ok
20:30:49.0296 5436 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
20:30:49.0296 5436 umbus - ok
20:30:49.0346 5436 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
20:30:49.0346 5436 UmPass - ok
20:30:49.0521 5436 [ 41118D920B2B268C0ADC36421248CDCF ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:30:49.0541 5436 UNS - ok
20:30:49.0576 5436 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
20:30:49.0581 5436 upnphost - ok
20:30:49.0621 5436 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
20:30:49.0626 5436 USBAAPL64 - ok
20:30:49.0666 5436 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
20:30:49.0666 5436 usbccgp - ok
20:30:49.0726 5436 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
20:30:49.0731 5436 usbcir - ok
20:30:49.0776 5436 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
20:30:49.0776 5436 usbehci - ok
20:30:49.0821 5436 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
20:30:49.0826 5436 usbhub - ok
20:30:49.0861 5436 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
20:30:49.0861 5436 usbohci - ok
20:30:49.0901 5436 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
20:30:49.0901 5436 usbprint - ok
20:30:49.0921 5436 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
20:30:49.0921 5436 usbscan - ok
20:30:49.0961 5436 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
20:30:49.0966 5436 USBSTOR - ok
20:30:50.0011 5436 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
20:30:50.0016 5436 usbuhci - ok
20:30:50.0061 5436 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
20:30:50.0066 5436 usbvideo - ok
20:30:50.0091 5436 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
20:30:50.0096 5436 UxSms - ok
20:30:50.0116 5436 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
20:30:50.0116 5436 VaultSvc - ok
20:30:50.0146 5436 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
20:30:50.0151 5436 vdrvroot - ok
20:30:50.0201 5436 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
20:30:50.0211 5436 vds - ok
20:30:50.0251 5436 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
20:30:50.0256 5436 vga - ok
20:30:50.0286 5436 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
20:30:50.0291 5436 VgaSave - ok
20:30:50.0331 5436 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
20:30:50.0336 5436 vhdmp - ok
20:30:50.0381 5436 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
20:30:50.0381 5436 viaide - ok
20:30:50.0396 5436 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
20:30:50.0396 5436 volmgr - ok
20:30:50.0436 5436 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
20:30:50.0446 5436 volmgrx - ok
20:30:50.0496 5436 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
20:30:50.0501 5436 volsnap - ok
20:30:50.0551 5436 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
20:30:50.0556 5436 vsmraid - ok
20:30:50.0631 5436 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
20:30:50.0661 5436 VSS - ok
20:30:50.0706 5436 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
20:30:50.0706 5436 vwifibus - ok
20:30:50.0721 5436 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
20:30:50.0721 5436 vwififlt - ok
20:30:50.0761 5436 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
20:30:50.0771 5436 W32Time - ok
20:30:50.0791 5436 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
20:30:50.0791 5436 WacomPen - ok
20:30:50.0851 5436 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
20:30:50.0851 5436 WANARP - ok
20:30:50.0861 5436 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
20:30:50.0861 5436 Wanarpv6 - ok
20:30:50.0931 5436 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
20:30:50.0956 5436 WatAdminSvc - ok
20:30:51.0036 5436 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
20:30:51.0061 5436 wbengine - ok
20:30:51.0101 5436 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
20:30:51.0106 5436 WbioSrvc - ok
20:30:51.0161 5436 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
20:30:51.0171 5436 wcncsvc - ok
20:30:51.0201 5436 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:30:51.0206 5436 WcsPlugInService - ok
20:30:51.0246 5436 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
20:30:51.0251 5436 Wd - ok
20:30:51.0291 5436 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
20:30:51.0301 5436 Wdf01000 - ok
20:30:51.0331 5436 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
20:30:51.0336 5436 WdiServiceHost - ok
20:30:51.0346 5436 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
20:30:51.0351 5436 WdiSystemHost - ok
20:30:51.0396 5436 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
20:30:51.0401 5436 WebClient - ok
20:30:51.0431 5436 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
20:30:51.0436 5436 Wecsvc - ok
20:30:51.0461 5436 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
20:30:51.0466 5436 wercplsupport - ok
20:30:51.0501 5436 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
20:30:51.0506 5436 WerSvc - ok
20:30:51.0531 5436 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
20:30:51.0531 5436 WfpLwf - ok
20:30:51.0611 5436 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
20:30:51.0611 5436 WIMMount - ok
20:30:51.0641 5436 WinDefend - ok
20:30:51.0661 5436 WinHttpAutoProxySvc - ok
20:30:51.0721 5436 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
20:30:51.0726 5436 Winmgmt - ok
20:30:51.0796 5436 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
20:30:51.0821 5436 WinRM - ok
20:30:51.0866 5436 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
20:30:51.0876 5436 Wlansvc - ok
20:30:51.0916 5436 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
20:30:51.0916 5436 WmiAcpi - ok
20:30:51.0961 5436 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
20:30:51.0966 5436 wmiApSrv - ok
20:30:52.0006 5436 WMPNetworkSvc - ok
20:30:52.0046 5436 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
20:30:52.0046 5436 WPCSvc - ok
20:30:52.0086 5436 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
20:30:52.0091 5436 WPDBusEnum - ok
20:30:52.0161 5436 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
20:30:52.0161 5436 ws2ifsl - ok
20:30:52.0181 5436 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
20:30:52.0186 5436 wscsvc - ok
20:30:52.0196 5436 WSearch - ok
20:30:52.0296 5436 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
20:30:52.0341 5436 wuauserv - ok
20:30:52.0391 5436 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
20:30:52.0391 5436 WudfPf - ok
20:30:52.0421 5436 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
20:30:52.0426 5436 WUDFRd - ok
20:30:52.0471 5436 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
20:30:52.0471 5436 wudfsvc - ok
20:30:52.0506 5436 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
20:30:52.0516 5436 WwanSvc - ok
20:30:52.0531 5436 ================ Scan global ===============================
20:30:52.0591 5436 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
20:30:52.0626 5436 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
20:30:52.0641 5436 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
20:30:52.0666 5436 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
20:30:52.0696 5436 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
20:30:52.0701 5436 [Global] - ok
20:30:52.0701 5436 ================ Scan MBR ==================================
20:30:52.0711 5436 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
20:30:52.0956 5436 \Device\Harddisk0\DR0 - ok
20:30:52.0956 5436 ================ Scan VBR ==================================
20:30:52.0976 5436 [ 76E9B72374F429C7BF393FE2F6C1EA4C ] \Device\Harddisk0\DR0\Partition1
20:30:52.0981 5436 \Device\Harddisk0\DR0\Partition1 - ok
20:30:52.0981 5436 ============================================================
20:30:52.0981 5436 Scan finished
20:30:52.0981 5436 ============================================================
20:30:53.0001 3404 Detected object count: 0
20:30:53.0001 3404 Actual detected object count: 0

#4 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:09:46 PM

Posted 21 November 2012 - 11:12 PM

Hi, next run

Let's try an ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Check Remove found threats and Scan potentially unwanted applications (If given the option, choose "Quarantine" instead of delete.)
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


Please download AdwCleaner by Xplode to your desktop.
  • Make sure all programs are closed
  • Doubleclick adwcleaner.exe
  • Click Delete
  • Press OK when prompted
  • Restart your computer when asked
  • Copy and paste the contents of the text files that opens after your computer restarts to a reply to this thread. (The log is also saved to C:\AdwCleaner[S1].txt)

Please include the following in your reply
ESET log
AdwCleaner log
Any questions/comments you may have

#5 bjohnson1982

bjohnson1982
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 23 November 2012 - 04:33 PM

ESET
C:\Program Files (x86)\MusicConverter\AudioConverter.exe a variant of Win32/InstallCore.A application cleaned by deleting - quarantined
C:\Program Files (x86)\MusicConverter\Uninstall\Uninstall.exe a variant of Win32/InstallCore.AX application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Beejous\AppData\Local\Apple\AppleUpdate\Appleupdt32.DLL.vir a variant of Win32/Kryptik.TWK trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Beejous\AppData\Local\Microsoft\MicrosoftUpdate\Microsoftupdt32.dll.vir a variant of Win32/Kryptik.TWK trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\extensions\{0bdb2825-4ca0-4cdc-a4d2-96ae444e2dd2}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\extensions\{0bdb2825-4ca0-4cdc-a4d2-96ae444e2dd2}\chrome\xulcache.jar.vir JS/Agent.NDO trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\extensions\{745037ac-bad6-4f30-b3fb-7d9df17ad189}\chrome\xulcache.jar.vir JS/Agent.NDO trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\extensions\{a69f6e86-1dde-49b6-8c33-4c1ba451c34c}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\extensions\{a69f6e86-1dde-49b6-8c33-4c1ba451c34c}\chrome\xulcache.jar.vir JS/Agent.NDO trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\extensions\{b691a042-253c-41b6-b28e-8266cb5c6182}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\extensions\{b691a042-253c-41b6-b28e-8266cb5c6182}\chrome\xulcache.jar.vir JS/Agent.NDO trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\extensions\{c54a3d83-d26e-49b3-b9a2-7c7d6b07b337}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\extensions\{c54a3d83-d26e-49b3-b9a2-7c7d6b07b337}\chrome\xulcache.jar.vir JS/Agent.NDO trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\extensions\{e0e80a57-01f2-408c-b062-e926eed98a20}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\extensions\{e0e80a57-01f2-408c-b062-e926eed98a20}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan deleted - quarantined
C:\Qoobox\Quarantine\C\Windows\assembly\tmp\U\80000004.@.vir probably a variant of Win64/Sirefef.AW trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\assembly\tmp\U\80000032.@.vir a variant of Win32/Olmarik.AVQ trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\System32\consrv.dll.vir Win64/Sirefef.B trojan cleaned by deleting - quarantined
C:\Users\Beejous\AppData\Local\Temp\jar_cache1919728699616206087.tmp a variant of Java/Exploit.Agent.NDH trojan deleted - quarantined
C:\Users\Beejous\AppData\Local\Temp\jar_cache3929420722508314024.tmp multiple threats deleted - quarantined
C:\Users\Beejous\AppData\Local\Temp\jar_cache5103293463612164134.tmp Java/Exploit.CVE-2011-3544.BB trojan cleaned by deleting - quarantined
C:\Users\Beejous\AppData\Local\Temp\jar_cache8950420360878158492.tmp multiple threats deleted - quarantined
C:\Users\Beejous\AppData\Local\Temp\is357113909\GiantSavings.exe Win32/Toolbar.CrossRider.B application cleaned by deleting - quarantined
C:\Users\Beejous\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\63d48c42-35817b36 a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\Beejous\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5d6255db-5cbd2987 a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\Beejous\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\3043b022-5e695d7c Java/Exploit.CVE-2011-3544.BB trojan deleted - quarantined
C:\Users\Beejous\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\402b2b-4e631b99 multiple threats deleted - quarantined
C:\Users\Beejous\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\2ec7582d-15543ca1 multiple threats deleted - quarantined
C:\Users\Beejous\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\2c54eaf0-5fa07b7c a variant of Java/Exploit.CVE-2011-3544.BA trojan deleted - quarantined
C:\Users\Beejous\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\13c9a6b2-7a5eeed8 a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\Beejous\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\511051c6-2c7d120b multiple threats deleted - quarantined
C:\Users\Beejous\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\375f92ff-38293120 multiple threats deleted - quarantined
C:\Users\Beejous\AppData\Roaming\5031\components\AcroFF5.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\Users\Beejous\AppData\Roaming\5031\components\AcroFF6.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\Users\Beejous\AppData\Roaming\5031\components\AcroFF7.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\MusicConverterSetup.exe a variant of Win32/InstallCore.AX application cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Roaming\5032\components\AcroFF.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Roaming\5032\components\AcroFF5.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Roaming\5032\components\AcroFF6.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Roaming\5032\components\AcroFF7.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174739\C_Users\Beejous\AppData\Roaming\5037\components\AcroFF037.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\5032\components\AcroFF0325.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\5032\components\AcroFF0326.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\5032\components\AcroFF0327.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\5033\components\AcroFF0335.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\5033\components\AcroFF0336.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\5033\components\AcroFF0337.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\5034\components\AcroFF0345.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\5034\components\AcroFF0346.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\5034\components\AcroFF0347.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\5035\components\AcroFF0355.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\5035\components\AcroFF0357.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\5036\components\AcroFF0365.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\5036\components\AcroFF0367.dll a variant of Win32/Spy.Banker.YIL trojan cleaned by deleting - quarantined

# AdwCleaner v2.008 - Logfile created 11/23/2012 at 15:02:37
# Updated 17/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Beejous - BRIANS-PC
# Boot Mode : Normal
# Running from : C:\Users\Beejous\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\searchplugins\Conduit.xml
Folder Deleted : C:\Program Files (x86)\BitTorrentControl_v12
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\Beejous\AppData\Local\Conduit
Folder Deleted : C:\Users\Beejous\AppData\Local\Temp\CT2790392
Folder Deleted : C:\Users\Beejous\AppData\Local\Temp\CT3225826
Folder Deleted : C:\Users\Beejous\AppData\LocalLow\BitTorrentControl_v12
Folder Deleted : C:\Users\Beejous\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Beejous\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Beejous\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\Conduit
Folder Deleted : C:\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\ConduitCommon
Folder Deleted : C:\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\ConduitEngine
Folder Deleted : C:\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\CT2790392
Folder Deleted : C:\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\CT3225826
Folder Deleted : C:\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Folder Deleted : C:\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
Folder Deleted : C:\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\FCTB

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\BitTorrentControl_v12
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKLM\Software\BitTorrentControl_v12
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D441530-A7F6-4118-BEAB-076A697D9BCA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{509C1D4F-B3C4-4EF3-AF28-08617AF192D3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentControl_v12 Toolbar
Key Deleted : HKLM\SOFTWARE\Software
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default
File : C:\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\prefs.js

Deleted : user_pref("CT2790392..clientLogIsEnabled", false);
Deleted : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
Deleted : user_pref("CT2790392.CTID", "CT2790392");
Deleted : user_pref("CT2790392.CurrentServerDate", "24-11-2012");
Deleted : user_pref("CT2790392.DSInstall", true);
Deleted : user_pref("CT2790392.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2790392.DialogsGetterLastCheckTime", "Fri Nov 23 2012 15:02:03 GMT-0600 (Central Standa[...]
Deleted : user_pref("CT2790392.DownloadReferralCookieData", "");
Deleted : user_pref("CT2790392.FirstServerDate", "27-4-2012");
Deleted : user_pref("CT2790392.FirstTime", true);
Deleted : user_pref("CT2790392.FirstTimeFF3", true);
Deleted : user_pref("CT2790392.FirstTimeHiddenVer", true);
Deleted : user_pref("CT2790392.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2790392.HPInstall", false);
Deleted : user_pref("CT2790392.HasUserGlobalKeys", true);
Deleted : user_pref("CT2790392.Initialize", true);
Deleted : user_pref("CT2790392.InitializeCommonPrefs", true);
Deleted : user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2790392.InstallationType", "Unknown");
Deleted : user_pref("CT2790392.InstalledDate", "Fri Apr 27 2012 08:27:05 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT2790392.IsGrouping", false);
Deleted : user_pref("CT2790392.IsInitSetupIni", true);
Deleted : user_pref("CT2790392.IsMulticommunity", false);
Deleted : user_pref("CT2790392.IsOpenThankYouPage", true);
Deleted : user_pref("CT2790392.IsOpenUninstallPage", true);
Deleted : user_pref("CT2790392.LanguagePackLastCheckTime", "Thu Nov 22 2012 20:23:34 GMT-0600 (Central Standar[...]
Deleted : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2790392.LastLogin_3.12.2.3", "Sat May 26 2012 20:58:34 GMT-0500 (Central Daylight Time)[...]
Deleted : user_pref("CT2790392.LastLogin_3.13.0.6", "Mon Jul 16 2012 20:05:38 GMT-0500 (Central Daylight Time)[...]
Deleted : user_pref("CT2790392.LastLogin_3.14.1.0", "Mon Aug 27 2012 21:15:55 GMT-0500 (Central Daylight Time)[...]
Deleted : user_pref("CT2790392.LastLogin_3.15.1.0", "Fri Nov 02 2012 20:56:48 GMT-0500 (Central Daylight Time)[...]
Deleted : user_pref("CT2790392.LastLogin_3.16.0.3", "Fri Nov 23 2012 15:02:04 GMT-0600 (Central Standard Time)[...]
Deleted : user_pref("CT2790392.LatestVersion", "3.16.0.3");
Deleted : user_pref("CT2790392.Locale", "en");
Deleted : user_pref("CT2790392.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2790392.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2790392.OriginalFirstVersion", "3.12.2.3");
Deleted : user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");
Deleted : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT279[...]
Deleted : user_pref("CT2790392.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Fri Nov 23 2012 15:02:03 GMT-0600 (Central Stand[...]
Deleted : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2790392.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT2790392.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2790392.ServiceMapLastCheckTime", "Thu Nov 22 2012 21:20:53 GMT-0600 (Central Standard [...]
Deleted : user_pref("CT2790392.SettingsLastCheckTime", "Fri Nov 23 2012 15:02:03 GMT-0600 (Central Standard Ti[...]
Deleted : user_pref("CT2790392.SettingsLastUpdate", "1352140971");
Deleted : user_pref("CT2790392.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
Deleted : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2790392.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2790392");
Deleted : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2790392.UserID", "UN09960993122535333");
Deleted : user_pref("CT2790392.alertChannelId", "1182482");
Deleted : user_pref("CT2790392.autoDisableScopes", -1);
Deleted : user_pref("CT2790392.backendstorage.cbcountry_001", "5553");
Deleted : user_pref("CT2790392.backendstorage.cbfirsttime", "4672692041756720313020323031322030383A30373A35352[...]
Deleted : user_pref("CT2790392.backendstorage.url_history0001", "687474703A2F2F7777772E676F6F676C652E636F6D2F7[...]
Deleted : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2790392.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2790392.initDone", true);
Deleted : user_pref("CT2790392.myStuffEnabled", true);
Deleted : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2790392.navigateToUrlOnSearch", false);
Deleted : user_pref("CT2790392.revertSettingsEnabled", false);
Deleted : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2790392.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2790392.testingCtid", "");
Deleted : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Fri Nov 23 2012 15:02:03 GMT-0600 (Central S[...]
Deleted : user_pref("CT2790392.usagesFlag", 2);
Deleted : user_pref("CT3225826..clientLogIsEnabled", false);
Deleted : user_pref("CT3225826..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT3225826..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT3225826.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT3225826.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT3225826.BrowserCompStateIsOpen_1482755286787340176", true);
Deleted : user_pref("CT3225826.CTID", "CT3225826");
Deleted : user_pref("CT3225826.CurrentServerDate", "23-11-2012");
Deleted : user_pref("CT3225826.DSInstall", false);
Deleted : user_pref("CT3225826.DialogsAlignMode", "LTR");
Deleted : user_pref("CT3225826.DialogsGetterLastCheckTime", "Fri Nov 23 2012 15:02:04 GMT-0600 (Central Standa[...]
Deleted : user_pref("CT3225826.DownloadReferralCookieData", "");
Deleted : user_pref("CT3225826.FirstServerDate", "25-8-2012");
Deleted : user_pref("CT3225826.FirstTime", true);
Deleted : user_pref("CT3225826.FirstTimeFF3", true);
Deleted : user_pref("CT3225826.FirstTimeHiddenVer", true);
Deleted : user_pref("CT3225826.FixPageNotFoundErrors", true);
Deleted : user_pref("CT3225826.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT3225826.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT3225826.HPInstall", false);
Deleted : user_pref("CT3225826.HasUserGlobalKeys", true);
Deleted : user_pref("CT3225826.Initialize", true);
Deleted : user_pref("CT3225826.InitializeCommonPrefs", true);
Deleted : user_pref("CT3225826.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT3225826.InstallationId", "fft46AC.tmp.exe");
Deleted : user_pref("CT3225826.InstallationType", "XPE");
Deleted : user_pref("CT3225826.InstalledDate", "Fri Aug 24 2012 22:16:35 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT3225826.IsGrouping", false);
Deleted : user_pref("CT3225826.IsInitSetupIni", true);
Deleted : user_pref("CT3225826.IsMulticommunity", false);
Deleted : user_pref("CT3225826.IsOpenThankYouPage", true);
Deleted : user_pref("CT3225826.IsOpenUninstallPage", false);
Deleted : user_pref("CT3225826.LanguagePackLastCheckTime", "Thu Nov 22 2012 21:21:11 GMT-0600 (Central Standar[...]
Deleted : user_pref("CT3225826.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT3225826.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT3225826.LastLogin_3.15.0.0", "Mon Aug 27 2012 21:15:55 GMT-0500 (Central Daylight Time)[...]
Deleted : user_pref("CT3225826.LastLogin_3.15.1.0", "Sat Nov 03 2012 07:04:58 GMT-0500 (Central Daylight Time)[...]
Deleted : user_pref("CT3225826.LastLogin_3.16.0.3", "Fri Nov 23 2012 11:40:22 GMT-0600 (Central Standard Time)[...]
Deleted : user_pref("CT3225826.LatestVersion", "3.16.0.3");
Deleted : user_pref("CT3225826.Locale", "en");
Deleted : user_pref("CT3225826.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT3225826.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT3225826.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT3225826.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT3225826.OriginalFirstVersion", "3.15.0.0");
Deleted : user_pref("CT3225826.SearchCaption", "BitTorrentControl_v12 Customized Web Search");
Deleted : user_pref("CT3225826.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT3225826.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT322[...]
Deleted : user_pref("CT3225826.SearchInNewTabEnabled", true);
Deleted : user_pref("CT3225826.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT3225826.SearchInNewTabLastCheckTime", "Fri Nov 23 2012 15:02:03 GMT-0600 (Central Stand[...]
Deleted : user_pref("CT3225826.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT3225826.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT3225826.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT3225826.ServiceMapLastCheckTime", "Fri Nov 23 2012 15:02:03 GMT-0600 (Central Standard [...]
Deleted : user_pref("CT3225826.SettingsLastCheckTime", "Fri Nov 23 2012 15:02:03 GMT-0600 (Central Standard Ti[...]
Deleted : user_pref("CT3225826.SettingsLastUpdate", "1353351527");
Deleted : user_pref("CT3225826.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3225826&SearchSource=13");
Deleted : user_pref("CT3225826.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT3225826.ThirdPartyComponentsLastCheck", "Fri Aug 24 2012 22:16:34 GMT-0500 (Central Day[...]
Deleted : user_pref("CT3225826.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT3225826.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT3225826.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3225826");
Deleted : user_pref("CT3225826.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT3225826.UserID", "UN56533780636413182");
Deleted : user_pref("CT3225826.alertChannelId", "1659193");
Deleted : user_pref("CT3225826.autoDisableScopes", -1);
Deleted : user_pref("CT3225826.backendstorage.bt_stats", "7B226C6173745F6C6F67223A313334393139313634342C227575[...]
Deleted : user_pref("CT3225826.backendstorage.cbcountry_001", "5553");
Deleted : user_pref("CT3225826.backendstorage.cbfirsttime", "4672692041756720323420323031322032323A31363A33362[...]
Deleted : user_pref("CT3225826.backendstorage.url_history0001", "68747470733A2F2F7777772E676F6F676C652E636F6D3[...]
Deleted : user_pref("CT3225826.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT3225826.globalFirstTimeInfoLastCheckTime", "Fri Aug 24 2012 22:16:35 GMT-0500 (Central [...]
Deleted : user_pref("CT3225826.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT3225826.initDone", true);
Deleted : user_pref("CT3225826.isAppTrackingManagerOn", false);
Deleted : user_pref("CT3225826.myStuffEnabled", true);
Deleted : user_pref("CT3225826.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT3225826.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT3225826.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT3225826.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT3225826.navigateToUrlOnSearch", false);
Deleted : user_pref("CT3225826.revertSettingsEnabled", false);
Deleted : user_pref("CT3225826.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT3225826.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT3225826.testingCtid", "");
Deleted : user_pref("CT3225826.toolbarAppMetaDataLastCheckTime", "Fri Nov 23 2012 15:02:03 GMT-0600 (Central S[...]
Deleted : user_pref("CT3225826.toolbarContextMenuLastCheckTime", "Fri Aug 24 2012 22:16:36 GMT-0500 (Central D[...]
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "BitTorrentBar Customized Web Search,BitTorrentBar C[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2790392/CT2790392[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3225826/CT3225826[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3225826", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3225826",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"5cd[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Beejous\\AppData\\Roaming\\Mozilla\[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.0.0");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2790392,CT3225826");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "ConduitEngine,CT2790392,CT3225826");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392,CT3225826");
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Nov 06 2011 01:41:22 GMT-0500 (Centr[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Nov 06 2011 01:41:22 GMT-0500 (Central D[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "92ab238c-8a25-4320-9dc8-c80c960b82e3");
Deleted : user_pref("CommunityToolbar.globalUserId", "ee0f9c2c-91ca-4642-b7c4-6005f427c610");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2790392");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Aug 24 2012 22:16:3[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Aug 24 2012 22:16:34 GMT-0500 (C[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "bac20d4e-f657-4dc0-85f1-d1722f9e1790");
Deleted : user_pref("CommunityToolbar.originalHomepage", "google.com");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.FixPageNotFoundErrors", false);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstallationType", "UnknownIntegration");
Deleted : user_pref("ConduitEngine.InstalledDate", "Mon Jul 25 2011 10:12:01 GMT-0500 (Central Daylight Time)"[...]
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", false);
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
Deleted : user_pref("ConduitEngine.engineLocale", "en-US");
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("browser.search.defaultthis.engineName", "BitTorrentBar Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&Sea[...]
Deleted : user_pref("browser.search.selectedEngine", "BitTorrentBar Customized Web Search");
Deleted : user_pref("extensions.vshare@toolbar.update.enabled", false);
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=[...]
Deleted : user_pref("vshare.install.laststatreq", "1332806400000");

-\\ Google Chrome v23.0.1271.64

File : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [26682 octets] - [23/11/2012 15:02:37]

########## EOF - C:\AdwCleaner[S1].txt - [26743 octets] ##########

#6 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:09:46 PM

Posted 23 November 2012 - 06:49 PM

Hi, how are things running now?

#7 bjohnson1982

bjohnson1982
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 23 November 2012 - 08:43 PM

I haven't tried to update but I will tonight and post how it goes.

#8 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:09:46 PM

Posted 23 November 2012 - 09:45 PM

I forgot to mention, I see you've run ComboFix on this PC. Combofix is a very powerful tool that should only be run under expert supervision. Please keep this is mind for the future.

#9 bjohnson1982

bjohnson1982
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 24 November 2012 - 11:37 AM

I ran it from recommendation from help on this site.
I just tried to update and I'm still having the same issue where the updates revert back when trying to configure.

#10 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:09:46 PM

Posted 24 November 2012 - 12:39 PM

Go into your Windows Updates -> Installed updates

Where it says the update failed, what is the error code?

#11 bjohnson1982

bjohnson1982
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 24 November 2012 - 04:47 PM

Error code: 800F0902

#12 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:09:46 PM

Posted 24 November 2012 - 05:09 PM

Hi

click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.
Type sfc /scannow and press enter. Follow any prompts to restart your computer.

Edited by Sightless, 24 November 2012 - 05:09 PM.


#13 bjohnson1982

bjohnson1982
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 24 November 2012 - 05:52 PM

Windows Resource Protection did not find any integrity violations.

#14 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:09:46 PM

Posted 24 November 2012 - 07:22 PM

Try running the Fix-It program.

Also, could you please post the log file from when you ran Malwarebytes? It can be found under the "Logs" tab of the program.

Edited by Sightless, 24 November 2012 - 07:24 PM.


#15 bjohnson1982

bjohnson1982
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 26 November 2012 - 11:29 AM

I ran fixit and it told me it found 2 problems and fixed them. I updated and it reverted back again when trying to configure. When it restarted it showed it didn't have any updates to install, but now it does. It's back to where I was with 23 updates needed.


Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.09.29.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Beejous :: BRIANS-PC [administrator]

11/21/2012 9:23:09 AM
mbam-log-2012-11-21 (09-23-09).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 471312
Time elapsed: 8 hour(s), 34 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 9
C:\ProgramData\Microsoft\Windows\DRM\5406.tmp (Rootkit.ZeroAccess) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\DRM\5426.tmp (Rootkit.ZeroAccess) -> Quarantined and deleted successfully.
C:\Users\Beejous\AppData\Local\Temp\0.7809407113767931 (Trojan.Agent.BRVGen) -> Quarantined and deleted successfully.
C:\Users\Beejous\AppData\Local\Temp\0.8263568273636617 (Trojan.Agent.BRVGen) -> Quarantined and deleted successfully.
C:\Users\Beejous\AppData\Local\Temp\6537.tmp (Trojan.Agent.BRVGen) -> Quarantined and deleted successfully.
C:\Users\Beejous\Downloads\movie_player_1280.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.
C:\Users\Beejous\Downloads\mplayer_Setup (1).exe (PUP.Bundle.Installer.OI) -> Quarantined and deleted successfully.
C:\Users\Beejous\Downloads\mplayer_Setup.exe (PUP.Bundle.Installer.OI) -> Quarantined and deleted successfully.
C:\Users\Beejous\Downloads\video_downloader.exe (PUP.BundleInstaller.VG) -> Quarantined and deleted successfully.

(end)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users