Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Recovering from Delta-Search Browser Hijacker


  • Please log in to reply
11 replies to this topic

#1 macman104

macman104

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:54 PM

Posted 16 August 2013 - 11:10 AM

Hello!  I have my grandfather's computer that had been infected by the delta-search browser hijacker.  After many attempts, I was able to successfully navigate to the malwarebytes website and retrieve the program to perform a scan.

 

The scan completed and seems to have successfully removed the delta-search hijacker.  However, there are other programs/toolbars that seem to have come with it, and I was hoping I may be able to receive help doing a thorough checking (possibly help interpreting and using hijackthis logs, don't worry I haven't touched, downloaded it or anything, I know I need specific direction for that), or some other program that will help check his settings, registry entries, programs, etc to ensure nothing else is left behind unknown.

 

I wasn't sure where exactly to put this request, as it seems I need to first receive direction/instruction for further removal or postings, so I'll leave it at this, and hope that one of the trusted members will be able to direct me or allow me further posting in an area to receive more guided instruction.

 

Thank you



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:54 PM

Posted 16 August 2013 - 12:08 PM

Hello macman, let's also run these.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.



Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 macman104

macman104
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:54 PM

Posted 20 August 2013 - 02:55 PM

Hello thanks for responding so quickly.  I apologize, I thought I had subscribed to be notified of a new post, but seems I did not actually do that, otherwise, I would have responded sooner.  The ESET scan completed, but I do believe my grandfather closed the window before I could collect the results from his computer.  In any case, I have rerun the scan, so I am hoping that is ok, and we did not lose any critical information from that first scan log.

 

MiniToolbox

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Bruce (administrator) on 19-08-2013 at 18:07:37
Running from "C:\Users\Bruce\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Notebook
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : 0C-EE-E6-C7-EF-E7
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::85a:d8cc:29e4:ab9e%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, August 19, 2013 9:59:33 AM
   Lease Expires . . . . . . . . . . : Tuesday, August 20, 2013 5:55:42 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 302837478
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-97-19-E0-00-26-2D-B0-B9-C3
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 00-26-2D-B0-B9-C3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{453F1C55-72D7-4205-9093-4FC5B6DA70A1}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 13:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:2c47:2db3:b3ee:55f3(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::2c47:2db3:b3ee:55f3%32(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{53F235B8-CEE0-465C-8A0D-1008B3A53799}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Reusable ISATAP Interface {E595B8C2-1897-4A88-9230-1BDDC65CD823}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4009:804::1008
 74.125.225.40
 74.125.225.46
 74.125.225.35
 74.125.225.33
 74.125.225.36
 74.125.225.32
 74.125.225.41
 74.125.225.38
 74.125.225.39
 74.125.225.34
 74.125.225.37
 
 
Pinging google.com [74.125.225.134] with 32 bytes of data:
Reply from 74.125.225.134: bytes=32 time=21ms TTL=54
Reply from 74.125.225.134: bytes=32 time=23ms TTL=54
 
Ping statistics for 74.125.225.134:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 21ms, Maximum = 23ms, Average = 22ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=41ms TTL=50
Reply from 98.138.253.109: bytes=32 time=40ms TTL=50
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 40ms, Maximum = 41ms, Average = 40ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=12ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 4ms, Maximum = 12ms, Average = 8ms
===========================================================================
Interface List
 11...0c ee e6 c7 ef e7 ......Atheros AR9285 802.11b/g/n WiFi Adapter
 10...00 26 2d b0 b9 c3 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 32...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 34...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
 35...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.4     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.4    281
      192.168.1.4  255.255.255.255         On-link       192.168.1.4    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.4    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.4    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.4    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 32     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 32     58 2001::/32                On-link
 32    306 2001:0:9d38:953c:2c47:2db3:b3ee:55f3/128
                                    On-link
 11    281 fe80::/64                On-link
 32    306 fe80::/64                On-link
 11    281 fe80::85a:d8cc:29e4:ab9e/128
                                    On-link
 32    306 fe80::2c47:2db3:b3ee:55f3/128
                                    On-link
  1    306 ff00::/8                 On-link
 32    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (08/18/2013 10:42:55 PM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location F:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
 
Error: (08/17/2013 08:57:30 PM) (Source: Application Error) (User: )
Description: Faulting application name: ComcastAntiSpyService.exe, version: 1.0.0.51, time stamp: 0x2a425e19
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x000485fe
Faulting process id: 0x774
Faulting application start time: 0xComcastAntiSpyService.exe0
Faulting application path: ComcastAntiSpyService.exe1
Faulting module path: ComcastAntiSpyService.exe2
Report Id: ComcastAntiSpyService.exe3
 
Error: (08/13/2013 10:28:06 AM) (Source: Application Hang) (User: )
Description: The program mbam.exe version 1.75.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1430
 
Start Time: 01ce983987258d0a
 
Termination Time: 68
 
Application Path: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
 
Report Id: e7f8c6f7-042c-11e3-a9b6-00038a000015
 
Error: (08/13/2013 10:14:53 AM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16635, time stamp: 0x51b7a921
Faulting module name: muvee2l2ad.ax, version: 7.4.0.34713, time stamp: 0x48cfb678
Exception code: 0xc0000005
Fault offset: 0x00004c9a
Faulting process id: 0xa48
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
Error: (08/13/2013 10:13:38 AM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location F:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
 
Error: (08/13/2013 09:23:09 AM) (Source: Application Error) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program ComcastAntiSpyService.exe because of this error.
 
Program: ComcastAntiSpyService.exe
File: 
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: 00000000
Disk type: 0
 
Error: (08/13/2013 09:23:09 AM) (Source: Application Error) (User: )
Description: Faulting application name: ComcastAntiSpyService.exe, version: 1.0.0.51, time stamp: 0x2a425e19
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000096
Fault offset: 0x00048665
Faulting process id: 0x6e4
Faulting application start time: 0xComcastAntiSpyService.exe0
Faulting application path: ComcastAntiSpyService.exe1
Faulting module path: ComcastAntiSpyService.exe2
Report Id: ComcastAntiSpyService.exe3
 
Error: (08/10/2013 05:33:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16635, time stamp: 0x51b7a921
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0x36f4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
Error: (08/07/2013 05:02:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16635, time stamp: 0x51b7a921
Faulting module name: CIDCoreLight.dll, version: 1.8.1.13, time stamp: 0x4b80f209
Exception code: 0x40000015
Fault offset: 0x000c93eb
Faulting process id: 0xbac
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
Error: (08/07/2013 05:02:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16635, time stamp: 0x51b7a921
Faulting module name: Solid Savings-bho.dll_unloaded, version: 0.0.0.0, time stamp: 0x51b5cf67
Exception code: 0xc0000005
Fault offset: 0x07690ef1
Faulting process id: 0x145c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
 
System errors:
=============
Error: (08/19/2013 06:08:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error: 
%%2
 
Error: (08/19/2013 06:07:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error: 
%%2
 
Error: (08/19/2013 06:06:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error: 
%%2
 
Error: (08/19/2013 06:05:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error: 
%%2
 
Error: (08/19/2013 06:04:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error: 
%%2
 
Error: (08/19/2013 06:03:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error: 
%%2
 
Error: (08/19/2013 06:02:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error: 
%%2
 
Error: (08/19/2013 06:01:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error: 
%%2
 
Error: (08/19/2013 06:00:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error: 
%%2
 
Error: (08/19/2013 05:59:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error: 
%%2
 
 
Microsoft Office Sessions:
=========================
 
=========================== Installed Programs ============================
 
 Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer (Version: 7.2.8)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 3.5.0.600)
Adobe Digital Editions
Adobe Flash Player 10 ActiveX 64-bit (Version: 10.3.162.28)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader X (10.1.7) (Version: 10.1.7)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
AOL Uninstaller (Choose which Products to Remove)
Atheros Driver Installation Program (Version: 5.2)
Auslogics Disk Defrag (Version: 3.5)
Bing Bar (Version: 7.2.241.0)
Bridge Baron 14 (Version: 14.00.02)
CA Pest Patrol Realtime Protection (Version: 001.001.0034)
Comcast Desktop Software (v1.2.0.9) (Version: 23)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HD Audio (Version: 4.98.60.50)
Coupon Printer for Windows (Version: 5.0.0.0)
CyberLink DVD Suite (Version: 6.0.3101)
CyberLink YouCam (Version: 2.0.3115)
D3DX10 (Version: 15.4.2368.0902)
DJ_AIO_06_F2400_SW_Min (Version: 140.0.690.000)
Driver Whiz (Version: 8.0.1)
Elevated Installer (Version: 2.1.13)
Family Tree Maker 2010 (Version: 19.0.207)
G3 Manager (Version: 1.2.5000)
Garmin Communicator Plugin (Version: 4.0.1)
Garmin Communicator Plugin x64 (Version: 4.0.1)
Garmin Express (Version: 2.1.13)
Garmin Express Tray (Version: 2.1.13)
Garmin Update Service (Version: 2.1.13)
Garmin USB Drivers (Version: 2.3.0.0)
Google Chrome (Version: 28.0.1500.95)
Google Drive (Version: 1.11.4865.2530)
Google Earth (Version: 7.1.1.1888)
Google Quick Search Box (Version: 1.2.1151.245)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.153)
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.50)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP Advisor (Version: 3.2.8946.3086)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Deskjet 2050 J510 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 2050 J510 series Help (Version: 140.0.61.61)
HP Deskjet 2050 J510 series Product Improvement Study (Version: 22.50.231.0)
HP Deskjet F2400 All-in-One Driver 14.0 Rel. 6 (Version: 14.0)
HP Deskjet F4400 Printer Driver Software 13.0 Rel .5 (Version: 13.0)
HP DVD Play 3.7 (Version: 3.7.0.6623)
HP Games (Version: 1.0.0.71)
HP Photo Creations (Version: 1.0.0.3781)
HP Print Projects 1.0 (Version: 1.0)
HP Product Detection (Version: 11.14.0001)
HP Product Detection (Version: 11.14.0004)
HP Quick Launch Buttons (Version: 6.50.5.1)
HP Setup (Version: 1.2.3220.3079)
HP Update (Version: 5.005.000.002)
HP User Guides 0156 (Version: 1.02.0001)
HP Wireless Assistant (Version: 3.50.9.1)
HPDiagnosticAlert (Version: 1.00.0000)
hpPrintProjects (Version: 130.0.303.000)
hpWLPGInstaller (Version: 130.0.303.000)
Humana GearSync 1.5.117 (Version: 1.5.117)
Intel® Graphics Media Accelerator Driver
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
Java™ 6 Update 16 (Version: 6.0.160)
Junk Mail filter update (Version: 15.4.3502.0922)
LabelPrint (Version: 2.5.1913)
Lexmark 6200 Series
LightScribe System Software (Version: 1.18.6.1)
LogMeIn (Version: 4.1.3268)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
McAfee Security Scan Plus (Version: 3.0.318.3)
McAfee SiteAdvisor (Version: 3.6.168)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SkyDrive (Version: 17.0.2015.0811)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 (Version: 3.0.5305.0)
Move Media Player
Mozy Restore Manager (Version: 2.0.1.529)
MozyHome (Version: 2.18.4.250)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
muvee Reveal (Version: 7.0.40.10061)
Network Password Recovery Wizard
Norton PC Checkup (Version: 3.0.2.122.0)
Norton Security Suite (Version: 20.4.0.40)
Online Backup (Version: 2.33)
OverDrive Media Console (Version: 3.2.5)
Picasa 3 (Version: 3.8)
Power2Go (Version: 6.0.3101)
PowerDirector (Version: 7.0.3101)
PowerRecover (Version: 5.5.1923)
QLBCASL (Version: 6.40.17.2)
Quicken 2010 (Version: 19.1.9.16)
Quicken 2013 (Version: 22.1.12.7)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0007)
Realtek USB 2.0 Card Reader (Version: 6.1.7100.30093)
Scan (Version: 140.0.80.000)
Skype™ 6.6 (Version: 6.6.106)
Sony RAW Driver (Version: 2.0.00.08130)
SpeedyPC Pro (Version: 3.1.10.0)
Synaptics Pointing Device Driver (Version: 13.2.2.0)
Toolbox (Version: 140.0.428.000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Viewpoint Media Player
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
XFINITY Toolbar (Version: 3.5.1.11)
Yahoo! Detect
Yahoo! Toolbar
 
========================= Memory info: ===================================
 
Percentage of memory in use: 60%
Total physical RAM: 3003.19 MB
Available physical RAM: 1172.44 MB
Total Pagefile: 6004.57 MB
Available Pagefile: 3466.67 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.75 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:285.98 GB) (Free:219.89 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:11.91 GB) (Free:2 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\NOTEBOOK
 
Administrator            Bruce                    Guest                    
LogMeInRemoteUser        
 
 
**** End of log ****
 

TDSSkiller

 

18:09:46.0411 0x0884  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
18:09:47.0033 0x0884  ============================================================
18:09:47.0033 0x0884  Current date / time: 2013/08/19 18:09:47.0033
18:09:47.0033 0x0884  SystemInfo:
18:09:47.0033 0x0884  
18:09:47.0033 0x0884  OS Version: 6.1.7601 ServicePack: 1.0
18:09:47.0033 0x0884  Product type: Workstation
18:09:47.0034 0x0884  ComputerName: NOTEBOOK
18:09:47.0034 0x0884  UserName: Bruce
18:09:47.0034 0x0884  Windows directory: C:\Windows
18:09:47.0034 0x0884  System windows directory: C:\Windows
18:09:47.0034 0x0884  Running under WOW64
18:09:47.0034 0x0884  Processor architecture: Intel x64
18:09:47.0034 0x0884  Number of processors: 2
18:09:47.0034 0x0884  Page size: 0x1000
18:09:47.0034 0x0884  Boot type: Normal boot
18:09:47.0034 0x0884  ============================================================
18:09:50.0200 0x0884  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x1E4843, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x5, Type 'K0', Flags 0x00000040
18:09:50.0255 0x0884  ============================================================
18:09:50.0255 0x0884  \Device\Harddisk0\DR0:
18:09:50.0256 0x0884  MBR partitions:
18:09:50.0256 0x0884  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
18:09:50.0256 0x0884  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23BF8000
18:09:50.0256 0x0884  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23C5C000, BlocksNum 0x17D2000
18:09:50.0256 0x0884  ============================================================
18:09:50.0306 0x0884  C: <-> \Device\Harddisk0\DR0\Partition2
18:09:50.0355 0x0884  D: <-> \Device\Harddisk0\DR0\Partition3
18:09:50.0436 0x0884  ============================================================
18:09:50.0436 0x0884  Initialize success
18:09:50.0436 0x0884  ============================================================
18:10:32.0347 0x0a28  ============================================================
18:10:32.0347 0x0a28  Scan started
18:10:32.0347 0x0a28  Mode: Manual; TDLFS; 
18:10:32.0347 0x0a28  ============================================================
18:10:35.0240 0x0a28  ================ Scan system memory ========================
18:10:35.0240 0x0a28  System memory - ok
18:10:35.0242 0x0a28  ================ Scan services =============================
18:10:36.0599 0x0a28  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:10:36.0604 0x0a28  1394ohci - ok
18:10:36.0680 0x0a28  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:10:36.0724 0x0a28  ACPI - ok
18:10:36.0783 0x0a28  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:10:36.0785 0x0a28  AcpiPmi - ok
18:10:36.0937 0x0a28  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:10:36.0940 0x0a28  AdobeARMservice - ok
18:10:37.0172 0x0a28  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:10:37.0175 0x0a28  AdobeFlashPlayerUpdateSvc - ok
18:10:37.0290 0x0a28  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:10:37.0316 0x0a28  adp94xx - ok
18:10:37.0379 0x0a28  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:10:37.0386 0x0a28  adpahci - ok
18:10:37.0423 0x0a28  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:10:37.0428 0x0a28  adpu320 - ok
18:10:37.0453 0x0a28  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:10:37.0454 0x0a28  AeLookupSvc - ok
18:10:37.0502 0x0a28  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
18:10:37.0510 0x0a28  AFD - ok
18:10:37.0545 0x0a28  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:10:37.0547 0x0a28  agp440 - ok
18:10:37.0568 0x0a28  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:10:37.0571 0x0a28  ALG - ok
18:10:37.0605 0x0a28  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:10:37.0607 0x0a28  aliide - ok
18:10:37.0625 0x0a28  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:10:37.0629 0x0a28  amdide - ok
18:10:37.0671 0x0a28  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:10:37.0673 0x0a28  AmdK8 - ok
18:10:37.0699 0x0a28  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:10:37.0702 0x0a28  AmdPPM - ok
18:10:37.0728 0x0a28  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:10:37.0732 0x0a28  amdsata - ok
18:10:37.0765 0x0a28  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:10:37.0770 0x0a28  amdsbs - ok
18:10:37.0790 0x0a28  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:10:37.0793 0x0a28  amdxata - ok
18:10:37.0988 0x0a28  [ F9DAC844B1D370DA4C984D4C22F5E696 ] AntiSpywareService C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
18:10:37.0995 0x0a28  AntiSpywareService - ok
18:10:38.0160 0x0a28  [ 85180CF88C5EBAD73B452A43A004CA51 ] AOL ACS         C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
18:10:38.0168 0x0a28  AOL ACS - ok
18:10:38.0230 0x0a28  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
18:10:38.0239 0x0a28  AppID - ok
18:10:38.0309 0x0a28  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:10:38.0316 0x0a28  AppIDSvc - ok
18:10:38.0387 0x0a28  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
18:10:38.0393 0x0a28  Appinfo - ok
18:10:38.0479 0x0a28  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:10:38.0483 0x0a28  arc - ok
18:10:38.0517 0x0a28  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:10:38.0526 0x0a28  arcsas - ok
18:10:38.0956 0x0a28  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:10:38.0959 0x0a28  aspnet_state - ok
18:10:39.0100 0x0a28  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:10:39.0110 0x0a28  AsyncMac - ok
18:10:39.0145 0x0a28  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
18:10:39.0147 0x0a28  atapi - ok
18:10:39.0412 0x0a28  [ 38562A6A9CB10844759EAF2B01A7FCD3 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
18:10:39.0480 0x0a28  athr - ok
18:10:39.0710 0x0a28  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:10:39.0735 0x0a28  AudioEndpointBuilder - ok
18:10:39.0774 0x0a28  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:10:39.0782 0x0a28  AudioSrv - ok
18:10:39.0885 0x0a28  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:10:39.0892 0x0a28  AxInstSV - ok
18:10:40.0044 0x0a28  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:10:40.0069 0x0a28  b06bdrv - ok
18:10:40.0157 0x0a28  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:10:40.0199 0x0a28  b57nd60a - ok
18:10:40.0422 0x0a28  [ 369C1928C9BBED65C9E347448BD376B0 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe
18:10:40.0424 0x0a28  BBSvc - ok
18:10:40.0597 0x0a28  [ 54949AFAC5CE6FA2E4D7846D4362BAB3 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
18:10:40.0601 0x0a28  BBUpdate - ok
18:10:40.0702 0x0a28  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:10:40.0712 0x0a28  BDESVC - ok
18:10:40.0780 0x0a28  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:10:40.0786 0x0a28  Beep - ok
18:10:40.0976 0x0a28  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
18:10:41.0057 0x0a28  BFE - ok
18:10:41.0782 0x0a28  [ 6E10DB69DB1AA96207F4B14B18FF12F8 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys
18:10:41.0839 0x0a28  BHDrvx64 - ok
18:10:41.0976 0x0a28  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
18:10:42.0043 0x0a28  BITS - ok
18:10:42.0111 0x0a28  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:10:42.0115 0x0a28  blbdrive - ok
18:10:42.0201 0x0a28  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:10:42.0220 0x0a28  bowser - ok
18:10:42.0283 0x0a28  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:10:42.0286 0x0a28  BrFiltLo - ok
18:10:42.0310 0x0a28  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:10:42.0314 0x0a28  BrFiltUp - ok
18:10:42.0359 0x0a28  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
18:10:42.0437 0x0a28  Browser - ok
18:10:42.0466 0x0a28  BrowserDefendert - ok
18:10:42.0505 0x0a28  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:10:42.0531 0x0a28  Brserid - ok
18:10:42.0561 0x0a28  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:10:42.0563 0x0a28  BrSerWdm - ok
18:10:42.0590 0x0a28  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:10:42.0592 0x0a28  BrUsbMdm - ok
18:10:42.0614 0x0a28  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:10:42.0617 0x0a28  BrUsbSer - ok
18:10:42.0637 0x0a28  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:10:42.0639 0x0a28  BTHMODEM - ok
18:10:42.0663 0x0a28  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:10:42.0667 0x0a28  bthserv - ok
18:10:42.0719 0x0a28  [ D1787E11C6A0078DDEAF8CF3EE2AB293 ] CAXHWAZL        C:\Windows\system32\DRIVERS\CAXHWAZL.sys
18:10:42.0725 0x0a28  CAXHWAZL - ok
18:10:42.0813 0x0a28  [ 56685951208AC81CF923B9B08BEDF3B7 ] ccSet_N360      C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys
18:10:42.0819 0x0a28  ccSet_N360 - ok
18:10:42.0851 0x0a28  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:10:42.0854 0x0a28  cdfs - ok
18:10:42.0905 0x0a28  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
18:10:42.0910 0x0a28  cdrom - ok
18:10:42.0938 0x0a28  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:10:42.0940 0x0a28  CertPropSvc - ok
18:10:42.0969 0x0a28  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:10:42.0971 0x0a28  circlass - ok
18:10:43.0003 0x0a28  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:10:43.0009 0x0a28  CLFS - ok
18:10:43.0063 0x0a28  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:10:43.0066 0x0a28  clr_optimization_v2.0.50727_32 - ok
18:10:43.0184 0x0a28  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:10:43.0188 0x0a28  clr_optimization_v2.0.50727_64 - ok
18:10:43.0261 0x0a28  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:10:43.0263 0x0a28  clr_optimization_v4.0.30319_32 - ok
18:10:43.0289 0x0a28  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:10:43.0291 0x0a28  clr_optimization_v4.0.30319_64 - ok
18:10:43.0333 0x0a28  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:10:43.0335 0x0a28  CmBatt - ok
18:10:43.0363 0x0a28  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:10:43.0365 0x0a28  cmdide - ok
18:10:43.0402 0x0a28  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
18:10:43.0410 0x0a28  CNG - ok
18:10:43.0470 0x0a28  [ A44DFDB81DC62B11760881175E5B2266 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
18:10:43.0492 0x0a28  CnxtHdAudService - ok
18:10:43.0585 0x0a28  [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx       C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
18:10:43.0591 0x0a28  Com4QLBEx - ok
18:10:43.0620 0x0a28  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:10:43.0624 0x0a28  Compbatt - ok
18:10:43.0660 0x0a28  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:10:43.0663 0x0a28  CompositeBus - ok
18:10:43.0680 0x0a28  COMSysApp - ok
18:10:43.0697 0x0a28  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:10:43.0700 0x0a28  crcdisk - ok
18:10:43.0733 0x0a28  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:10:43.0738 0x0a28  CryptSvc - ok
18:10:43.0789 0x0a28  [ BA25D4B9B067248F7CAC416E855D706B ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
18:10:43.0792 0x0a28  dc3d - ok
18:10:43.0831 0x0a28  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:10:43.0840 0x0a28  DcomLaunch - ok
18:10:43.0876 0x0a28  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:10:43.0881 0x0a28  defragsvc - ok
18:10:43.0903 0x0a28  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:10:43.0906 0x0a28  DfsC - ok
18:10:43.0943 0x0a28  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:10:43.0949 0x0a28  Dhcp - ok
18:10:43.0975 0x0a28  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:10:43.0976 0x0a28  discache - ok
18:10:44.0022 0x0a28  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:10:44.0026 0x0a28  Disk - ok
18:10:44.0057 0x0a28  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:10:44.0062 0x0a28  Dnscache - ok
18:10:44.0092 0x0a28  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:10:44.0097 0x0a28  dot3svc - ok
18:10:44.0150 0x0a28  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
18:10:44.0156 0x0a28  Dot4 - ok
18:10:44.0197 0x0a28  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
18:10:44.0199 0x0a28  Dot4Print - ok
18:10:44.0223 0x0a28  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
18:10:44.0226 0x0a28  dot4usb - ok
18:10:44.0256 0x0a28  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
18:10:44.0260 0x0a28  DPS - ok
18:10:44.0283 0x0a28  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:10:44.0286 0x0a28  drmkaud - ok
18:10:44.0334 0x0a28  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:10:44.0368 0x0a28  DXGKrnl - ok
18:10:44.0421 0x0a28  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:10:44.0425 0x0a28  EapHost - ok
18:10:44.0543 0x0a28  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:10:44.0644 0x0a28  ebdrv - ok
18:10:44.0711 0x0a28  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:10:44.0719 0x0a28  eeCtrl - ok
18:10:44.0748 0x0a28  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
18:10:44.0751 0x0a28  EFS - ok
18:10:44.0801 0x0a28  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:10:44.0826 0x0a28  ehRecvr - ok
18:10:44.0865 0x0a28  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
18:10:44.0869 0x0a28  ehSched - ok
18:10:44.0922 0x0a28  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:10:44.0931 0x0a28  elxstor - ok
18:10:44.0974 0x0a28  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:10:44.0977 0x0a28  EraserUtilRebootDrv - ok
18:10:45.0005 0x0a28  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:10:45.0007 0x0a28  ErrDev - ok
18:10:45.0068 0x0a28  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:10:45.0075 0x0a28  EventSystem - ok
18:10:45.0115 0x0a28  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:10:45.0120 0x0a28  exfat - ok
18:10:45.0142 0x0a28  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:10:45.0147 0x0a28  fastfat - ok
18:10:45.0207 0x0a28  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
18:10:45.0220 0x0a28  Fax - ok
18:10:45.0253 0x0a28  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:10:45.0255 0x0a28  fdc - ok
18:10:45.0287 0x0a28  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:10:45.0289 0x0a28  fdPHost - ok
18:10:45.0306 0x0a28  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:10:45.0308 0x0a28  FDResPub - ok
18:10:45.0325 0x0a28  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:10:45.0328 0x0a28  FileInfo - ok
18:10:45.0344 0x0a28  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:10:45.0347 0x0a28  Filetrace - ok
18:10:45.0366 0x0a28  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:10:45.0368 0x0a28  flpydisk - ok
18:10:45.0403 0x0a28  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:10:45.0410 0x0a28  FltMgr - ok
18:10:45.0474 0x0a28  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
18:10:45.0510 0x0a28  FontCache - ok
18:10:45.0577 0x0a28  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:10:45.0580 0x0a28  FontCache3.0.0.0 - ok
18:10:45.0620 0x0a28  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:10:45.0623 0x0a28  FsDepends - ok
18:10:45.0670 0x0a28  [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
18:10:45.0673 0x0a28  fssfltr - ok
18:10:45.0797 0x0a28  [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:10:45.0853 0x0a28  fsssvc - ok
18:10:45.0893 0x0a28  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:10:45.0895 0x0a28  Fs_Rec - ok
18:10:45.0939 0x0a28  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:10:45.0943 0x0a28  fvevol - ok
18:10:45.0975 0x0a28  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:10:45.0978 0x0a28  gagp30kx - ok
18:10:46.0035 0x0a28  [ C44D560E441F091EA3B72F778EC60DE2 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
18:10:46.0041 0x0a28  GameConsoleService - ok
18:10:46.0133 0x0a28  [ 2973B4EB7BE10A0D491B2037DCAAE88F ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
18:10:46.0135 0x0a28  Garmin Core Update Service - ok
18:10:46.0190 0x0a28  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
18:10:46.0214 0x0a28  gpsvc - ok
18:10:46.0263 0x0a28  [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb         C:\Windows\system32\drivers\grmnusb.sys
18:10:46.0265 0x0a28  grmnusb - ok
18:10:46.0354 0x0a28  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:10:46.0356 0x0a28  gupdate - ok
18:10:46.0374 0x0a28  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:10:46.0375 0x0a28  gupdatem - ok
18:10:46.0605 0x0a28  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:10:46.0612 0x0a28  gusvc - ok
18:10:46.0632 0x0a28  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:10:46.0636 0x0a28  hcw85cir - ok
18:10:46.0686 0x0a28  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:10:46.0693 0x0a28  HdAudAddService - ok
18:10:46.0731 0x0a28  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:10:46.0739 0x0a28  HDAudBus - ok
18:10:46.0775 0x0a28  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:10:46.0878 0x0a28  HidBatt - ok
18:10:47.0078 0x0a28  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:10:47.0089 0x0a28  HidBth - ok
18:10:47.0297 0x0a28  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:10:47.0345 0x0a28  HidIr - ok
18:10:47.0381 0x0a28  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
18:10:47.0383 0x0a28  hidserv - ok
18:10:47.0430 0x0a28  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:10:47.0433 0x0a28  HidUsb - ok
18:10:47.0468 0x0a28  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:10:47.0471 0x0a28  hkmsvc - ok
18:10:47.0507 0x0a28  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:10:47.0512 0x0a28  HomeGroupListener - ok
18:10:47.0544 0x0a28  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:10:47.0550 0x0a28  HomeGroupProvider - ok
18:10:47.0583 0x0a28  [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
18:10:47.0586 0x0a28  HpqKbFiltr - ok
18:10:47.0628 0x0a28  [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
18:10:47.0632 0x0a28  hpqwmiex - ok
18:10:47.0665 0x0a28  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:10:47.0668 0x0a28  HpSAMD - ok
18:10:47.0781 0x0a28  [ 447256D1C026654C5CD3CC17E7B20631 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
18:10:47.0789 0x0a28  HsfXAudioService - ok
18:10:47.0845 0x0a28  [ 26C5D00321937E49B6BC91029947D094 ] HSF_DPV         C:\Windows\system32\DRIVERS\CAX_DPV.sys
18:10:47.0895 0x0a28  HSF_DPV - ok
18:10:47.0941 0x0a28  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:10:47.0952 0x0a28  HTTP - ok
18:10:47.0990 0x0a28  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:10:47.0991 0x0a28  hwpolicy - ok
18:10:48.0026 0x0a28  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:10:48.0029 0x0a28  i8042prt - ok
18:10:48.0087 0x0a28  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:10:48.0096 0x0a28  iaStorV - ok
18:10:48.0160 0x0a28  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:10:48.0164 0x0a28  IDriverT - ok
18:10:48.0226 0x0a28  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:10:48.0250 0x0a28  idsvc - ok
18:10:48.0518 0x0a28  [ A1258065E8B16E23E2AFDE72FB5559BC ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130814.002\IDSvia64.sys
18:10:48.0528 0x0a28  IDSVia64 - ok
18:10:49.0590 0x0a28  [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:10:49.0848 0x0a28  igfx - ok
18:10:49.0881 0x0a28  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:10:49.0884 0x0a28  iirsp - ok
18:10:50.0353 0x0a28  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:10:50.0383 0x0a28  IKEEXT - ok
18:10:50.0466 0x0a28  [ D485D3BD3E2179AA86853A182F70699F ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
18:10:50.0471 0x0a28  IntcHdmiAddService - ok
18:10:50.0485 0x0a28  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:10:50.0489 0x0a28  intelide - ok
18:10:50.0517 0x0a28  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:10:50.0531 0x0a28  intelppm - ok
18:10:50.0560 0x0a28  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:10:50.0564 0x0a28  IPBusEnum - ok
18:10:50.0608 0x0a28  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:10:50.0613 0x0a28  IpFilterDriver - ok
18:10:50.0657 0x0a28  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:10:50.0667 0x0a28  iphlpsvc - ok
18:10:50.0700 0x0a28  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:10:50.0703 0x0a28  IPMIDRV - ok
18:10:50.0731 0x0a28  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:10:50.0735 0x0a28  IPNAT - ok
18:10:50.0755 0x0a28  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:10:50.0758 0x0a28  IRENUM - ok
18:10:50.0792 0x0a28  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:10:50.0795 0x0a28  isapnp - ok
18:10:50.0829 0x0a28  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:10:50.0835 0x0a28  iScsiPrt - ok
18:10:50.0924 0x0a28  [ 54F694C6CD3A1149BA3A8BDACC83BADC ] ITMRTSVC        C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe
18:10:50.0931 0x0a28  ITMRTSVC - ok
18:10:50.0959 0x0a28  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:10:50.0963 0x0a28  kbdclass - ok
18:10:51.0007 0x0a28  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:10:51.0009 0x0a28  kbdhid - ok
18:10:51.0031 0x0a28  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
18:10:51.0033 0x0a28  KeyIso - ok
18:10:51.0070 0x0a28  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:10:51.0074 0x0a28  KSecDD - ok
18:10:51.0103 0x0a28  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:10:51.0108 0x0a28  KSecPkg - ok
18:10:51.0141 0x0a28  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:10:51.0143 0x0a28  ksthunk - ok
18:10:51.0212 0x0a28  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:10:51.0244 0x0a28  KtmRm - ok
18:10:51.0303 0x0a28  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:10:51.0309 0x0a28  LanmanServer - ok
18:10:51.0343 0x0a28  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:10:51.0347 0x0a28  LanmanWorkstation - ok
18:10:51.0392 0x0a28  [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
18:10:51.0394 0x0a28  LightScribeService - ok
18:10:51.0429 0x0a28  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:10:51.0431 0x0a28  lltdio - ok
18:10:51.0462 0x0a28  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:10:51.0468 0x0a28  lltdsvc - ok
18:10:51.0477 0x0a28  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:10:51.0480 0x0a28  lmhosts - ok
18:10:51.0582 0x0a28  [ 8F2CFF01F12955477450DA5E572D4001 ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
18:10:51.0587 0x0a28  LMIGuardianSvc - ok
18:10:51.0608 0x0a28  [ 0F28935ECF1FBDEC22BAF720A5A94564 ] LMIInfo         C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
18:10:51.0611 0x0a28  LMIInfo - ok
18:10:51.0634 0x0a28  [ CA86C7042E406070B905AE6CA45D22EA ] LMIMaint        C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
18:10:51.0639 0x0a28  LMIMaint - ok
18:10:51.0659 0x0a28  [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
18:10:51.0661 0x0a28  lmimirr - ok
18:10:51.0677 0x0a28  LMIRfsClientNP - ok
18:10:51.0697 0x0a28  [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
18:10:51.0700 0x0a28  LMIRfsDriver - ok
18:10:51.0721 0x0a28  [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn         C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
18:10:51.0725 0x0a28  LogMeIn - ok
18:10:51.0771 0x0a28  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:10:51.0774 0x0a28  LSI_FC - ok
18:10:51.0809 0x0a28  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:10:51.0812 0x0a28  LSI_SAS - ok
18:10:51.0831 0x0a28  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:10:51.0834 0x0a28  LSI_SAS2 - ok
18:10:51.0863 0x0a28  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:10:51.0866 0x0a28  LSI_SCSI - ok
18:10:51.0914 0x0a28  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:10:51.0917 0x0a28  luafv - ok
18:10:51.0960 0x0a28  lxbu_device - ok
18:10:51.0995 0x0a28  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:10:51.0997 0x0a28  MBAMProtector - ok
18:10:52.0066 0x0a28  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:10:52.0069 0x0a28  MBAMScheduler - ok
18:10:52.0117 0x0a28  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:10:52.0122 0x0a28  MBAMService - ok
18:10:52.0219 0x0a28  [ 0F8FE97E6B8F4566518469A1A9738C6D ] McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
18:10:52.0221 0x0a28  McAfee SiteAdvisor Service - ok
18:10:52.0359 0x0a28  [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
18:10:52.0362 0x0a28  McComponentHostService - ok
18:10:52.0452 0x0a28  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:10:52.0458 0x0a28  Mcx2Svc - ok
18:10:52.0481 0x0a28  [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
18:10:52.0484 0x0a28  mdmxsdk - ok
18:10:52.0503 0x0a28  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:10:52.0505 0x0a28  megasas - ok
18:10:52.0537 0x0a28  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:10:52.0543 0x0a28  MegaSR - ok
18:10:52.0569 0x0a28  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:10:52.0571 0x0a28  MMCSS - ok
18:10:52.0603 0x0a28  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:10:52.0606 0x0a28  Modem - ok
18:10:52.0635 0x0a28  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:10:52.0637 0x0a28  monitor - ok
18:10:52.0664 0x0a28  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:10:52.0666 0x0a28  mouclass - ok
18:10:52.0697 0x0a28  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:10:52.0699 0x0a28  mouhid - ok
18:10:52.0724 0x0a28  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:10:52.0727 0x0a28  mountmgr - ok
18:10:52.0811 0x0a28  [ 82A4B602578DEDF49343EFA622AFBB61 ] mozybackup      C:\Program Files\MozyHome\mozybackup.exe
18:10:52.0812 0x0a28  mozybackup - ok
18:10:52.0844 0x0a28  [ E7B36791858FA16D1D90E095898724E1 ] mozyFilter      C:\Windows\system32\DRIVERS\mozy.sys
18:10:52.0846 0x0a28  mozyFilter - ok
18:10:52.0872 0x0a28  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:10:52.0875 0x0a28  mpio - ok
18:10:52.0906 0x0a28  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:10:52.0909 0x0a28  mpsdrv - ok
18:10:52.0961 0x0a28  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:10:52.0995 0x0a28  MpsSvc - ok
18:10:53.0025 0x0a28  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:10:53.0029 0x0a28  MRxDAV - ok
18:10:53.0055 0x0a28  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:10:53.0059 0x0a28  mrxsmb - ok
18:10:53.0094 0x0a28  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:10:53.0100 0x0a28  mrxsmb10 - ok
18:10:53.0115 0x0a28  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:10:53.0119 0x0a28  mrxsmb20 - ok
18:10:53.0133 0x0a28  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:10:53.0135 0x0a28  msahci - ok
18:10:53.0151 0x0a28  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:10:53.0155 0x0a28  msdsm - ok
18:10:53.0181 0x0a28  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:10:53.0186 0x0a28  MSDTC - ok
18:10:53.0232 0x0a28  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:10:53.0234 0x0a28  Msfs - ok
18:10:53.0250 0x0a28  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:10:53.0252 0x0a28  mshidkmdf - ok
18:10:53.0264 0x0a28  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:10:53.0267 0x0a28  msisadrv - ok
18:10:53.0306 0x0a28  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:10:53.0311 0x0a28  MSiSCSI - ok
18:10:53.0323 0x0a28  msiserver - ok
18:10:53.0342 0x0a28  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:10:53.0345 0x0a28  MSKSSRV - ok
18:10:53.0360 0x0a28  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:10:53.0363 0x0a28  MSPCLOCK - ok
18:10:53.0384 0x0a28  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:10:53.0386 0x0a28  MSPQM - ok
18:10:53.0416 0x0a28  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:10:53.0423 0x0a28  MsRPC - ok
18:10:53.0438 0x0a28  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:10:53.0440 0x0a28  mssmbios - ok
18:10:53.0478 0x0a28  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:10:53.0481 0x0a28  MSTEE - ok
18:10:53.0498 0x0a28  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:10:53.0500 0x0a28  MTConfig - ok
18:10:53.0525 0x0a28  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:10:53.0528 0x0a28  Mup - ok
18:10:53.0682 0x0a28  [ 1BF9D6476061B31CD7FC2BF848529A56 ] N360            C:\Program Files (x86)\Norton Security Suite\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
18:10:53.0687 0x0a28  N360 - ok
18:10:53.0729 0x0a28  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:10:53.0737 0x0a28  napagent - ok
18:10:53.0784 0x0a28  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:10:53.0790 0x0a28  NativeWifiP - ok
18:10:53.0874 0x0a28  [ 56540E526B46E379A476FB5BC381B290 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130819.017\ENG64.SYS
18:10:53.0877 0x0a28  NAVENG - ok
18:10:53.0947 0x0a28  [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130819.017\EX64.SYS
18:10:53.0970 0x0a28  NAVEX15 - ok
18:10:54.0016 0x0a28  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:10:54.0051 0x0a28  NDIS - ok
18:10:54.0087 0x0a28  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:10:54.0090 0x0a28  NdisCap - ok
18:10:54.0106 0x0a28  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:10:54.0109 0x0a28  NdisTapi - ok
18:10:54.0162 0x0a28  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:10:54.0165 0x0a28  Ndisuio - ok
18:10:54.0202 0x0a28  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:10:54.0206 0x0a28  NdisWan - ok
18:10:54.0240 0x0a28  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:10:54.0243 0x0a28  NDProxy - ok
18:10:54.0295 0x0a28  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:10:54.0298 0x0a28  Net Driver HPZ12 - ok
18:10:54.0326 0x0a28  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:10:54.0328 0x0a28  NetBIOS - ok
18:10:54.0359 0x0a28  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:10:54.0364 0x0a28  NetBT - ok
18:10:54.0377 0x0a28  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
18:10:54.0379 0x0a28  Netlogon - ok
18:10:54.0430 0x0a28  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:10:54.0438 0x0a28  Netman - ok
18:10:54.0509 0x0a28  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:10:54.0514 0x0a28  NetMsmqActivator - ok
18:10:54.0524 0x0a28  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:10:54.0529 0x0a28  NetPipeActivator - ok
18:10:54.0559 0x0a28  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:10:54.0567 0x0a28  netprofm - ok
18:10:54.0580 0x0a28  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:10:54.0582 0x0a28  NetTcpActivator - ok
18:10:54.0593 0x0a28  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:10:54.0595 0x0a28  NetTcpPortSharing - ok
18:10:54.0762 0x0a28  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
18:10:54.0905 0x0a28  netw5v64 - ok
18:10:54.0941 0x0a28  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:10:54.0943 0x0a28  nfrd960 - ok
18:10:54.0988 0x0a28  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:10:54.0995 0x0a28  NlaSvc - ok
18:10:55.0034 0x0a28  Norton PC Checkup Application Launcher - ok
18:10:55.0061 0x0a28  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:10:55.0064 0x0a28  Npfs - ok
18:10:55.0094 0x0a28  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:10:55.0097 0x0a28  nsi - ok
18:10:55.0109 0x0a28  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:10:55.0110 0x0a28  nsiproxy - ok
18:10:55.0179 0x0a28  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:10:55.0226 0x0a28  Ntfs - ok
18:10:55.0273 0x0a28  [ 189B73C24B70641C0E7ECBB866E0B1E5 ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
18:10:55.0277 0x0a28  NuidFltr - ok
18:10:55.0304 0x0a28  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:10:55.0306 0x0a28  Null - ok
18:10:55.0340 0x0a28  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:10:55.0344 0x0a28  nvraid - ok
18:10:55.0381 0x0a28  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:10:55.0385 0x0a28  nvstor - ok
18:10:55.0411 0x0a28  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:10:55.0414 0x0a28  nv_agp - ok
18:10:55.0478 0x0a28  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:10:55.0488 0x0a28  odserv - ok
18:10:55.0520 0x0a28  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:10:55.0523 0x0a28  ohci1394 - ok
18:10:55.0581 0x0a28  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:10:55.0584 0x0a28  ose - ok
18:10:55.0617 0x0a28  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:10:55.0624 0x0a28  p2pimsvc - ok
18:10:55.0645 0x0a28  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:10:55.0654 0x0a28  p2psvc - ok
18:10:55.0680 0x0a28  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:10:55.0683 0x0a28  Parport - ok
18:10:55.0709 0x0a28  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:10:55.0711 0x0a28  partmgr - ok
18:10:55.0779 0x0a28  [ 92252EC5A6EA57A0A0C4D5615D5C088E ] PasscapeLoader  C:\Program Files (x86)\Passcape\NPRW\loader.exe
18:10:55.0781 0x0a28  PasscapeLoader - ok
18:10:55.0805 0x0a28  [ 6BCB5D8D98E63C681734B316B60EC8BF ] PasscapeLoader64 C:\Program Files (x86)\Passcape\NPRW\loader64.exe
18:10:55.0808 0x0a28  PasscapeLoader64 - ok
18:10:55.0834 0x0a28  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:10:55.0839 0x0a28  PcaSvc - ok
18:10:55.0863 0x0a28  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
18:10:55.0867 0x0a28  pci - ok
18:10:55.0898 0x0a28  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:10:55.0900 0x0a28  pciide - ok
18:10:55.0935 0x0a28  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:10:55.0940 0x0a28  pcmcia - ok
18:10:55.0974 0x0a28  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:10:55.0976 0x0a28  pcw - ok
18:10:56.0004 0x0a28  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:10:56.0014 0x0a28  PEAUTH - ok
18:10:56.0099 0x0a28  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:10:56.0103 0x0a28  PerfHost - ok
18:10:56.0199 0x0a28  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
18:10:56.0247 0x0a28  pla - ok
18:10:56.0285 0x0a28  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:10:56.0293 0x0a28  PlugPlay - ok
18:10:56.0325 0x0a28  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:10:56.0328 0x0a28  Pml Driver HPZ12 - ok
18:10:56.0352 0x0a28  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:10:56.0355 0x0a28  PNRPAutoReg - ok
18:10:56.0376 0x0a28  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:10:56.0380 0x0a28  PNRPsvc - ok
18:10:56.0413 0x0a28  [ 34A8FAE065249F85A67A3215FF5ECB34 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
18:10:56.0415 0x0a28  Point64 - ok
18:10:56.0447 0x0a28  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:10:56.0455 0x0a28  PolicyAgent - ok
18:10:56.0493 0x0a28  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
18:10:56.0499 0x0a28  Power - ok
18:10:56.0527 0x0a28  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:10:56.0530 0x0a28  PptpMiniport - ok
18:10:56.0565 0x0a28  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:10:56.0568 0x0a28  Processor - ok
18:10:56.0602 0x0a28  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:10:56.0607 0x0a28  ProfSvc - ok
18:10:56.0622 0x0a28  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:10:56.0624 0x0a28  ProtectedStorage - ok
18:10:56.0667 0x0a28  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:10:56.0670 0x0a28  Psched - ok
18:10:56.0734 0x0a28  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:10:56.0779 0x0a28  ql2300 - ok
18:10:56.0800 0x0a28  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:10:56.0803 0x0a28  ql40xx - ok
18:10:56.0833 0x0a28  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:10:56.0839 0x0a28  QWAVE - ok
18:10:56.0865 0x0a28  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:10:56.0869 0x0a28  QWAVEdrv - ok
18:10:56.0885 0x0a28  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:10:56.0888 0x0a28  RasAcd - ok
18:10:56.0927 0x0a28  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:10:56.0930 0x0a28  RasAgileVpn - ok
18:10:56.0951 0x0a28  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:10:56.0956 0x0a28  RasAuto - ok
18:10:56.0990 0x0a28  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:10:56.0994 0x0a28  Rasl2tp - ok
18:10:57.0047 0x0a28  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:10:57.0054 0x0a28  RasMan - ok
18:10:57.0075 0x0a28  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:10:57.0078 0x0a28  RasPppoe - ok
18:10:57.0095 0x0a28  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:10:57.0100 0x0a28  RasSstp - ok
18:10:57.0134 0x0a28  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:10:57.0140 0x0a28  rdbss - ok
18:10:57.0161 0x0a28  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:10:57.0163 0x0a28  rdpbus - ok
18:10:57.0181 0x0a28  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:10:57.0182 0x0a28  RDPCDD - ok
18:10:57.0216 0x0a28  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:10:57.0217 0x0a28  RDPENCDD - ok
18:10:57.0238 0x0a28  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:10:57.0239 0x0a28  RDPREFMP - ok
18:10:57.0274 0x0a28  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:10:57.0280 0x0a28  RDPWD - ok
18:10:57.0315 0x0a28  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:10:57.0320 0x0a28  rdyboost - ok
18:10:57.0343 0x0a28  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:10:57.0347 0x0a28  RemoteAccess - ok
18:10:57.0384 0x0a28  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:10:57.0390 0x0a28  RemoteRegistry - ok
18:10:57.0662 0x0a28  [ 498EB62A160674E793FA40FD65390625 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
18:10:57.0666 0x0a28  RichVideo - ok
18:10:57.0698 0x0a28  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:10:57.0701 0x0a28  RpcEptMapper - ok
18:10:57.0721 0x0a28  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:10:57.0724 0x0a28  RpcLocator - ok
18:10:57.0764 0x0a28  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
18:10:57.0769 0x0a28  RpcSs - ok
18:10:57.0806 0x0a28  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:10:57.0809 0x0a28  rspndr - ok
18:10:57.0849 0x0a28  [ 2DB8116D52B19216812C4E6D5D837810 ] RSUSBSTOR       C:\Windows\System32\Drivers\RtsUStor.sys
18:10:57.0854 0x0a28  RSUSBSTOR - ok
18:10:57.0903 0x0a28  [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
18:10:57.0908 0x0a28  RTL8167 - ok
18:10:57.0916 0x0a28  RtsUIR - ok
18:10:57.0933 0x0a28  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
18:10:57.0934 0x0a28  SamSs - ok
18:10:57.0960 0x0a28  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:10:57.0963 0x0a28  sbp2port - ok
18:10:57.0999 0x0a28  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:10:58.0006 0x0a28  SCardSvr - ok
18:10:58.0034 0x0a28  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:10:58.0036 0x0a28  scfilter - ok
18:10:58.0083 0x0a28  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
18:10:58.0120 0x0a28  Schedule - ok
18:10:58.0147 0x0a28  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:10:58.0149 0x0a28  SCPolicySvc - ok
18:10:58.0175 0x0a28  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
18:10:58.0178 0x0a28  sdbus - ok
18:10:58.0214 0x0a28  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:10:58.0219 0x0a28  SDRSVC - ok
18:10:58.0251 0x0a28  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:10:58.0253 0x0a28  secdrv - ok
18:10:58.0289 0x0a28  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
18:10:58.0293 0x0a28  seclogon - ok
18:10:58.0326 0x0a28  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
18:10:58.0329 0x0a28  SENS - ok
18:10:58.0344 0x0a28  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:10:58.0348 0x0a28  SensrSvc - ok
18:10:58.0376 0x0a28  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:10:58.0379 0x0a28  Serenum - ok
18:10:58.0404 0x0a28  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:10:58.0407 0x0a28  Serial - ok
18:10:58.0431 0x0a28  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:10:58.0433 0x0a28  sermouse - ok
18:10:58.0480 0x0a28  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:10:58.0485 0x0a28  SessionEnv - ok
18:10:58.0523 0x0a28  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:10:58.0525 0x0a28  sffdisk - ok
18:10:58.0545 0x0a28  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:10:58.0548 0x0a28  sffp_mmc - ok
18:10:58.0563 0x0a28  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:10:58.0566 0x0a28  sffp_sd - ok
18:10:58.0588 0x0a28  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:10:58.0590 0x0a28  sfloppy - ok
18:10:58.0661 0x0a28  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:10:58.0683 0x0a28  SharedAccess - ok
18:10:58.0717 0x0a28  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:10:58.0725 0x0a28  ShellHWDetection - ok
18:10:58.0757 0x0a28  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:10:58.0760 0x0a28  SiSRaid2 - ok
18:10:58.0800 0x0a28  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:10:58.0803 0x0a28  SiSRaid4 - ok
18:10:58.0875 0x0a28  [ CA058CB8320CF9E3F978D729E55C82CF ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:10:58.0876 0x0a28  SkypeUpdate - ok
18:10:58.0913 0x0a28  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:10:58.0916 0x0a28  Smb - ok
18:10:58.0962 0x0a28  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:10:58.0966 0x0a28  SNMPTRAP - ok
18:10:58.0986 0x0a28  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:10:58.0989 0x0a28  spldr - ok
18:10:59.0029 0x0a28  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
18:10:59.0040 0x0a28  Spooler - ok
18:10:59.0149 0x0a28  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:10:59.0251 0x0a28  sppsvc - ok
18:10:59.0299 0x0a28  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:10:59.0302 0x0a28  sppuinotify - ok
18:10:59.0393 0x0a28  [ 2FD9346F9D76CB4192D37329CFA47A82 ] SRTSP           C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS
18:10:59.0427 0x0a28  SRTSP - ok
18:10:59.0459 0x0a28  [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX          C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS
18:10:59.0462 0x0a28  SRTSPX - ok
18:10:59.0503 0x0a28  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:10:59.0513 0x0a28  srv - ok
18:10:59.0543 0x0a28  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:10:59.0550 0x0a28  srv2 - ok
18:10:59.0578 0x0a28  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
18:10:59.0584 0x0a28  SrvHsfHDA - ok
18:10:59.0634 0x0a28  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
18:10:59.0683 0x0a28  SrvHsfV92 - ok
18:10:59.0727 0x0a28  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
18:10:59.0749 0x0a28  SrvHsfWinac - ok
18:10:59.0778 0x0a28  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:10:59.0782 0x0a28  srvnet - ok
18:10:59.0828 0x0a28  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:10:59.0833 0x0a28  SSDPSRV - ok
18:10:59.0854 0x0a28  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:10:59.0858 0x0a28  SstpSvc - ok
18:10:59.0886 0x0a28  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:10:59.0888 0x0a28  stexstor - ok
18:10:59.0922 0x0a28  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:10:59.0933 0x0a28  stisvc - ok
18:10:59.0965 0x0a28  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:10:59.0967 0x0a28  swenum - ok
18:10:59.0998 0x0a28  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:11:00.0009 0x0a28  swprv - ok
18:11:00.0061 0x0a28  [ 52DC0048D667757A8A2E4C87182890AC ] SymDS           C:\Windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS
18:11:00.0069 0x0a28  SymDS - ok
18:11:00.0112 0x0a28  [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA          C:\Windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS
18:11:00.0145 0x0a28  SymEFA - ok
18:11:00.0188 0x0a28  [ F19E5E37ED8134B9E5F6287F2D3A75D7 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
18:11:00.0192 0x0a28  SymEvent - ok
18:11:00.0222 0x0a28  [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON         C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS
18:11:00.0229 0x0a28  SymIRON - ok
18:11:00.0259 0x0a28  [ 9CDCA70485BD6B9D230365F67C31F132 ] SymNetS         C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS
18:11:00.0267 0x0a28  SymNetS - ok
18:11:00.0334 0x0a28  [ BCF305959B53B200CEB2AD25AD22F8A7 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:11:00.0341 0x0a28  SynTP - ok
18:11:00.0412 0x0a28  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
18:11:00.0485 0x0a28  SysMain - ok
18:11:00.0512 0x0a28  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:11:00.0516 0x0a28  TabletInputService - ok
18:11:00.0553 0x0a28  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:11:00.0560 0x0a28  TapiSrv - ok
18:11:00.0590 0x0a28  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:11:00.0594 0x0a28  TBS - ok
18:11:00.0689 0x0a28  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:11:00.0745 0x0a28  Tcpip - ok
18:11:00.0826 0x0a28  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:11:00.0838 0x0a28  TCPIP6 - ok
18:11:00.0882 0x0a28  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:11:00.0884 0x0a28  tcpipreg - ok
18:11:00.0911 0x0a28  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:11:00.0914 0x0a28  TDPIPE - ok
18:11:00.0942 0x0a28  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:11:00.0944 0x0a28  TDTCP - ok
18:11:00.0974 0x0a28  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:11:00.0977 0x0a28  tdx - ok
18:11:01.0012 0x0a28  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:11:01.0014 0x0a28  TermDD - ok
18:11:01.0050 0x0a28  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
18:11:01.0062 0x0a28  TermService - ok
18:11:01.0091 0x0a28  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:11:01.0095 0x0a28  Themes - ok
18:11:01.0121 0x0a28  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:11:01.0123 0x0a28  THREADORDER - ok
18:11:01.0147 0x0a28  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:11:01.0151 0x0a28  TrkWks - ok
18:11:01.0190 0x0a28  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:11:01.0192 0x0a28  TrustedInstaller - ok
18:11:01.0226 0x0a28  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:11:01.0228 0x0a28  tssecsrv - ok
18:11:01.0266 0x0a28  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:11:01.0268 0x0a28  TsUsbFlt - ok
18:11:01.0325 0x0a28  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:11:01.0328 0x0a28  tunnel - ok
18:11:01.0350 0x0a28  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:11:01.0353 0x0a28  uagp35 - ok
18:11:01.0384 0x0a28  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:11:01.0391 0x0a28  udfs - ok
18:11:01.0432 0x0a28  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:11:01.0436 0x0a28  UI0Detect - ok
18:11:01.0473 0x0a28  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:11:01.0475 0x0a28  uliagpkx - ok
18:11:01.0501 0x0a28  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
18:11:01.0503 0x0a28  umbus - ok
18:11:01.0534 0x0a28  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:11:01.0536 0x0a28  UmPass - ok
18:11:01.0562 0x0a28  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:11:01.0570 0x0a28  upnphost - ok
18:11:01.0588 0x0a28  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:11:01.0591 0x0a28  usbccgp - ok
18:11:01.0604 0x0a28  USBCCID - ok
18:11:01.0661 0x0a28  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:11:01.0664 0x0a28  usbcir - ok
18:11:01.0688 0x0a28  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:11:01.0690 0x0a28  usbehci - ok
18:11:01.0721 0x0a28  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:11:01.0727 0x0a28  usbhub - ok
18:11:01.0744 0x0a28  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:11:01.0746 0x0a28  usbohci - ok
18:11:01.0783 0x0a28  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:11:01.0786 0x0a28  usbprint - ok
18:11:01.0823 0x0a28  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:11:01.0825 0x0a28  usbscan - ok
18:11:01.0845 0x0a28  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:11:01.0848 0x0a28  USBSTOR - ok
18:11:01.0867 0x0a28  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:11:01.0870 0x0a28  usbuhci - ok
18:11:01.0905 0x0a28  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:11:01.0909 0x0a28  usbvideo - ok
18:11:01.0944 0x0a28  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:11:01.0947 0x0a28  UxSms - ok
18:11:01.0971 0x0a28  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:11:01.0973 0x0a28  VaultSvc - ok
18:11:01.0984 0x0a28  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:11:01.0987 0x0a28  vdrvroot - ok
18:11:02.0025 0x0a28  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
18:11:02.0037 0x0a28  vds - ok
18:11:02.0071 0x0a28  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:11:02.0074 0x0a28  vga - ok
18:11:02.0093 0x0a28  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:11:02.0096 0x0a28  VgaSave - ok
18:11:02.0140 0x0a28  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:11:02.0144 0x0a28  vhdmp - ok
18:11:02.0163 0x0a28  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:11:02.0167 0x0a28  viaide - ok
18:11:02.0181 0x0a28  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:11:02.0184 0x0a28  volmgr - ok
18:11:02.0221 0x0a28  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:11:02.0227 0x0a28  volmgrx - ok
18:11:02.0259 0x0a28  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:11:02.0265 0x0a28  volsnap - ok
18:11:02.0304 0x0a28  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:11:02.0308 0x0a28  vsmraid - ok
18:11:02.0368 0x0a28  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
18:11:02.0413 0x0a28  VSS - ok
18:11:02.0450 0x0a28  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:11:02.0453 0x0a28  vwifibus - ok
18:11:02.0467 0x0a28  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:11:02.0470 0x0a28  vwififlt - ok
18:11:02.0516 0x0a28  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:11:02.0523 0x0a28  W32Time - ok
18:11:02.0547 0x0a28  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:11:02.0550 0x0a28  WacomPen - ok
18:11:02.0591 0x0a28  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:11:02.0594 0x0a28  WANARP - ok
18:11:02.0601 0x0a28  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:11:02.0603 0x0a28  Wanarpv6 - ok
18:11:02.0632 0x0a28  [ ECEB715BECE47E101DDEC06B11126066 ] wanatw          C:\Windows\system32\DRIVERS\wanatw64.sys
18:11:02.0636 0x0a28  wanatw - ok
18:11:02.0775 0x0a28  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:11:02.0820 0x0a28  WatAdminSvc - ok
18:11:02.0879 0x0a28  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:11:02.0929 0x0a28  wbengine - ok
18:11:02.0955 0x0a28  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:11:02.0960 0x0a28  WbioSrvc - ok
18:11:02.0987 0x0a28  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:11:02.0994 0x0a28  wcncsvc - ok
18:11:03.0010 0x0a28  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:11:03.0014 0x0a28  WcsPlugInService - ok
18:11:03.0048 0x0a28  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:11:03.0051 0x0a28  Wd - ok
18:11:03.0090 0x0a28  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:11:03.0113 0x0a28  Wdf01000 - ok
18:11:03.0129 0x0a28  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:11:03.0133 0x0a28  WdiServiceHost - ok
18:11:03.0140 0x0a28  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:11:03.0143 0x0a28  WdiSystemHost - ok
18:11:03.0188 0x0a28  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
18:11:03.0194 0x0a28  WebClient - ok
18:11:03.0226 0x0a28  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:11:03.0232 0x0a28  Wecsvc - ok
18:11:03.0250 0x0a28  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:11:03.0255 0x0a28  wercplsupport - ok
18:11:03.0277 0x0a28  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:11:03.0280 0x0a28  WerSvc - ok
18:11:03.0313 0x0a28  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:11:03.0316 0x0a28  WfpLwf - ok
18:11:03.0331 0x0a28  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:11:03.0333 0x0a28  WIMMount - ok
18:11:03.0394 0x0a28  [ A6EA7A3FC4B00F48535B506DB1E86EFD ] winachsf        C:\Windows\system32\DRIVERS\CAX_CNXT.sys
18:11:03.0430 0x0a28  winachsf - ok
18:11:03.0460 0x0a28  WinDefend - ok
18:11:03.0490 0x0a28  WinHttpAutoProxySvc - ok
18:11:03.0563 0x0a28  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:11:03.0568 0x0a28  Winmgmt - ok
18:11:03.0660 0x0a28  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:11:03.0738 0x0a28  WinRM - ok
18:11:03.0790 0x0a28  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:11:03.0793 0x0a28  WinUsb - ok
18:11:03.0834 0x0a28  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:11:03.0867 0x0a28  Wlansvc - ok
18:11:03.0953 0x0a28  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:11:03.0957 0x0a28  wlcrasvc - ok
18:11:04.0074 0x0a28  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:11:04.0140 0x0a28  wlidsvc - ok
18:11:04.0171 0x0a28  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:11:04.0173 0x0a28  WmiAcpi - ok
18:11:04.0209 0x0a28  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:11:04.0214 0x0a28  wmiApSrv - ok
18:11:04.0243 0x0a28  WMPNetworkSvc - ok
18:11:04.0273 0x0a28  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:11:04.0277 0x0a28  WPCSvc - ok
18:11:04.0302 0x0a28  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:11:04.0307 0x0a28  WPDBusEnum - ok
18:11:04.0340 0x0a28  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:11:04.0343 0x0a28  ws2ifsl - ok
18:11:04.0363 0x0a28  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
18:11:04.0367 0x0a28  wscsvc - ok
18:11:04.0374 0x0a28  WSearch - ok
18:11:04.0466 0x0a28  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:11:04.0526 0x0a28  wuauserv - ok
18:11:04.0555 0x0a28  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:11:04.0558 0x0a28  WudfPf - ok
18:11:04.0595 0x0a28  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:11:04.0599 0x0a28  WUDFRd - ok
18:11:04.0625 0x0a28  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:11:04.0629 0x0a28  wudfsvc - ok
18:11:04.0663 0x0a28  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:11:04.0669 0x0a28  WwanSvc - ok
18:11:04.0700 0x0a28  [ E8F3FA126A06F8E7088F63757112A186 ] XAudio          C:\Windows\system32\DRIVERS\XAudio64.sys
18:11:04.0703 0x0a28  XAudio - ok
18:11:04.0746 0x0a28  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
18:11:04.0753 0x0a28  yukonw7 - ok
18:11:04.0771 0x0a28  ================ Scan global ===============================
18:11:04.0799 0x0a28  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:11:04.0829 0x0a28  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:11:04.0841 0x0a28  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:11:04.0869 0x0a28  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:11:04.0908 0x0a28  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:11:04.0915 0x0a28  [Global] - ok
18:11:04.0916 0x0a28  ================ Scan MBR ==================================
18:11:04.0935 0x0a28  [ 26F09BB2D3C825F4E28A6915A269F46D ] \Device\Harddisk0\DR0
18:11:05.0583 0x0a28  \Device\Harddisk0\DR0 - ok
18:11:05.0584 0x0a28  ================ Scan VBR ==================================
18:11:05.0590 0x0a28  [ 5011BD359D7029E482C3D0878A5B65F5 ] \Device\Harddisk0\DR0\Partition1
18:11:05.0594 0x0a28  \Device\Harddisk0\DR0\Partition1 - ok
18:11:05.0620 0x0a28  [ DC4F07280D9CAF32BF8C530E60351F8B ] \Device\Harddisk0\DR0\Partition2
18:11:05.0622 0x0a28  \Device\Harddisk0\DR0\Partition2 - ok
18:11:05.0658 0x0a28  [ 7AABE5ED88EC85A84A04927308C7D804 ] \Device\Harddisk0\DR0\Partition3
18:11:05.0662 0x0a28  \Device\Harddisk0\DR0\Partition3 - ok
18:11:05.0663 0x0a28  ============================================================
18:11:05.0663 0x0a28  Scan finished
18:11:05.0663 0x0a28  ============================================================
18:11:05.0682 0x1944  Detected object count: 0
18:11:05.0682 0x1944  Actual detected object count: 0
18:13:50.0462 0x1bb0  Deinitialize success
 

 

AdwCleaner

 

# AdwCleaner v2.306 - Logfile created 08/19/2013 at 18:14:52
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Bruce - NOTEBOOK
# Boot Mode : Normal
# Running from : C:\Users\Bruce\Downloads\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
Stopped & Deleted : BrowserDefendert
 
***** [Files / Folders] *****
 
Deleted on reboot : C:\Program Files (x86)\comcasttb
Deleted on reboot : C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpoeajoaeloaobnkbmdebekcgjjoenem
File Deleted : C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Deleted : C:\Windows\Tasks\LyricsContainer Update.job
Folder Deleted : C:\Program Files (x86)\Common Files\ParetoLogic
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\LyricsContainer
Folder Deleted : C:\Program Files (x86)\ParetoLogic
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\Viewpoint
Folder Deleted : C:\Program Files (x86)\xfin_portal
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BrowserDefender
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Users\Bruce\AppData\Local\Conduit
Folder Deleted : C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpoeajoaeloaobnkbmdebekcgjjoenem
Folder Deleted : C:\Users\Bruce\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Bruce\AppData\LocalLow\comcasttb
Folder Deleted : C:\Users\Bruce\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Bruce\AppData\LocalLow\Inbox Toolbar
Folder Deleted : C:\Users\Bruce\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Bruce\AppData\LocalLow\WhiteSmoke_New
Folder Deleted : C:\Users\Bruce\AppData\LocalLow\xfin_portal
Folder Deleted : C:\Users\Bruce\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Folder Deleted : C:\Users\Bruce\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Bruce\AppData\Roaming\SearchProtect
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\LyricsContainer
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\WhiteSmoke_New
Key Deleted : HKCU\Software\AppDataLow\Software\xfin_portal
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\Google\Chrome\Extensions\dpoeajoaeloaobnkbmdebekcgjjoenem
Key Deleted : HKCU\Software\Inbox Toolbar
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\90d6dbb33eea40
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0026278.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0026278.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.AppServer
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.IBX404
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inbox
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A11A6BD-7880-49BD-92D4-6F09D0BD3250}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{68DE31F7-43FF-4EE2-B88B-10665016970D}
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\Inbox Toolbar
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\Software\WhiteSmoke_New
Key Deleted : HKLM\SOFTWARE\Wow6432Node\90d6dbb33eea40
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{08635077-8829-49E2-B338-C968817EB460}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{20A3F109-F7C1-47B4-8098-8E654B264B1D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8C7478AB-3155-463E-936F-55F91F0F10D0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9E1B65EE-A131-42B4-94CA-847505E2F611}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dpoeajoaeloaobnkbmdebekcgjjoenem
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1791C1B5-FFD0-4D4B-ABCD-7A7DF6EAA89C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9C64243-E1A8-4D9D-8658-12EFBBCFC28B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7CDD00B-4225-4CBE-ACC0-E3F886736987}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\xfin_portal
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v10.0.9200.16660
 
[OK] Registry is clean.
 
-\\ Google Chrome v28.0.1500.95
 
File : C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[S1].txt - [11738 octets] - [19/08/2013 18:14:52]
 
########## EOF - C:\AdwCleaner[S1].txt - [11799 octets] ##########
 

ESET - I found this log file in the working directory of the program.  As mentioned, it is for the 2nd time I ran this program, I do believe the first time it did find some files that were then deleted in the process.

 

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7d2047749335bd4180927777ef954df8
# engine=14833
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-08-20 05:46:30
# local_time=2013-08-20 12:46:30 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3592 16777213 83 91 981017 127553686 0 0
# compatibility_mode=5893 16776574 100 94 2409886 128521040 0 0
# scanned=209201
# found=6
# cleaned=5
# scan_time=12822
sh=655C9978683BA9B96D3A8B199563B222817D6351 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.L application" ac=I fn="C:\Windows\SysWOW64\Extensions\125\chrome\content\main.js"
sh=929B58DECF63A3A472FD963D62AF63F3CF349A74 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen virus (deleted - quarantined)" ac=C fn="C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W871DSI4\popupdater[1].htm"
sh=F6013827243D8FB2A2A4509CC72C91564F4E602B ft=1 fh=3512880a3530d12a vn="a variant of Win32/Bundled.Toolbar.Ask application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Bruce\Downloads\disk-defrag-setup.exe"
sh=A6DDEA3368E8FB571F454D657A73DAFB07C85E15 ft=0 fh=0000000000000000 vn="Win32/TrojanDownloader.Zortob.B trojan (deleted - quarantined)" ac=C fn="C:\Users\Bruce\Downloads\Shipment_Info (1).zip"
sh=A6DDEA3368E8FB571F454D657A73DAFB07C85E15 ft=0 fh=0000000000000000 vn="Win32/TrojanDownloader.Zortob.B trojan (deleted - quarantined)" ac=C fn="C:\Users\Bruce\Downloads\Shipment_Info.zip"
sh=655C9978683BA9B96D3A8B199563B222817D6351 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.L application (cleaned by deleting - quarantined)" ac=C fn="C:\Windows\System32\Extensions\125\chrome\content\main.js"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7d2047749335bd4180927777ef954df8
# engine=14842
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-08-20 07:47:11
# local_time=2013-08-20 02:47:11 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3592 16777213 83 91 1031458 127604127 0 0
# compatibility_mode=5893 16776574 100 94 2460327 128571481 0 0
# scanned=209558
# found=0
# cleaned=0
# scan_time=13024


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:54 PM

Posted 21 August 2013 - 08:33 PM

Ok, that looks good. We got it and several other bad ones.

Please go onto Control Panel and uninstall these. Old versions are exploitable.
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
Java™ 6 Update 16 (Version: 6.0.160)

Finally run these and tell me how it is.

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
Now install the latest Java Version 7 Update 25


EDIT: ESET,,,#
found=6

# cleaned=5.. Don't know what they are, but they are gone.

Edited by boopme, 21 August 2013 - 08:36 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 macman104

macman104
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:54 PM

Posted 22 August 2013 - 11:51 AM

Glad it found some extra things!  It's the precise reason I wanted your expertise in helping to make sure his computer was all cleaned.  I'm still not getting email notifications for this topic, which I don't understand (as it seems all my settings are correct, maybe an admin can look into this for me?).

 

Also, just to make sure, it does seem like the Java 7 Update 25 is already installed, per this line in the MiniToolbox output, correct?

Java 7 Update 25 (Version: 7.0.250)

 

Junkware Removal Tool

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.3 (08.21.2013:1)
OS: Windows 7 Home Premium x64
Ran by Bruce on Thu 08/22/2013 at 10:52:56.75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\solid savings
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220222622278}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660266626678}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220222622278}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660266626678}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660266626678}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660266626678}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A766BBBB-A301-4DF4-9A7D-053EE30BF0F2}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E519AA1F-E8A8-47ED-92E3-BCFB65055819}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FFD497F7-4B7A-4DA6-BB15-BF6BF55A54B4}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\pchealthboost"
Successfully deleted: [Folder] "C:\ProgramData\speedypc software"
Successfully deleted: [Folder] "C:\Users\Bruce\AppData\Roaming\pccustubinstaller"
Successfully deleted: [Folder] "C:\Users\Bruce\AppData\Roaming\speedypc software"
Successfully deleted: [Folder] "C:\Users\Bruce\appdata\local\cre"
Failed to delete: [Folder] "C:\Program Files (x86)\comcasttb"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Program Files (x86)\speedypc software"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\speedypc software"
Successfully deleted: [Folder] "C:\Users\Bruce\AppData\Roaming\microsoft\windows\start menu\programs\speedypc software"
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{010DA23A-9B49-40E0-837F-46EF7DA7B750}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{039CC6AE-A6EA-4271-999C-DCEA3B3677F8}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{03E5A170-C5A3-47A7-86AE-1B866F20E4F1}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{054F64E2-9194-4355-8E4D-CB7586BD4E90}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{0574B126-67F0-47AA-8842-142A592277CD}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{05AAC5CF-A52B-4169-A708-0E3CC8112F2C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{05C16E1B-9CE0-483F-828D-E57B47EE9754}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{05C7D9F0-23A6-4FA9-8350-F6B0167A87FB}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{061E2AF2-6034-47D7-A3F3-866173E980CF}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{06CDCF7B-9E11-4826-87DB-AAED4A48AAE2}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{06DCFA4F-6094-4317-8029-18AE7A476DE8}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{07A87032-3366-4ADF-AAF8-DD23E0ACE732}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{0879AD4A-F22D-4453-A027-85BAC3397B6D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{0A7F5E0E-DE9F-46E4-953F-F20946704740}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{0AD3A7CE-82EE-4662-BAD6-DB7EE9C716A2}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{0AF9EB8A-1E86-4499-821F-CBA9CA719AAB}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{0B154E04-E409-412F-B77F-FE77EFCDB25F}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{0BEFFADD-C0BC-4ACE-B2EC-F069EC1DCA5C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{0CAF22B8-6A4D-4BB0-B856-6B6E6B32F268}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{0CBBCD4E-9977-453E-B65E-9B65B38FFD35}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{0D358B34-F065-4B6B-B641-0E4CDC6172FA}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{0E3E33C9-0F4F-485F-A301-DFCDCF916B71}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{111D941F-4F5E-40F3-8F41-FF08490F38D2}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{119B4F24-473A-4802-8204-6D2C70198CAF}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{123B2663-D25E-40BF-8894-52ACB2DC7868}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{12685EE4-6BA3-4161-9256-165D61089BB3}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{12A6AF61-8AE9-46C6-83CE-82EA8C4F0A5B}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{16332DF4-7FF7-4568-844E-654F82702687}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{16341F9C-E465-43FF-AD2A-6BFDED6FBA16}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{17166E0A-1A26-42D9-AF5D-F7F2D0C93353}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{17C75F85-B9D4-421F-A2E9-E0DF49EDCFC5}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{17F6633E-FB07-4D0B-A634-13A6A54645A9}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{192CEE37-F2C8-4D02-8260-5E7CA5E7386A}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{19A647FE-B924-4CD9-89AF-B8523D00AE57}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{1A1A01E8-232D-44BD-9562-CBACF914C0D8}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{1A879ED8-87A4-488C-8C5C-EE59D6439081}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{1AC31B16-AB58-48C0-A232-A8347B38E0A6}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{1AFBFD67-C42E-4B1E-BBF2-2A51117949CB}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{1BA46BB1-4492-4BC3-B5CE-8216E63CB25B}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{1BABF968-626E-42C3-859D-608E74DB8E38}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{1D0219A6-6EFD-41A4-8A8D-FCAC8393079E}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{1FD0CDAD-2B6D-4ABE-AFE0-736995EC8E48}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{1FD2A9A4-8C38-470A-999B-16837D0969B4}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{21411A94-2253-4B51-A8F0-9FD5F391B617}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{21BC083C-E6C0-4A3E-B4D5-99F93196E47B}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{2258A17D-359E-4CD8-A51D-F0A1B7922E1C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{24DC534A-84CD-4E08-B87C-6A6DB8EA6666}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{260EC0DE-8C6B-4FC8-B4CB-972EA677736F}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{27FE9F9C-4AD8-4EBC-BF3E-CC3ECBC05E7D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{28758EC5-0CA9-4424-92E8-CEC041A3BE88}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{28B4BA6E-9CD2-4802-A5BE-B96A9E15D547}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{2A334D3E-947F-4A09-8EC1-44EC654B48C2}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{2B61CD17-CAC6-4404-8A33-5A102D9EA273}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{2BCB1669-852B-45EA-A2B3-3E5FACFA1524}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{2BE6FB0A-9EE5-4D85-9862-6559B298806C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{2C7431FC-B4A4-4E57-BEB8-26C1CA7880B1}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{2C822FD3-14B4-4C0B-9A75-3A51A493246E}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{2E0335D0-D82E-45FC-A0D9-9356277D1802}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{2EE2B48E-60A8-4DA4-AD84-6ED10922A1BC}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{2FB64AEE-D87D-416F-ABC9-243DEF3D5B9D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{2FEFA3BA-3F72-40AB-87C9-F9438945B71F}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{30113AD8-F10C-4910-A825-EAB8121D6679}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{30735C64-B58E-4A7E-90E9-F2F87AC665B2}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{31354341-2B66-4303-8AF4-558BC0778B51}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{320E9DBE-F25B-4808-B5BD-122D0B92598C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{337FD150-3162-47E9-8177-7544E549EB23}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{33E123F9-D647-493F-8D00-17E0F386BDA4}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{344B2910-FA60-4AD3-A473-63AC3BA63635}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{350D908A-B6B8-40B6-9B34-97E31B50FD8B}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{35E3F8C3-1243-4E46-AA57-5B5B8B3E856D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{36857ED8-2E4B-4CA9-B031-C751F1B61FD5}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{3753A0FC-866A-410F-83F5-1762180BD2CA}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{396EBB14-A020-4117-8055-25E22138D00B}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{39F4622D-44B9-4104-815D-A71CD01AC615}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{3A1373C0-A363-4E9C-8A65-DF4A9BCA1397}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{3A15FF25-281A-4CEF-8073-0C41D01F0FB1}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{3B31CED4-7546-422B-92B1-C88D1729BEA3}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{3B96BAAB-2C3B-4E4E-AE93-070B8C69CD3C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{3BA109BD-C7D0-438F-8651-A243E492EE63}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{3E7D460C-087A-4B13-95EC-51397764FEA8}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{3E7F6938-B687-4ED0-9D22-E85D96C1FC94}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{3E8B24D6-33CF-4BDD-9FE7-A3F27607F02E}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{3EBB7973-F76D-4267-A199-D7569EAF16A4}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{3F3B1FC6-989C-4A82-9A0D-55EE5CF7AFEA}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{3FE38DBF-7C50-4E4A-90F6-50049F6DA165}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{3FE58133-1C83-4B20-81F6-302087892CA2}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{4055ED85-910B-45EE-9A29-6800488EB55B}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{40E3876F-8950-4B2E-A3B2-5F971AEC500A}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{4159B14F-2B13-4CF8-80E3-E2BDE4481420}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{42432B8D-77F6-472E-B328-4AA7269D2488}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{42EEA25B-6E7F-4E0B-97F1-F09492811024}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{43ED6405-FE47-430A-A97C-F4FF08D918F0}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{440FE16D-B1CB-4533-B8C3-816D03C11596}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{4428D974-FCFA-4C6A-92B7-6333B48DB62A}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{44A17664-4A1C-4F65-A491-3C2923CD88CC}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{4506DBF5-3BC5-417F-9C8D-EE7D8CCDF832}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{4652C639-A0AD-4666-B795-3D7063F41A0B}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{49CBF86A-BE7C-4F07-8B89-9845A8B3491A}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{4B49E9F2-7280-44E9-8F0B-8189CBE1C294}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{4B6BA21C-ACA5-40C1-B241-0E9BB057137D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{4C534763-3006-40E4-A856-1D1550A8279D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{4C98E236-869B-4412-9D47-D7C7A470B8B2}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{4CB84BDE-316B-4C0D-8AD7-49099D04EBBC}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{4FBD2223-2C28-48E6-BF95-E0016C27BA14}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{5059EAD6-880D-4915-8F4E-17E92209849C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{50D73D5D-4D1A-477B-853B-5368818C0DC0}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{51F95824-F682-460F-8511-8D4D9DFD5AF1}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{526D97E6-2CFB-4141-857B-19F839808665}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{52B63953-60E3-4048-A317-59A5F24BDC13}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{52D4AF31-DAC3-43AF-804F-05AE96E22B35}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{52F01DE0-4789-4C37-BDBB-A273302950DA}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{535D1D45-81F0-4ADB-B1A1-5C1F1CCBF7B5}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{5383AE8B-31C5-4C4E-8E41-D164CF03CA14}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{53C14C51-BA04-4F90-A6D2-A6B0EB0BCC3F}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{555A1C56-9BBD-44BA-9751-3BE7310ACB2A}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{560802D7-14CA-4AEC-833B-4CDC65AF6BA4}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{58648126-E014-4F0A-8307-18E2D3882FB9}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{5892F687-9F7C-4ED3-A377-F2AC826E2AE1}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{59791F2D-3FBC-4EE6-8DBA-DB960CCC43F1}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{5A747793-9568-4B4A-9B35-6EE6E11ED45D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{5C0E6814-5356-4566-9341-CF2C4FBC2AB4}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{5EEAFC8B-799E-426E-B42F-314DAE610E5D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{60BBDE74-BF3A-418D-9EC9-530FC988B74A}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{6144A902-99F2-46F6-8F6C-90DA06127FDB}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{61995C1A-033D-4840-B63D-C2314E828A27}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{619D0F6A-8FA3-4EA4-9EF3-3DBCDF5D839C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{6215BF4D-31E1-4B20-8783-682AA761A1EB}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{632A5D1C-BF76-43A4-863A-0CFCD87C1953}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{642F4459-40CE-4A56-A6CA-E0786F532F86}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{6438B5C9-AF70-4526-B606-AD6C22057F86}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{64F48FD0-E52C-4E79-A992-9B400F3B4BC3}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{652054EE-5705-4AB2-BF0B-BF2F4533D742}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{653F0DEF-73B1-4D78-AFFD-BC094F981A04}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{657A0B0A-FB31-47CD-B5C8-DA7A7B1C6B06}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{65B863C8-2CF4-4598-9760-4DB4DE99F4B3}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{66B6176A-6998-4A2E-8E23-4024915DBF9F}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{6773E9B5-04E7-4FF5-8A11-71E16AFD3E22}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{68ABE717-1187-4B59-BFF2-B8CC2AED1C26}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{68F15900-B455-4188-8280-323EB6722D5F}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{694D00C3-82E1-4AE7-9DDE-3677BE7A8865}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{6F40B8AF-F28D-42F5-A197-B02725D9B90A}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{6FD47839-B0CB-4E4B-9A10-161165921575}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{700D1A6F-1A30-418C-9E53-598FC3D26A6B}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{7032D5BD-3724-4C24-A99A-2BC3805014B5}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{713EFF36-215F-449C-AC94-6DEC87B6573F}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{71AF1DCD-70E9-4661-B4F7-7DF152D0BEBC}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{71C9E43F-D687-4C92-B0AC-7EB83FF71437}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{726526A3-B16C-45B2-99CD-F522CB1833B9}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{739FBB47-39F6-4754-A2AF-D3D1FCD0B190}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{73C0F1B4-EE9B-46E8-8838-F5767DF1CF66}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{7459EFFD-7F05-4AFC-A22C-1DCCDBD04167}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{758797DE-7CE7-4B14-A74B-881142115159}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{75E04F55-9119-4A48-AAC3-E490C89CE5B0}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{768764F3-85BA-43C0-AD08-B00151792EA4}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{78F6686B-9BD7-412A-9799-E9018E0BE56C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{794E41FB-88E6-4CDC-8DED-28FDEC158CA3}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{7A92C751-EBE9-4E22-A649-9A051E2BC382}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{7C2B86A7-3EFB-4BA2-9289-D8B0F300CB7C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{7D1ED61E-C453-44CB-B7BD-46B2040C65CD}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{7D8F5340-23B6-4EEE-9111-2500DCFE5E6C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{7DA0C0D6-3466-45B0-BA1B-A29CC50D176A}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{7F137F19-876F-428C-B15D-DB9C7E00D23D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{7F5B8157-9128-46A1-A1F3-F25CD444E4D5}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{80F89FDF-6DD4-443A-9EC3-144D30D1ACDB}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{81AD2CD0-048B-4DD0-87F0-21A4052672F2}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{825A927C-9A28-4D94-BB86-6EF52408BDBF}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{827BF84A-BA19-4A93-9EBA-8372D453F9CB}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{83FC8D0C-69B9-4E79-B6DB-F2DC54A8B768}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{845B2BBA-9454-4EBA-A9FB-8BA4BEF7AD63}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{848BC879-2B18-4FCB-AD4C-ED46BF2F2BF6}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{8523D13C-418C-4F56-BBD8-A2099E516A1F}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{8547517E-5AD3-4B16-90C5-16BD965F437B}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{85876C4D-269E-4BAB-84DA-3EDD1F95B9F2}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{8592268F-3FD7-4519-A497-56217E3CBA89}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{862E438F-04A3-45A9-970B-7D65238F0F22}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{88F99929-C814-412C-A172-A33975A6EAF3}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{89D1E71C-E6CA-4218-B3BD-850AC49B9DAC}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{8AE948AC-E6B3-4B4E-A903-24B2741DE71D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{8C2B90C8-B046-4816-AB8D-7A4236672C07}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{8C56D3EA-FEAA-4FFF-B825-CAA5D2600224}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{8C8E5A44-8A3F-4B5C-BBCB-E5D25A5EC67C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{8CCF4CF1-D02E-4BAF-B9DE-91BD3897FCD6}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{8EDCAD8F-2763-4134-BB2C-252E6C0287E5}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{8EF65BB0-2370-407E-A069-6E4C4FD466E8}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{8FAC2895-E45E-40BA-9FAD-212F9AA32856}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{8FEC77C6-0726-4A09-ABC7-ED4B76D5582C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{91A6477D-55C5-4569-90E9-824A587DC460}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{927B9F6B-E689-481A-9812-685730BF0FC0}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{92A7EB91-7D8A-4E75-9281-3772DA639E51}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{9369D8CA-73CA-4D8E-B05E-DE15B50B31D8}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{93F246AC-8F48-46AC-8D48-9C2E5C21FF48}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{955C80C8-C735-4007-8D88-64D927343161}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{95E9C0B6-970F-472A-9CFE-FDE973DFA1CB}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{9636E461-3855-439B-B73F-59F6E6E3D061}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{9679E199-6CE8-46F3-854F-4BEB0F7EBF6F}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{96883775-BCDF-45DD-BBBA-0EE4661F72FA}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{98726BA0-DB2F-469B-9D6C-B314A6D8B2F7}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{99F9FCBC-02F4-4AE4-A5A4-B6B0C7123D8C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{9C30B24C-5AAF-44C7-AE96-58C812BDB1A5}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{9C4CDB27-5659-4DED-B1EF-3216F729529F}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{9C8370FB-024D-46F0-8FF3-CE46C6487DC7}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{9E871C7C-BE01-45CC-892E-F4999D33728B}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{9EB8F487-C485-43B4-85C1-7F77177B33FD}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{9ED58D9B-55FC-4103-B82E-07E1C95424B5}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{A0C11249-2532-474B-8DB2-B56FDCBCAE81}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{A0F07448-6904-4787-B716-F5906FF87CCC}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{A1AF5BC3-2E09-4246-9DEF-EA782A2E33F9}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{A1C64105-2D56-4CA8-8656-1D788C7741D7}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{A2B38F8B-CBE4-4CB6-8BB1-2CA92CCED566}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{A3083307-9D24-4087-B166-6A4C567E41EE}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{A3C7584A-C9C9-482D-838A-49B760F5AD06}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{A451EF55-A1B8-4AAF-8132-700CB4D8CCF4}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{A4ACAF21-16EE-4E06-B7F6-F4D8C46ED31D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{A590F769-EAFB-4F80-AEFE-C78465CA28EC}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{A6381785-DE18-4C17-B104-5D08B3E773FE}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{A6729007-9059-4F6E-9740-E23505B396BF}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{A6D7CFF8-A0C4-48A4-A347-188552599547}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{AAEAB688-FE4B-4153-AA29-F5109A2FBE19}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{AAF54245-BA8B-40C1-82FE-F7BB00424A3E}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{AB40A93E-F508-4D83-B2BB-43B0CC40773E}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{ABFE4AA2-61B3-4B84-A780-38C5358B0BA9}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{ACA6E9E2-838A-4E4F-8746-75593E029379}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{B0E2A4B8-3CDF-4DAD-AA25-14A86D0FD88D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{B2583EC0-860C-4B18-AA66-EB9C1F2D91C9}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{B2FE4DDA-76BC-4AFF-9FD4-6DAB769E160A}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{B41E8CDF-42C5-4E75-81D2-E8E705B86ACC}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{B4261FD4-DB47-41B6-92A5-F53FAC4267CC}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{B6254F4F-BC90-4EDF-BBC2-599C45C530A7}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{B7A52712-6FDF-4225-B24C-C59430A7167C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{B82FAA04-740E-4DDA-8337-42710E5B9CAA}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{B87F095F-5DEB-44BB-BD9F-16F8E81BB992}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{B8FF66CF-BB4E-4243-98D1-1C4BE28B9C72}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{B91AA962-F2C9-4987-B8FC-14AADA21BC3C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{B9F50446-A922-4FF9-B592-A08C2636CE21}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{BA0D2EF1-3257-4D64-A88F-391B364EC01F}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{BABD4B49-25DE-4381-9852-BF15943D1478}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{BABEAC52-C4EF-490B-9446-0E8643BA62A2}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{BAC5597D-0616-4556-88BC-CACC043FF610}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{BCA6AC66-69E1-4D41-90B9-E9345C0DF8CF}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{BD854809-C81A-4493-ACC0-5D59E0EB3C6B}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{BE04E743-5FB6-4DAD-86E1-44BFB0A69C2B}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{BE1F9948-F61B-435B-A76F-BD52DE331F29}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{BF6D8060-B179-43AF-A40A-1DECA61ABF86}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{BFE2E6F0-224A-4211-B93E-3C3A890C2E2D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{C0A6E578-6009-4373-B56A-BFC4E0341CB3}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{C145D3A2-40CB-4D10-B726-726A17166BBB}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{C27281C4-EA35-4CF5-8FF9-CF30F6C94E97}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{C3070CB5-9700-4567-AB6E-1CE3A5CB7A19}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{C39C9CE6-BCFF-4DCC-B745-9BE372810604}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{C401FF30-34E4-4092-A66E-643862CE28CF}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{C40B8833-555E-4770-A91D-DCCEFC720905}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{C4B12C75-93C5-4044-BC0F-DF843394EEFB}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{C4D8F23D-6E76-4133-B002-E64547026FE5}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{C6F4A7CC-BA61-40CF-8995-B79C7C7430EE}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{C6FF1A13-E516-449B-8E8A-9B1B6DA03325}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{C7830912-E368-4655-9F1C-57AD64A95786}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{C78C949F-9880-40BC-AA4D-45AF33361D7D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{C8F8A941-DA75-4ED9-8984-8BAB7B76EB90}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{C9269C70-5D8F-4738-B351-A7DE4CFAA11D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{C9C7B419-C6C1-434F-BBB5-425E5D6A120C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{CA2BFFAB-DC71-4E4D-95EC-38E87DA459CB}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{CBE890F0-EF35-4C2B-B5ED-0CBAF163B5D9}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{CC5065DC-C211-48FE-9C3B-4E45F2BBE28D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{CC7D2790-114E-4778-8492-B8913CDAD287}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{CC9D39D8-116C-443B-862E-454F89A51AB1}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{CCC84CBD-1FBF-4431-AB7E-371D97A631CA}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{CD499B47-4E43-4578-AFCB-FC8C874EDED4}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{CD8B4F2C-DE90-4FCB-8988-DE660023D62E}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{CED98527-FC68-4F35-BBB4-35255E487287}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{CFCEFC5C-9529-4876-9AE6-D811FE96CDC6}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{D0327960-DD49-4A49-A9CE-04C3D036514D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{D0988476-3323-494A-AF2E-FBDDBDB0DD35}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{D1A8173A-408E-4361-B243-8C74087E0386}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{D1E4BD5B-BAFA-42C6-8682-35F1A199C916}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{D20A5624-50A1-4888-ADBD-440F97BD6E87}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{D2970A9D-989E-445D-9BFB-7EAD4AA1CC70}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{D2A8A10C-6FAC-43C4-9DCF-BC74A966872E}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{D42B5CFD-27F9-4971-B504-590D25BAD3F5}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{D5663750-3964-4BB6-A96A-1293D1318C89}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{D614F1FE-D4E8-4721-AB69-8C3EC97DB703}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{D6F5C36A-FE8A-4236-A8BB-A53745E64D77}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{D80B954E-E033-4F0F-8B3B-8293429C5BA2}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{D8527D7F-B83B-4181-829D-F87A0C732422}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{D9CE0604-AF78-4118-A6B4-E23B2B8D43FA}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{DAF7ED34-0592-471B-952F-822BB80D6D2C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{DBD03E5C-1EB3-4A1A-AB57-1BA1C60A7CB7}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{DE2C063A-F024-4520-AE48-8826475E22C4}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{E0D11743-FFE4-4C28-842E-DBD723470EC5}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{E16DCE62-606C-4387-8B6B-CE0FACEB9ED3}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{E1ABB799-1666-468C-BD77-51106A60B2D5}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{E203F5C8-1C1E-4888-A631-7AAFF7DCC86D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{E335A6DC-F9E0-4F94-9898-AF2C8C48FF01}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{E3CB4B8F-910C-46C6-88CC-430C62183B0E}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{E6A50BE7-F984-45C0-9F18-B6215F99409D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{E6A9818A-25C3-453E-A50C-14DDC45AC157}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{E6F97C36-2F2F-42E6-9238-0954B9104D95}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{E6FAEADF-888A-44E4-9032-115E7CD7FCA3}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{E7DA7190-E879-48DA-89EC-FB69F9BC3A37}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{E88FC1D8-FECB-4050-BF4A-850C390A3153}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{E8C31757-18A5-4B52-95A7-9436541F3343}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{E9CCA0E8-39F6-4BC4-9477-1D52C9467A9A}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{EAF7E308-A813-4DF1-A6DB-D8708C8CB17A}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{EBCE59B2-3B36-4FED-A6D9-052D2A4809B1}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{ED21335A-F9EC-411D-A2BF-90E0F67FC9FC}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{ED52BF9C-422F-4104-B1C0-7EB08B3CAB70}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{EE3466A6-8A1D-4696-ABB5-A4C0D0903D74}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{EE842F46-1D56-490B-ABAE-66420FFFCCDE}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{EFE64896-2288-4F14-BCFF-C387D5F4849A}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{F0EE10D6-0422-4131-AED3-193BC221016D}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{F0F31629-BE1C-48CA-A732-04816BCAEC8B}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{F14D6CC9-95E4-406A-89DC-6927B8E23455}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{F15C02BB-9DAE-4DC3-B325-F3A5389B4F25}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{F1E6A599-9501-490C-9960-D746CEAAFB08}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{F57069CA-783E-4A71-9235-C4A366223F0F}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{F579822C-40AA-47E2-A8C9-96800A9C5640}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{F735A3C6-5089-4FDB-91F1-C114A3B2011C}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{F746EE44-3DF4-4834-B149-E9EBC73B6F9B}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{F7CC18CD-E7E4-4795-A154-3B32C1A3CD30}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{F8DC9A57-A20F-43E7-B143-1703757A464A}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{F9344617-ED9A-4EFC-8D18-CC2CDD072338}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{FAF6340A-F168-4ED7-A942-0974B7FF4B91}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{FB1DDEC8-EF2A-4D2F-95DB-F26D69CA9749}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{FBABDC0A-BE48-40B1-9689-3763DC520DFF}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{FD83E990-354E-44DE-9FDD-4C340D30A8D3}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{FD9B87DD-66E9-411C-8AF2-783A23A89E57}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{FE567673-D460-46A0-A20C-777C96F93627}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{FF2AB7AA-930C-4CCD-A578-0B140FE46462}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{FF316BC7-5566-4250-91B0-4A896D0677FB}
Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{FF4191BC-A969-4E17-B165-7DE7785D80E9}
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\keaillmajpeodnbelalgeffidfcdgiem
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 08/22/2013 at 11:02:55.43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

TFC

 

Getting user folders.

 
Stopping running processes.
 
Emptying Temp folders.
 
 
User: All Users
 
User: Bruce
->Temp folder emptied: 9470332 bytes
->Temporary Internet Files folder emptied: 113623426 bytes
->Java cache emptied: 27640367 bytes
->Google Chrome cache emptied: 169042305 bytes
->Flash cache emptied: 24979 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 58264 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 58264 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 47111831 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 115151 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 1020 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 122809 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 757 bytes
 
Emptying RecycleBin. Do not interrupt.
 
RecycleBin emptied: 2469 bytes
Process complete!
 
Total Files Cleaned = 350.00 mb


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:54 PM

Posted 22 August 2013 - 01:00 PM

Well I see at the Top, to the right of the Title you and I are Subscribed. Did you select instantly for notification?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 macman104

macman104
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:54 PM

Posted 23 August 2013 - 12:15 PM

Got it figured out.  I was following it, and had selected immediate notification, but hadn't actually selected the method to be notified by.  All fixed now!

 

How did those scans look?  Anything else to be done?



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:54 PM

Posted 23 August 2013 - 01:55 PM

All is looking good now. Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can re-infect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup
  • to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically. Vista and Windows 7 users can refer to these links:
  • Create a New Restore Point in Vista
  • Create a New Restore Point in Windows 7 (alternate method)
  • Disk Cleanup in Vista
  • Disk Cleanup in Windows 7
  • ◾Reboot and see how it is.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 macman104

macman104
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:54 PM

Posted 25 August 2013 - 11:23 AM

All done!  I'm not actually there to see how the boot-up goes, but he reported even after the initial cleaning that it was already responding and loading things considerably more quickly.

 

Is there anything else, or final scans to perform at this point to make sure everything is cleaned out?



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:54 PM

Posted 25 August 2013 - 10:24 PM

You can f you want to .. Run SAS//t will remove all cookies and perhaps something we'ved missed. Make sure you have your passwords for websites as you may need to resign in.

But I feel this is clean.

Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
    For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.
)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the Control Center screen.
  • Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
  • If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
  • Click the Scan your computer... button.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.
To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
  • Click the View Scan Logs button at the bottom.
  • This will open the Scanner Logs Window.
  • Click on the log to highlight it and then click on View Selected Log to open it.
  • Copy and paste the scan log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 macman104

macman104
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:01:54 PM

Posted 26 August 2013 - 10:35 AM

Hi Boopme,

 

I think I'll probably pass on running those scans on his computer, not sure what trouble it would cause if he needed to re-enter all of his passwords.  Maybe in a years time or so, we'll do another round of scanning and checking of his computer.

 

Thanks for such great help!



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:54 PM

Posted 26 August 2013 - 03:44 PM

No problem, you're welcome and thanks for dropping by.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users