Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Delta Search Removal


  • Please log in to reply
18 replies to this topic

#1 esteban63

esteban63

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:19 PM

Posted 31 August 2013 - 04:59 PM

I inadvertently installed Delta Search and all the other unpleasant ilk that goes with it. Can someone please help me with making sure I download the right malware, etc to ensure it doesn't come back and haunt me anywhere?

 

I know just enough about computers to "think" I know what I'm doing, but in reality that causes me to be more dangerous than cautious at times if that makes sense. And, after reading a few of the posts and trying to navigate my way around this site I got intimidated by my obvious lack of knowledge and my inability to find answers in any efficient fashion.

 

So I finally realized that this is a volunteer forum and folks enjoy helping, so I'm hoping that will be the case with an obvious newb such as myself.

 

I have Windows 8. I think its the Home Edition but don't know for sure.  And I have wished I had the 7 OS that I had grown very accustomed to. I think I would know how to find that out if I still was using 7.

 

I typically have been solely a Chrome user as it integrates seamlessly as it should with my gmail, droid phone, etc. So my issues have been primarily happening with that.

 

In addition, though, I've been trying to get rid of the Ask.com search engine that is now the default for IE.  I have no clue whether this is related or not.

 

Many thanks in advance.

 

Esteban

 

Moderator Edit: Moved from the "Windows Startup Programs Database" forum to a More Appropriate forum

Roger


Edited by rotor123, 31 August 2013 - 06:09 PM.


BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:19 AM

Posted 01 September 2013 - 08:34 AM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run, install or uninstall any programs,  unless instructed to do so.
    We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

step1.gif

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
  • Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.

step2.gif

Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

step3.gif

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.

step4.gif

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 esteban63

esteban63
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:19 PM

Posted 04 September 2013 - 10:44 AM

11:25:09.0915 0x0b74  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
11:25:09.0915 0x0b74  UEFI system
11:25:10.0420 0x0b74  ============================================================
11:25:10.0420 0x0b74  Current date / time: 2013/09/04 11:25:10.0420
11:25:10.0420 0x0b74  SystemInfo:
11:25:10.0421 0x0b74  
11:25:10.0421 0x0b74  OS Version: 6.2.9200 ServicePack: 0.0
11:25:10.0421 0x0b74  Product type: Workstation
11:25:10.0421 0x0b74  ComputerName: STEVEPC
11:25:10.0421 0x0b74  UserName: Steve
11:25:10.0421 0x0b74  Windows directory: C:\Windows
11:25:10.0421 0x0b74  System windows directory: C:\Windows
11:25:10.0421 0x0b74  Running under WOW64
11:25:10.0421 0x0b74  Processor architecture: Intel x64
11:25:10.0421 0x0b74  Number of processors: 2
11:25:10.0421 0x0b74  Page size: 0x1000
11:25:10.0421 0x0b74  Boot type: Normal boot
11:25:10.0421 0x0b74  ============================================================
11:25:11.0076 0x0b74  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:25:11.0098 0x0b74  ============================================================
11:25:11.0098 0x0b74  \Device\Harddisk0\DR0:
11:25:11.0110 0x0b74  GPT partitions:
11:25:11.0110 0x0b74  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {FEC3DF37-1ACF-43BF-A377-67CB9BE4F86B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
11:25:11.0111 0x0b74  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {71C2B4FD-5E82-4CE3-9B25-575578CBC14F}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x82000
11:25:11.0111 0x0b74  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {C7745ED3-ACB7-47E8-ADA9-A26D8FE60ECE}, Name: Microsoft reserved partition, StartLBA 0x14A800, BlocksNum 0x40000
11:25:11.0111 0x0b74  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {00C72D63-CE17-4AE8-8BFB-804BE5965C67}, Name: Basic data partition, StartLBA 0x18A800, BlocksNum 0x47417000
11:25:11.0111 0x0b74  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D83449FC-2B2E-4D41-AE3F-198EBDA1110F}, Name: Basic data partition, StartLBA 0x475A1800, BlocksNum 0x32B6800
11:25:11.0111 0x0b74  MBR partitions:
11:25:11.0111 0x0b74  ============================================================
11:25:11.0127 0x0b74  C: <-> \Device\Harddisk0\DR0\Partition4
11:25:11.0231 0x0b74  D: <-> \Device\Harddisk0\DR0\Partition5
11:25:11.0231 0x0b74  ============================================================
11:25:11.0231 0x0b74  Initialize success
11:25:11.0231 0x0b74  ============================================================
11:25:14.0065 0x1178  ============================================================
11:25:14.0065 0x1178  Scan started
11:25:14.0065 0x1178  Mode: Manual; 
11:25:14.0065 0x1178  ============================================================
11:25:14.0666 0x1178  ================ Scan system memory ========================
11:25:14.0666 0x1178  Scan interrupted by user!
11:25:14.0666 0x1178  ================ Scan services =============================
11:25:14.0722 0x1178  Scan interrupted by user!
11:25:14.0722 0x1178  ================ Scan global ===============================
11:25:14.0722 0x1178  Scan interrupted by user!
11:25:14.0722 0x1178  ================ Scan MBR ==================================
11:25:14.0722 0x1178  Scan interrupted by user!
11:25:14.0722 0x1178  ================ Scan VBR ==================================
11:25:14.0723 0x1178  Scan interrupted by user!
11:25:14.0723 0x1178  ============================================================
11:25:14.0723 0x1178  Scan finished
11:25:14.0723 0x1178  ============================================================
11:25:14.0741 0x03c4  Detected object count: 0
11:25:14.0741 0x03c4  Actual detected object count: 0
11:25:38.0270 0x0acc  ============================================================
11:25:38.0270 0x0acc  Scan started
11:25:38.0270 0x0acc  Mode: Manual; SigCheck; TDLFS; 
11:25:38.0270 0x0acc  ============================================================
11:25:38.0586 0x0acc  ================ Scan system memory ========================
11:25:38.0586 0x0acc  System memory - ok
11:25:38.0591 0x0acc  ================ Scan services =============================
11:25:38.0787 0x0acc  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
11:25:38.0857 0x0acc  1394ohci - ok
11:25:38.0871 0x0acc  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\Windows\system32\drivers\3ware.sys
11:25:38.0883 0x0acc  3ware - ok
11:25:38.0908 0x0acc  [ 899B7E724BF19F17978B6A37B864A277 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
11:25:38.0927 0x0acc  Accelerometer - ok
11:25:38.0960 0x0acc  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:25:38.0976 0x0acc  ACPI - ok
11:25:39.0006 0x0acc  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
11:25:39.0017 0x0acc  acpiex - ok
11:25:39.0037 0x0acc  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
11:25:39.0048 0x0acc  acpipagr - ok
11:25:39.0056 0x0acc  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
11:25:39.0068 0x0acc  AcpiPmi - ok
11:25:39.0074 0x0acc  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
11:25:39.0087 0x0acc  acpitime - ok
11:25:39.0159 0x0acc  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:25:39.0168 0x0acc  AdobeARMservice - ok
11:25:39.0291 0x0acc  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:25:39.0302 0x0acc  AdobeFlashPlayerUpdateSvc - ok
11:25:39.0344 0x0acc  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:25:39.0364 0x0acc  adp94xx - ok
11:25:39.0385 0x0acc  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:25:39.0403 0x0acc  adpahci - ok
11:25:39.0425 0x0acc  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:25:39.0439 0x0acc  adpu320 - ok
11:25:39.0470 0x0acc  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:25:39.0485 0x0acc  AeLookupSvc - ok
11:25:39.0531 0x0acc  [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD             C:\Windows\system32\drivers\afd.sys
11:25:39.0550 0x0acc  AFD - ok
11:25:39.0590 0x0acc  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:25:39.0602 0x0acc  agp440 - ok
11:25:39.0635 0x0acc  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\Windows\System32\alg.exe
11:25:39.0651 0x0acc  ALG - ok
11:25:39.0681 0x0acc  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
11:25:39.0694 0x0acc  AllUserInstallAgent - ok
11:25:39.0738 0x0acc  [ 15223ECAD7D688273DADA63ADA8B6BBA ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:25:39.0766 0x0acc  AMD External Events Utility - ok
11:25:39.0792 0x0acc  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
11:25:39.0805 0x0acc  AmdK8 - ok
11:25:39.0992 0x0acc  [ 8EEBE772FA7D2A6436D6DBDE5EC7191B ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
11:25:40.0136 0x0acc  amdkmdag - ok
11:25:40.0163 0x0acc  [ 9B08F939F313CC8D57789C528F6B4C4B ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
11:25:40.0193 0x0acc  amdkmdap - ok
11:25:40.0223 0x0acc  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
11:25:40.0236 0x0acc  AmdPPM - ok
11:25:40.0276 0x0acc  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:25:40.0289 0x0acc  amdsata - ok
11:25:40.0307 0x0acc  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:25:40.0323 0x0acc  amdsbs - ok
11:25:40.0345 0x0acc  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:25:40.0357 0x0acc  amdxata - ok
11:25:40.0392 0x0acc  [ A2EFE3869B976296E097DEF368280F95 ] amd_sata        C:\Windows\system32\drivers\amd_sata.sys
11:25:40.0399 0x0acc  amd_sata - ok
11:25:40.0415 0x0acc  [ 625396421C29FB305C6C6235D01130B8 ] amd_xata        C:\Windows\system32\drivers\amd_xata.sys
11:25:40.0422 0x0acc  amd_xata - ok
11:25:40.0445 0x0acc  [ 8660C7BFE2CBA7E0B3F5D9ECD05D780E ] AndNetDiag      C:\Windows\system32\DRIVERS\lgandnetdiag64.sys
11:25:40.0457 0x0acc  AndNetDiag - ok
11:25:40.0478 0x0acc  [ 620F9CDFC8987FE26F6E0DC37D645B45 ] ANDNetModem     C:\Windows\system32\DRIVERS\lgandnetmodem64.sys
11:25:40.0488 0x0acc  ANDNetModem - ok
11:25:40.0541 0x0acc  [ 823F34D1DEF120A657BB7529ABF4461F ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
11:25:40.0554 0x0acc  AppHostSvc - ok
11:25:40.0587 0x0acc  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\Windows\system32\drivers\appid.sys
11:25:40.0604 0x0acc  AppID - ok
11:25:40.0638 0x0acc  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:25:40.0654 0x0acc  AppIDSvc - ok
11:25:40.0672 0x0acc  [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo         C:\Windows\System32\appinfo.dll
11:25:40.0686 0x0acc  Appinfo - ok
11:25:40.0794 0x0acc  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:25:40.0804 0x0acc  Apple Mobile Device - ok
11:25:40.0833 0x0acc  [ 44695679881DEB85CAD7C249B151066E ] APXACC          C:\Windows\system32\DRIVERS\appexDrv.sys
11:25:40.0843 0x0acc  APXACC - ok
11:25:40.0867 0x0acc  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\Windows\system32\drivers\arc.sys
11:25:40.0880 0x0acc  arc - ok
11:25:40.0909 0x0acc  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:25:40.0922 0x0acc  arcsas - ok
11:25:41.0035 0x0acc  [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:25:41.0046 0x0acc  aspnet_state - ok
11:25:41.0067 0x0acc  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:25:41.0083 0x0acc  AsyncMac - ok
11:25:41.0114 0x0acc  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:25:41.0126 0x0acc  atapi - ok
11:25:41.0209 0x0acc  [ 62B78165A465844CC7552F5D2E051E71 ] athr            C:\Windows\system32\DRIVERS\athw8x.sys
11:25:41.0267 0x0acc  athr - ok
11:25:41.0301 0x0acc  [ 506907D2E7F3A5B67DBD39C00A788B7C ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW86.sys
11:25:41.0309 0x0acc  AtiHDAudioService - ok
11:25:41.0367 0x0acc  [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
11:25:41.0382 0x0acc  AudioEndpointBuilder - ok
11:25:41.0418 0x0acc  [ 599B3F685A263A114FFAF3BE29C49C75 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
11:25:41.0441 0x0acc  Audiosrv - ok
11:25:41.0468 0x0acc  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:25:41.0481 0x0acc  AxInstSV - ok
11:25:41.0513 0x0acc  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:25:41.0535 0x0acc  b06bdrv - ok
11:25:41.0564 0x0acc  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
11:25:41.0577 0x0acc  BasicDisplay - ok
11:25:41.0588 0x0acc  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
11:25:41.0600 0x0acc  BasicRender - ok
11:25:41.0629 0x0acc  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:25:41.0644 0x0acc  BDESVC - ok
11:25:41.0660 0x0acc  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:25:41.0672 0x0acc  Beep - ok
11:25:41.0712 0x0acc  [ 9E6A544F465C582AB42444A217CF04DC ] BFE             C:\Windows\System32\bfe.dll
11:25:41.0735 0x0acc  BFE - ok
11:25:41.0782 0x0acc  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\Windows\System32\qmgr.dll
11:25:41.0811 0x0acc  BITS - ok
11:25:41.0874 0x0acc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:25:41.0886 0x0acc  Bonjour Service - ok
11:25:41.0899 0x0acc  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:25:41.0911 0x0acc  bowser - ok
11:25:41.0946 0x0acc  [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
11:25:41.0960 0x0acc  BrokerInfrastructure - ok
11:25:41.0994 0x0acc  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\Windows\System32\browser.dll
11:25:42.0009 0x0acc  Browser - ok
11:25:42.0039 0x0acc  [ 6695200F455E251F0BCC9CE4D0978D59 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
11:25:42.0052 0x0acc  BthAvrcpTg - ok
11:25:42.0083 0x0acc  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
11:25:42.0108 0x0acc  BthHFEnum - ok
11:25:42.0128 0x0acc  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
11:25:42.0140 0x0acc  bthhfhid - ok
11:25:42.0157 0x0acc  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
11:25:42.0185 0x0acc  BTHMODEM - ok
11:25:42.0202 0x0acc  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\Windows\system32\bthserv.dll
11:25:42.0216 0x0acc  bthserv - ok
11:25:42.0228 0x0acc  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:25:42.0243 0x0acc  cdfs - ok
11:25:42.0256 0x0acc  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\Windows\System32\drivers\cdrom.sys
11:25:42.0271 0x0acc  cdrom - ok
11:25:42.0307 0x0acc  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:25:42.0325 0x0acc  CertPropSvc - ok
11:25:42.0356 0x0acc  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\Windows\System32\drivers\circlass.sys
11:25:42.0382 0x0acc  circlass - ok
11:25:42.0394 0x0acc  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
11:25:42.0413 0x0acc  CLFS - ok
11:25:42.0466 0x0acc  [ 075CCE75090786F124573A788C8656E6 ] CLVirtualDrive  C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
11:25:42.0475 0x0acc  CLVirtualDrive - ok
11:25:42.0481 0x0acc  clwvd - ok
11:25:42.0493 0x0acc  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
11:25:42.0506 0x0acc  CmBatt - ok
11:25:42.0537 0x0acc  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             C:\Windows\system32\Drivers\cng.sys
11:25:42.0560 0x0acc  CNG - ok
11:25:42.0593 0x0acc  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
11:25:42.0618 0x0acc  CompositeBus - ok
11:25:42.0624 0x0acc  COMSysApp - ok
11:25:42.0640 0x0acc  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\Windows\system32\drivers\condrv.sys
11:25:42.0654 0x0acc  condrv - ok
11:25:42.0694 0x0acc  [ 5CE2742F063731EC10C1B2EE386A2C08 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:25:42.0710 0x0acc  CryptSvc - ok
11:25:42.0729 0x0acc  [ C4D01BD86D6B207275FC143EEA951D75 ] dam             C:\Windows\system32\drivers\dam.sys
11:25:42.0741 0x0acc  dam - ok
11:25:42.0782 0x0acc  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:25:42.0806 0x0acc  DcomLaunch - ok
11:25:42.0845 0x0acc  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:25:42.0870 0x0acc  defragsvc - ok
11:25:42.0891 0x0acc  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\Windows\system32\das.dll
11:25:42.0916 0x0acc  DeviceAssociationService - ok
11:25:42.0958 0x0acc  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
11:25:42.0974 0x0acc  DeviceInstall - ok
11:25:43.0006 0x0acc  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
11:25:43.0020 0x0acc  Dfsc - ok
11:25:43.0053 0x0acc  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:25:43.0070 0x0acc  Dhcp - ok
11:25:43.0077 0x0acc  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\Windows\system32\drivers\discache.sys
11:25:43.0099 0x0acc  discache - ok
11:25:43.0106 0x0acc  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\Windows\system32\drivers\disk.sys
11:25:43.0119 0x0acc  disk - ok
11:25:43.0135 0x0acc  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
11:25:43.0147 0x0acc  dmvsc - ok
11:25:43.0164 0x0acc  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:25:43.0180 0x0acc  Dnscache - ok
11:25:43.0208 0x0acc  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\Windows\System32\dot3svc.dll
11:25:43.0228 0x0acc  dot3svc - ok
11:25:43.0242 0x0acc  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\Windows\system32\dps.dll
11:25:43.0265 0x0acc  DPS - ok
11:25:43.0292 0x0acc  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:25:43.0305 0x0acc  drmkaud - ok
11:25:43.0343 0x0acc  [ F87F4AAAF6664906248D11D5E579A53B ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
11:25:43.0357 0x0acc  DsmSvc - ok
11:25:43.0411 0x0acc  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:25:43.0449 0x0acc  DXGKrnl - ok
11:25:43.0479 0x0acc  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\Windows\System32\eapsvc.dll
11:25:43.0497 0x0acc  Eaphost - ok
11:25:43.0579 0x0acc  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:25:43.0648 0x0acc  ebdrv - ok
11:25:43.0686 0x0acc  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\Windows\System32\lsass.exe
11:25:43.0700 0x0acc  EFS - ok
11:25:43.0730 0x0acc  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
11:25:43.0743 0x0acc  EhStorClass - ok
11:25:43.0763 0x0acc  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
11:25:43.0776 0x0acc  EhStorTcgDrv - ok
11:25:43.0798 0x0acc  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\Windows\System32\drivers\errdev.sys
11:25:43.0810 0x0acc  ErrDev - ok
11:25:43.0844 0x0acc  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\Windows\system32\es.dll
11:25:43.0864 0x0acc  EventSystem - ok
11:25:43.0888 0x0acc  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:25:43.0910 0x0acc  exfat - ok
11:25:43.0919 0x0acc  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:25:43.0934 0x0acc  fastfat - ok
11:25:43.0977 0x0acc  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\Windows\system32\fxssvc.exe
11:25:43.0998 0x0acc  Fax - ok
11:25:44.0031 0x0acc  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\Windows\System32\drivers\fdc.sys
11:25:44.0044 0x0acc  fdc - ok
11:25:44.0057 0x0acc  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\Windows\system32\fdPHost.dll
11:25:44.0080 0x0acc  fdPHost - ok
11:25:44.0096 0x0acc  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\Windows\system32\fdrespub.dll
11:25:44.0117 0x0acc  FDResPub - ok
11:25:44.0145 0x0acc  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\Windows\system32\fhsvc.dll
11:25:44.0159 0x0acc  fhsvc - ok
11:25:44.0179 0x0acc  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:25:44.0192 0x0acc  FileInfo - ok
11:25:44.0202 0x0acc  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:25:44.0222 0x0acc  Filetrace - ok
11:25:44.0235 0x0acc  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
11:25:44.0248 0x0acc  flpydisk - ok
11:25:44.0273 0x0acc  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:25:44.0291 0x0acc  FltMgr - ok
11:25:44.0332 0x0acc  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       C:\Windows\system32\FntCache.dll
11:25:44.0361 0x0acc  FontCache - ok
11:25:44.0411 0x0acc  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:25:44.0434 0x0acc  FontCache3.0.0.0 - ok
11:25:44.0487 0x0acc  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:25:44.0499 0x0acc  FsDepends - ok
11:25:44.0532 0x0acc  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:25:44.0548 0x0acc  Fs_Rec - ok
11:25:44.0612 0x0acc  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:25:44.0631 0x0acc  fvevol - ok
11:25:44.0657 0x0acc  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
11:25:44.0669 0x0acc  FxPPM - ok
11:25:44.0689 0x0acc  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:25:44.0701 0x0acc  gagp30kx - ok
11:25:44.0757 0x0acc  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
11:25:44.0766 0x0acc  GamesAppService - ok
11:25:44.0796 0x0acc  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:25:44.0803 0x0acc  GEARAspiWDM - ok
11:25:44.0827 0x0acc  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
11:25:44.0839 0x0acc  gencounter - ok
11:25:44.0878 0x0acc  [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
11:25:44.0891 0x0acc  GPIOClx0101 - ok
11:25:44.0949 0x0acc  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:25:44.0981 0x0acc  gpsvc - ok
11:25:45.0045 0x0acc  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:25:45.0053 0x0acc  gupdate - ok
11:25:45.0057 0x0acc  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:25:45.0067 0x0acc  gupdatem - ok
11:25:45.0103 0x0acc  [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:25:45.0118 0x0acc  HdAudAddService - ok
11:25:45.0139 0x0acc  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
11:25:45.0152 0x0acc  HDAudBus - ok
11:25:45.0186 0x0acc  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
11:25:45.0198 0x0acc  HidBatt - ok
11:25:45.0231 0x0acc  [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
11:25:45.0241 0x0acc  HidBth - ok
11:25:45.0258 0x0acc  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
11:25:45.0268 0x0acc  hidi2c - ok
11:25:45.0286 0x0acc  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\Windows\System32\drivers\hidir.sys
11:25:45.0309 0x0acc  HidIr - ok
11:25:45.0340 0x0acc  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\Windows\system32\hidserv.dll
11:25:45.0352 0x0acc  hidserv - ok
11:25:45.0388 0x0acc  [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
11:25:45.0399 0x0acc  HidUsb - ok
11:25:45.0433 0x0acc  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:25:45.0447 0x0acc  hkmsvc - ok
11:25:45.0472 0x0acc  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:25:45.0486 0x0acc  HomeGroupListener - ok
11:25:45.0544 0x0acc  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:25:45.0560 0x0acc  HomeGroupProvider - ok
11:25:45.0632 0x0acc  [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
11:25:45.0640 0x0acc  HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
11:25:45.0640 0x0acc  HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
11:25:45.0676 0x0acc  [ D104FF402FC3DDB686E6DEF00334DB26 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
11:25:45.0690 0x0acc  hpdskflt - ok
11:25:45.0761 0x0acc  [ 514455F6586473791C5C6B25BA4E1BAB ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
11:25:45.0795 0x0acc  hpqwmiex - ok
11:25:45.0832 0x0acc  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:25:45.0843 0x0acc  HpSAMD - ok
11:25:45.0855 0x0acc  [ 55FFCBB036D7BE4BCA6FA1421203A27F ] hpsrv           C:\Windows\system32\Hpservice.exe
11:25:45.0862 0x0acc  hpsrv - ok
11:25:45.0901 0x0acc  [ 3C5B2067338E4EFDADE94E4A72728F23 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
11:25:45.0907 0x0acc  HPWMISVC - ok
11:25:45.0948 0x0acc  [ F4A91D985EB9D1D2717D538F3424603C ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:25:45.0967 0x0acc  HTTP - ok
11:25:45.0976 0x0acc  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:25:45.0986 0x0acc  hwpolicy - ok
11:25:45.0998 0x0acc  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
11:25:46.0008 0x0acc  hyperkbd - ok
11:25:46.0045 0x0acc  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
11:25:46.0054 0x0acc  HyperVideo - ok
11:25:46.0074 0x0acc  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
11:25:46.0086 0x0acc  i8042prt - ok
11:25:46.0128 0x0acc  [ 050F2539E14F9D5E90A4B61738EC29BD ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
11:25:46.0142 0x0acc  iaStorA - ok
11:25:46.0170 0x0acc  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:25:46.0185 0x0acc  iaStorV - ok
11:25:46.0298 0x0acc  [ ABEFA4BD23329FD9BD47496BF2E58774 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
11:25:46.0335 0x0acc  IconMan_R ( UnsignedFile.Multi.Generic ) - warning
11:25:46.0335 0x0acc  IconMan_R - detected UnsignedFile.Multi.Generic (1)
11:25:46.0636 0x0acc  [ 83915E05E168AB63B48302F7DC5D8E00 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:25:46.0797 0x0acc  igfx - ok
11:25:46.0829 0x0acc  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:25:46.0841 0x0acc  iirsp - ok
11:25:46.0885 0x0acc  [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT          C:\Windows\System32\ikeext.dll
11:25:46.0911 0x0acc  IKEEXT - ok
11:25:46.0932 0x0acc  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:25:46.0944 0x0acc  intelide - ok
11:25:46.0963 0x0acc  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        C:\Windows\System32\drivers\intelppm.sys
11:25:46.0977 0x0acc  intelppm - ok
11:25:47.0006 0x0acc  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:25:47.0023 0x0acc  IpFilterDriver - ok
11:25:47.0067 0x0acc  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:25:47.0091 0x0acc  iphlpsvc - ok
11:25:47.0113 0x0acc  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
11:25:47.0127 0x0acc  IPMIDRV - ok
11:25:47.0148 0x0acc  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:25:47.0166 0x0acc  IPNAT - ok
11:25:47.0206 0x0acc  [ 78486992AC657AE5065C4A2135838570 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:25:47.0221 0x0acc  iPod Service - ok
11:25:47.0257 0x0acc  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:25:47.0270 0x0acc  IRENUM - ok
11:25:47.0281 0x0acc  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:25:47.0293 0x0acc  isapnp - ok
11:25:47.0326 0x0acc  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
11:25:47.0343 0x0acc  iScsiPrt - ok
11:25:47.0364 0x0acc  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
11:25:47.0376 0x0acc  kbdclass - ok
11:25:47.0399 0x0acc  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
11:25:47.0412 0x0acc  kbdhid - ok
11:25:47.0444 0x0acc  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
11:25:47.0456 0x0acc  kdnic - ok
11:25:47.0475 0x0acc  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\Windows\system32\lsass.exe
11:25:47.0490 0x0acc  KeyIso - ok
11:25:47.0522 0x0acc  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:25:47.0535 0x0acc  KSecDD - ok
11:25:47.0563 0x0acc  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:25:47.0577 0x0acc  KSecPkg - ok
11:25:47.0591 0x0acc  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:25:47.0605 0x0acc  ksthunk - ok
11:25:47.0650 0x0acc  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:25:47.0670 0x0acc  KtmRm - ok
11:25:47.0706 0x0acc  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:25:47.0725 0x0acc  LanmanServer - ok
11:25:47.0761 0x0acc  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:25:47.0778 0x0acc  LanmanWorkstation - ok
11:25:47.0809 0x0acc  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:25:47.0826 0x0acc  lltdio - ok
11:25:47.0867 0x0acc  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:25:47.0887 0x0acc  lltdsvc - ok
11:25:47.0907 0x0acc  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:25:47.0921 0x0acc  lmhosts - ok
11:25:47.0945 0x0acc  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:25:47.0958 0x0acc  LSI_SAS - ok
11:25:47.0969 0x0acc  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:25:47.0982 0x0acc  LSI_SAS2 - ok
11:25:47.0995 0x0acc  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:25:48.0009 0x0acc  LSI_SCSI - ok
11:25:48.0044 0x0acc  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
11:25:48.0056 0x0acc  LSI_SSS - ok
11:25:48.0093 0x0acc  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\Windows\System32\lsm.dll
11:25:48.0112 0x0acc  LSM - ok
11:25:48.0133 0x0acc  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:25:48.0154 0x0acc  luafv - ok
11:25:48.0195 0x0acc  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
11:25:48.0203 0x0acc  MBAMProtector - ok
11:25:48.0305 0x0acc  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:25:48.0317 0x0acc  MBAMScheduler - ok
11:25:48.0371 0x0acc  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:25:48.0387 0x0acc  MBAMService - ok
11:25:48.0418 0x0acc  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\Windows\system32\drivers\megasas.sys
11:25:48.0431 0x0acc  megasas - ok
11:25:48.0454 0x0acc  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:25:48.0472 0x0acc  MegaSR - ok
11:25:48.0502 0x0acc  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\Windows\system32\mmcss.dll
11:25:48.0517 0x0acc  MMCSS - ok
11:25:48.0537 0x0acc  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\Windows\system32\drivers\modem.sys
11:25:48.0554 0x0acc  Modem - ok
11:25:48.0592 0x0acc  [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor         C:\Windows\System32\drivers\monitor.sys
11:25:48.0604 0x0acc  monitor - ok
11:25:48.0617 0x0acc  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\Windows\System32\drivers\mouclass.sys
11:25:48.0629 0x0acc  mouclass - ok
11:25:48.0646 0x0acc  [ C0ADEBED913295803B579ED288936CBB ] mouhid          C:\Windows\System32\drivers\mouhid.sys
11:25:48.0659 0x0acc  mouhid - ok
11:25:48.0691 0x0acc  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:25:48.0703 0x0acc  mountmgr - ok
11:25:48.0758 0x0acc  [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:25:48.0768 0x0acc  MozillaMaintenance - ok
11:25:48.0800 0x0acc  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:25:48.0813 0x0acc  mpsdrv - ok
11:25:48.0849 0x0acc  [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:25:48.0874 0x0acc  MpsSvc - ok
11:25:48.0892 0x0acc  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:25:48.0909 0x0acc  MRxDAV - ok
11:25:48.0947 0x0acc  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:25:48.0963 0x0acc  mrxsmb - ok
11:25:49.0005 0x0acc  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:25:49.0020 0x0acc  mrxsmb10 - ok
11:25:49.0029 0x0acc  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:25:49.0043 0x0acc  mrxsmb20 - ok
11:25:49.0065 0x0acc  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
11:25:49.0083 0x0acc  MsBridge - ok
11:25:49.0101 0x0acc  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\Windows\System32\msdtc.exe
11:25:49.0118 0x0acc  MSDTC - ok
11:25:49.0145 0x0acc  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:25:49.0158 0x0acc  Msfs - ok
11:25:49.0191 0x0acc  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
11:25:49.0203 0x0acc  msgpiowin32 - ok
11:25:49.0217 0x0acc  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:25:49.0229 0x0acc  mshidkmdf - ok
11:25:49.0250 0x0acc  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
11:25:49.0263 0x0acc  mshidumdf - ok
11:25:49.0284 0x0acc  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:25:49.0296 0x0acc  msisadrv - ok
11:25:49.0325 0x0acc  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:25:49.0341 0x0acc  MSiSCSI - ok
11:25:49.0347 0x0acc  msiserver - ok
11:25:49.0359 0x0acc  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:25:49.0371 0x0acc  MSKSSRV - ok
11:25:49.0388 0x0acc  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
11:25:49.0402 0x0acc  MsLldp - ok
11:25:49.0414 0x0acc  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:25:49.0427 0x0acc  MSPCLOCK - ok
11:25:49.0441 0x0acc  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:25:49.0454 0x0acc  MSPQM - ok
11:25:49.0477 0x0acc  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:25:49.0496 0x0acc  MsRPC - ok
11:25:49.0536 0x0acc  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
11:25:49.0547 0x0acc  mssmbios - ok
11:25:49.0558 0x0acc  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:25:49.0571 0x0acc  MSTEE - ok
11:25:49.0591 0x0acc  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
11:25:49.0604 0x0acc  MTConfig - ok
11:25:49.0616 0x0acc  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:25:49.0629 0x0acc  Mup - ok
11:25:49.0649 0x0acc  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
11:25:49.0661 0x0acc  mvumis - ok
11:25:49.0736 0x0acc  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\Windows\system32\qagentRT.dll
11:25:49.0760 0x0acc  napagent - ok
11:25:49.0803 0x0acc  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:25:49.0822 0x0acc  NativeWifiP - ok
11:25:49.0851 0x0acc  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\Windows\System32\ncasvc.dll
11:25:49.0868 0x0acc  NcaSvc - ok
11:25:49.0881 0x0acc  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
11:25:49.0896 0x0acc  NcdAutoSetup - ok
11:25:49.0943 0x0acc  [ A10E176F3B2BF83EDE7B5C4658C93B66 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:25:49.0973 0x0acc  NDIS - ok
11:25:50.0009 0x0acc  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:25:50.0026 0x0acc  NdisCap - ok
11:25:50.0040 0x0acc  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
11:25:50.0053 0x0acc  NdisImPlatform - ok
11:25:50.0084 0x0acc  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:25:50.0097 0x0acc  NdisTapi - ok
11:25:50.0112 0x0acc  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:25:50.0124 0x0acc  Ndisuio - ok
11:25:50.0132 0x0acc  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:25:50.0151 0x0acc  NdisWan - ok
11:25:50.0157 0x0acc  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
11:25:50.0175 0x0acc  NDISWANLEGACY - ok
11:25:50.0197 0x0acc  [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:25:50.0210 0x0acc  NDProxy - ok
11:25:50.0216 0x0acc  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
11:25:50.0231 0x0acc  Ndu - ok
11:25:50.0263 0x0acc  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:25:50.0279 0x0acc  NetBIOS - ok
11:25:50.0289 0x0acc  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:25:50.0306 0x0acc  NetBT - ok
11:25:50.0320 0x0acc  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\Windows\system32\lsass.exe
11:25:50.0334 0x0acc  Netlogon - ok
11:25:50.0376 0x0acc  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\Windows\System32\netman.dll
11:25:50.0397 0x0acc  Netman - ok
11:25:50.0435 0x0acc  [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm        C:\Windows\System32\netprofmsvc.dll
11:25:50.0456 0x0acc  netprofm - ok
11:25:50.0491 0x0acc  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:25:50.0503 0x0acc  NetTcpPortSharing - ok
11:25:50.0528 0x0acc  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:25:50.0540 0x0acc  nfrd960 - ok
11:25:50.0609 0x0acc  [ 9ED6B2F6D9D04FB883F578ABC239EE07 ] NitroReaderDriverReadSpool3 C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
11:25:50.0619 0x0acc  NitroReaderDriverReadSpool3 - ok
11:25:50.0657 0x0acc  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:25:50.0674 0x0acc  NlaSvc - ok
11:25:50.0693 0x0acc  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:25:50.0706 0x0acc  Npfs - ok
11:25:50.0723 0x0acc  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
11:25:50.0743 0x0acc  npsvctrig - ok
11:25:50.0781 0x0acc  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\Windows\system32\nsisvc.dll
11:25:50.0796 0x0acc  nsi - ok
11:25:50.0832 0x0acc  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:25:50.0845 0x0acc  nsiproxy - ok
11:25:50.0918 0x0acc  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:25:50.0965 0x0acc  Ntfs - ok
11:25:50.0980 0x0acc  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\Windows\system32\drivers\Null.sys
11:25:50.0994 0x0acc  Null - ok
11:25:51.0008 0x0acc  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:25:51.0022 0x0acc  nvraid - ok
11:25:51.0043 0x0acc  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:25:51.0057 0x0acc  nvstor - ok
11:25:51.0073 0x0acc  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:25:51.0086 0x0acc  nv_agp - ok
11:25:51.0134 0x0acc  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:25:51.0151 0x0acc  p2pimsvc - ok
11:25:51.0169 0x0acc  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:25:51.0188 0x0acc  p2psvc - ok
11:25:51.0219 0x0acc  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\Windows\System32\drivers\parport.sys
11:25:51.0233 0x0acc  Parport - ok
11:25:51.0263 0x0acc  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:25:51.0276 0x0acc  partmgr - ok
11:25:51.0307 0x0acc  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:25:51.0326 0x0acc  PcaSvc - ok
11:25:51.0341 0x0acc  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\Windows\system32\drivers\pci.sys
11:25:51.0357 0x0acc  pci - ok
11:25:51.0377 0x0acc  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:25:51.0389 0x0acc  pciide - ok
11:25:51.0425 0x0acc  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:25:51.0441 0x0acc  pcmcia - ok
11:25:51.0448 0x0acc  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:25:51.0460 0x0acc  pcw - ok
11:25:51.0493 0x0acc  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             C:\Windows\system32\drivers\pdc.sys
11:25:51.0506 0x0acc  pdc - ok
11:25:51.0548 0x0acc  [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:25:51.0571 0x0acc  PEAUTH - ok
11:25:51.0657 0x0acc  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:25:51.0671 0x0acc  PerfHost - ok
11:25:51.0751 0x0acc  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\Windows\system32\pla.dll
11:25:51.0789 0x0acc  pla - ok
11:25:51.0813 0x0acc  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:25:51.0830 0x0acc  PlugPlay - ok
11:25:51.0864 0x0acc  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:25:51.0878 0x0acc  PNRPAutoReg - ok
11:25:51.0902 0x0acc  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:25:51.0919 0x0acc  PNRPsvc - ok
11:25:51.0960 0x0acc  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:25:51.0983 0x0acc  PolicyAgent - ok
11:25:52.0009 0x0acc  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\Windows\system32\umpo.dll
11:25:52.0024 0x0acc  Power - ok
11:25:52.0056 0x0acc  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:25:52.0073 0x0acc  PptpMiniport - ok
11:25:52.0184 0x0acc  [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
11:25:52.0227 0x0acc  PrintNotify - ok
11:25:52.0251 0x0acc  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       C:\Windows\System32\drivers\processr.sys
11:25:52.0264 0x0acc  Processor - ok
11:25:52.0294 0x0acc  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\Windows\system32\profsvc.dll
11:25:52.0311 0x0acc  ProfSvc - ok
11:25:52.0350 0x0acc  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:25:52.0368 0x0acc  Psched - ok
11:25:52.0387 0x0acc  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\Windows\system32\qwave.dll
11:25:52.0405 0x0acc  QWAVE - ok
11:25:52.0414 0x0acc  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:25:52.0428 0x0acc  QWAVEdrv - ok
11:25:52.0442 0x0acc  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:25:52.0458 0x0acc  RasAcd - ok
11:25:52.0474 0x0acc  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:25:52.0492 0x0acc  RasAgileVpn - ok
11:25:52.0532 0x0acc  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\Windows\System32\rasauto.dll
11:25:52.0550 0x0acc  RasAuto - ok
11:25:52.0576 0x0acc  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:25:52.0595 0x0acc  Rasl2tp - ok
11:25:52.0617 0x0acc  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\Windows\System32\rasmans.dll
11:25:52.0640 0x0acc  RasMan - ok
11:25:52.0653 0x0acc  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:25:52.0671 0x0acc  RasPppoe - ok
11:25:52.0678 0x0acc  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:25:52.0696 0x0acc  RasSstp - ok
11:25:52.0730 0x0acc  [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:25:52.0747 0x0acc  rdbss - ok
11:25:52.0764 0x0acc  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
11:25:52.0776 0x0acc  rdpbus - ok
11:25:52.0794 0x0acc  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:25:52.0808 0x0acc  RDPDR - ok
11:25:52.0847 0x0acc  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:25:52.0859 0x0acc  RdpVideoMiniport - ok
11:25:52.0888 0x0acc  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:25:52.0903 0x0acc  RDPWD - ok
11:25:52.0927 0x0acc  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:25:52.0943 0x0acc  rdyboost - ok
11:25:52.0977 0x0acc  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:25:52.0995 0x0acc  RemoteAccess - ok
11:25:53.0024 0x0acc  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:25:53.0048 0x0acc  RemoteRegistry - ok
11:25:53.0077 0x0acc  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:25:53.0093 0x0acc  RpcEptMapper - ok
11:25:53.0105 0x0acc  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\Windows\system32\locator.exe
11:25:53.0119 0x0acc  RpcLocator - ok
11:25:53.0149 0x0acc  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\Windows\system32\rpcss.dll
11:25:53.0174 0x0acc  RpcSs - ok
11:25:53.0199 0x0acc  [ D38250F459BF60D6F4B69B79DCD948CC ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
11:25:53.0210 0x0acc  RSP2STOR - ok
11:25:53.0240 0x0acc  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:25:53.0257 0x0acc  rspndr - ok
11:25:53.0294 0x0acc  [ 34DA0D14F5C3F1883A331AFB975AB434 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
11:25:53.0309 0x0acc  RTL8168 - ok
11:25:53.0331 0x0acc  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
11:25:53.0343 0x0acc  s3cap - ok
11:25:53.0376 0x0acc  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\Windows\system32\lsass.exe
11:25:53.0391 0x0acc  SamSs - ok
11:25:53.0408 0x0acc  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:25:53.0422 0x0acc  sbp2port - ok
11:25:53.0456 0x0acc  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:25:53.0477 0x0acc  SCardSvr - ok
11:25:53.0485 0x0acc  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:25:53.0502 0x0acc  scfilter - ok
11:25:53.0538 0x0acc  [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule        C:\Windows\system32\schedsvc.dll
11:25:53.0567 0x0acc  Schedule - ok
11:25:53.0597 0x0acc  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:25:53.0616 0x0acc  SCPolicySvc - ok
11:25:53.0656 0x0acc  [ 98636FB2973B8876A7F0BECD076CF109 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
11:25:53.0671 0x0acc  sdbus - ok
11:25:53.0708 0x0acc  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:25:53.0724 0x0acc  SDRSVC - ok
11:25:53.0749 0x0acc  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
11:25:53.0762 0x0acc  sdstor - ok
11:25:53.0782 0x0acc  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:25:53.0795 0x0acc  secdrv - ok
11:25:53.0806 0x0acc  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\Windows\system32\seclogon.dll
11:25:53.0825 0x0acc  seclogon - ok
11:25:53.0836 0x0acc  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\Windows\System32\sens.dll
11:25:53.0859 0x0acc  SENS - ok
11:25:53.0878 0x0acc  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:25:53.0894 0x0acc  SensrSvc - ok
11:25:53.0917 0x0acc  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\Windows\system32\drivers\SerCx.sys
11:25:53.0930 0x0acc  SerCx - ok
11:25:53.0954 0x0acc  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\Windows\System32\drivers\serenum.sys
11:25:53.0966 0x0acc  Serenum - ok
11:25:53.0977 0x0acc  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\Windows\System32\drivers\serial.sys
11:25:53.0991 0x0acc  Serial - ok
11:25:54.0019 0x0acc  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\Windows\System32\drivers\sermouse.sys
11:25:54.0031 0x0acc  sermouse - ok
11:25:54.0076 0x0acc  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\Windows\system32\sessenv.dll
11:25:54.0094 0x0acc  SessionEnv - ok
11:25:54.0109 0x0acc  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
11:25:54.0122 0x0acc  sfloppy - ok
11:25:54.0160 0x0acc  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:25:54.0183 0x0acc  SharedAccess - ok
11:25:54.0210 0x0acc  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:25:54.0239 0x0acc  ShellHWDetection - ok
11:25:54.0272 0x0acc  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:25:54.0284 0x0acc  SiSRaid2 - ok
11:25:54.0302 0x0acc  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:25:54.0315 0x0acc  SiSRaid4 - ok
11:25:54.0342 0x0acc  [ AF5CC3F9B88F140D78FC967ABF0F4EC7 ] SmbDrv          C:\Windows\System32\drivers\Smb_driver_AMDASF.sys
11:25:54.0351 0x0acc  SmbDrv - ok
11:25:54.0370 0x0acc  [ 19555D03CB179BED8B8AAA239A36BDA4 ] SmbDrvI         C:\Windows\System32\drivers\Smb_driver_Intel.sys
11:25:54.0377 0x0acc  SmbDrvI - ok
11:25:54.0418 0x0acc  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:25:54.0436 0x0acc  SNMPTRAP - ok
11:25:54.0478 0x0acc  [ FD3AF5575B99871BADB94E7699DBCE08 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
11:25:54.0494 0x0acc  spaceport - ok
11:25:54.0531 0x0acc  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
11:25:54.0544 0x0acc  SpbCx - ok
11:25:54.0575 0x0acc  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\Windows\System32\spoolsv.exe
11:25:54.0600 0x0acc  Spooler - ok
11:25:54.0772 0x0acc  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:25:54.0902 0x0acc  sppsvc - ok
11:25:54.0957 0x0acc  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:25:54.0971 0x0acc  srv - ok
11:25:55.0037 0x0acc  [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:25:55.0053 0x0acc  srv2 - ok
11:25:55.0071 0x0acc  [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:25:55.0083 0x0acc  srvnet - ok
11:25:55.0223 0x0acc  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:25:55.0250 0x0acc  SSDPSRV - ok
11:25:55.0257 0x0acc  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:25:55.0272 0x0acc  SstpSvc - ok
11:25:55.0518 0x0acc  [ 098185E9B7C417CF7480BB9F839DB652 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
11:25:55.0544 0x0acc  STacSV - ok
11:25:55.0623 0x0acc  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:25:55.0635 0x0acc  stexstor - ok
11:25:55.0689 0x0acc  [ 32BE0B7CCA47A5BE30E7E43DC54B54F3 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
11:25:55.0705 0x0acc  STHDA - ok
11:25:55.0872 0x0acc  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\Windows\System32\wiaservc.dll
11:25:55.0905 0x0acc  stisvc - ok
11:25:55.0999 0x0acc  [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci        C:\Windows\system32\drivers\storahci.sys
11:25:56.0013 0x0acc  storahci - ok
11:25:56.0032 0x0acc  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
11:25:56.0042 0x0acc  storflt - ok
11:25:56.0207 0x0acc  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\Windows\system32\storsvc.dll
11:25:56.0230 0x0acc  StorSvc - ok
11:25:56.0267 0x0acc  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:25:56.0276 0x0acc  storvsc - ok
11:25:56.0302 0x0acc  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\Windows\system32\svsvc.dll
11:25:56.0320 0x0acc  svsvc - ok
11:25:56.0356 0x0acc  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\Windows\System32\drivers\swenum.sys
11:25:56.0366 0x0acc  swenum - ok
11:25:56.0467 0x0acc  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\Windows\System32\swprv.dll
11:25:56.0510 0x0acc  swprv - ok
11:25:56.0578 0x0acc  [ 3F45C3FE208CA5E68832B65C597A35A6 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
11:25:56.0596 0x0acc  SynTP - ok
11:25:56.0780 0x0acc  [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain         C:\Windows\system32\sysmain.dll
11:25:56.0818 0x0acc  SysMain - ok
11:25:56.0915 0x0acc  [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
11:25:56.0945 0x0acc  SystemEventsBroker - ok
11:25:56.0975 0x0acc  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\Windows\System32\TabSvc.dll
11:25:56.0987 0x0acc  TabletInputService - ok
11:25:57.0154 0x0acc  [ BD08C9D4FDA1ED615DD521B3510B550E ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
11:25:57.0171 0x0acc  taphss6 - ok
11:25:57.0191 0x0acc  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:25:57.0208 0x0acc  TapiSrv - ok
11:25:57.0281 0x0acc  [ 1794C43A000A47D92B3304FC1E3E512A ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:25:57.0325 0x0acc  Tcpip - ok
11:25:57.0371 0x0acc  [ 1794C43A000A47D92B3304FC1E3E512A ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:25:57.0419 0x0acc  TCPIP6 - ok
11:25:57.0575 0x0acc  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:25:57.0605 0x0acc  tcpipreg - ok
11:25:57.0635 0x0acc  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:25:57.0649 0x0acc  tdx - ok
11:25:57.0715 0x0acc  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
11:25:57.0734 0x0acc  terminpt - ok
11:25:57.0776 0x0acc  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\Windows\System32\termsrv.dll
11:25:57.0795 0x0acc  TermService - ok
11:25:57.0947 0x0acc  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\Windows\system32\themeservice.dll
11:25:57.0977 0x0acc  Themes - ok
11:25:58.0015 0x0acc  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\Windows\system32\mmcss.dll
11:25:58.0026 0x0acc  THREADORDER - ok
11:25:58.0081 0x0acc  [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
11:25:58.0094 0x0acc  TimeBroker - ok
11:25:58.0201 0x0acc  [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM             C:\Windows\system32\drivers\tpm.sys
11:25:58.0221 0x0acc  TPM - ok
11:25:58.0262 0x0acc  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\Windows\System32\trkwks.dll
11:25:58.0275 0x0acc  TrkWks - ok
11:25:58.0463 0x0acc  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:25:58.0487 0x0acc  TrustedInstaller - ok
11:25:58.0529 0x0acc  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:25:58.0540 0x0acc  TsUsbFlt - ok
11:25:58.0633 0x0acc  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
11:25:58.0656 0x0acc  TsUsbGD - ok
11:25:58.0682 0x0acc  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:25:58.0697 0x0acc  tunnel - ok
11:25:58.0859 0x0acc  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:25:58.0882 0x0acc  uagp35 - ok
11:25:58.0903 0x0acc  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
11:25:58.0914 0x0acc  UASPStor - ok
11:25:58.0960 0x0acc  [ 4834158B8D06A153FADAB6B85320FBBE ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
11:25:58.0986 0x0acc  UCX01000 - ok
11:25:59.0055 0x0acc  [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:25:59.0087 0x0acc  udfs - ok
11:25:59.0178 0x0acc  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:25:59.0206 0x0acc  UI0Detect - ok
11:25:59.0230 0x0acc  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:25:59.0240 0x0acc  uliagpkx - ok
11:25:59.0380 0x0acc  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\Windows\System32\drivers\umbus.sys
11:25:59.0405 0x0acc  umbus - ok
11:25:59.0433 0x0acc  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\Windows\System32\drivers\umpass.sys
11:25:59.0443 0x0acc  UmPass - ok
11:25:59.0549 0x0acc  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\Windows\System32\umrdp.dll
11:25:59.0569 0x0acc  UmRdpService - ok
11:25:59.0604 0x0acc  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\Windows\System32\upnphost.dll
11:25:59.0623 0x0acc  upnphost - ok
11:25:59.0773 0x0acc  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
11:25:59.0798 0x0acc  usbccgp - ok
11:25:59.0820 0x0acc  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
11:25:59.0841 0x0acc  usbcir - ok
11:25:59.0947 0x0acc  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
11:25:59.0961 0x0acc  usbehci - ok
11:26:00.0008 0x0acc  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub          C:\Windows\System32\drivers\usbhub.sys
11:26:00.0025 0x0acc  usbhub - ok
11:26:00.0189 0x0acc  [ EA040D4C6C94F315A85F3D0EAA884B37 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
11:26:00.0224 0x0acc  USBHUB3 - ok
11:26:00.0342 0x0acc  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\Windows\System32\drivers\usbohci.sys
11:26:00.0368 0x0acc  usbohci - ok
11:26:00.0398 0x0acc  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\Windows\System32\drivers\usbprint.sys
11:26:00.0409 0x0acc  usbprint - ok
11:26:00.0565 0x0acc  [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
11:26:00.0585 0x0acc  USBSTOR - ok
11:26:00.0620 0x0acc  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
11:26:00.0630 0x0acc  usbuhci - ok
11:26:00.0651 0x0acc  [ 09799E701B4327097E9F63D3FE221083 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:26:00.0664 0x0acc  usbvideo - ok
11:26:00.0811 0x0acc  [ 1ADCF0A490C2845637B334626669CD6F ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
11:26:00.0831 0x0acc  USBXHCI - ok
11:26:00.0854 0x0acc  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\Windows\system32\lsass.exe
11:26:00.0865 0x0acc  VaultSvc - ok
11:26:01.0007 0x0acc  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:26:01.0029 0x0acc  vdrvroot - ok
11:26:01.0085 0x0acc  [ 1B4488988E5E7512E6C5CD1255E9E973 ] vds             C:\Windows\System32\vds.exe
11:26:01.0104 0x0acc  vds - ok
11:26:01.0236 0x0acc  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
11:26:01.0261 0x0acc  VerifierExt - ok
11:26:01.0286 0x0acc  [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
11:26:01.0303 0x0acc  vhdmp - ok
11:26:01.0323 0x0acc  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\Windows\system32\drivers\viaide.sys
11:26:01.0334 0x0acc  viaide - ok
11:26:01.0384 0x0acc  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:26:01.0395 0x0acc  vmbus - ok
11:26:01.0423 0x0acc  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
11:26:01.0435 0x0acc  VMBusHID - ok
11:26:01.0471 0x0acc  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
11:26:01.0487 0x0acc  vmicheartbeat - ok
11:26:01.0495 0x0acc  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
11:26:01.0512 0x0acc  vmickvpexchange - ok
11:26:01.0519 0x0acc  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\Windows\System32\ICSvc.dll
11:26:01.0536 0x0acc  vmicrdv - ok
11:26:01.0545 0x0acc  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
11:26:01.0561 0x0acc  vmicshutdown - ok
11:26:01.0570 0x0acc  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\Windows\System32\ICSvc.dll
11:26:01.0587 0x0acc  vmictimesync - ok
11:26:01.0597 0x0acc  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\Windows\System32\ICSvc.dll
11:26:01.0614 0x0acc  vmicvss - ok
11:26:01.0636 0x0acc  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:26:01.0649 0x0acc  volmgr - ok
11:26:01.0659 0x0acc  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:26:01.0678 0x0acc  volmgrx - ok
11:26:01.0691 0x0acc  [ 78A5BBA3819FFFC62FFEC3E2220D102D ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:26:01.0709 0x0acc  volsnap - ok
11:26:01.0739 0x0acc  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\Windows\System32\drivers\vpci.sys
11:26:01.0749 0x0acc  vpci - ok
11:26:01.0777 0x0acc  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:26:01.0791 0x0acc  vsmraid - ok
11:26:01.0842 0x0acc  [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS             C:\Windows\system32\vssvc.exe
11:26:01.0875 0x0acc  VSS - ok
11:26:01.0907 0x0acc  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
11:26:01.0925 0x0acc  VSTXRAID - ok
11:26:01.0937 0x0acc  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:26:01.0950 0x0acc  vwifibus - ok
11:26:01.0962 0x0acc  [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:26:01.0976 0x0acc  vwififlt - ok
11:26:01.0984 0x0acc  [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:26:01.0998 0x0acc  vwifimp - ok
11:26:02.0054 0x0acc  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\Windows\system32\w32time.dll
11:26:02.0087 0x0acc  W32Time - ok
11:26:02.0116 0x0acc  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
11:26:02.0129 0x0acc  WacomPen - ok
11:26:02.0154 0x0acc  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
11:26:02.0167 0x0acc  Wanarp - ok
11:26:02.0172 0x0acc  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:26:02.0186 0x0acc  Wanarpv6 - ok
11:26:02.0248 0x0acc  [ 901CC968412F8155B08D7ABE0171166A ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
11:26:02.0266 0x0acc  WAS - ok
11:26:02.0337 0x0acc  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\Windows\system32\wbengine.exe
11:26:02.0364 0x0acc  wbengine - ok
11:26:02.0380 0x0acc  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:26:02.0396 0x0acc  WbioSrvc - ok
11:26:02.0415 0x0acc  [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
11:26:02.0433 0x0acc  Wcmsvc - ok
11:26:02.0466 0x0acc  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:26:02.0485 0x0acc  wcncsvc - ok
11:26:02.0523 0x0acc  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:26:02.0538 0x0acc  WcsPlugInService - ok
11:26:02.0566 0x0acc  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\Windows\system32\drivers\wd.sys
11:26:02.0578 0x0acc  Wd - ok
11:26:02.0613 0x0acc  [ FD47DF026B32969B8A68721A0243E8EE ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
11:26:02.0627 0x0acc  WdBoot - ok
11:26:02.0676 0x0acc  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:26:02.0694 0x0acc  Wdf01000 - ok
11:26:02.0717 0x0acc  [ 5F425D842DD6ADE9F95A51A0616AFAD7 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
11:26:02.0730 0x0acc  WdFilter - ok
11:26:02.0774 0x0acc  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:26:02.0792 0x0acc  WdiServiceHost - ok
11:26:02.0803 0x0acc  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:26:02.0825 0x0acc  WdiSystemHost - ok
11:26:02.0852 0x0acc  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\Windows\System32\webclnt.dll
11:26:02.0871 0x0acc  WebClient - ok
11:26:02.0891 0x0acc  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:26:02.0911 0x0acc  Wecsvc - ok
11:26:02.0926 0x0acc  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:26:02.0953 0x0acc  wercplsupport - ok
11:26:02.0988 0x0acc  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:26:03.0009 0x0acc  WerSvc - ok
11:26:03.0045 0x0acc  [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
11:26:03.0057 0x0acc  WFPLWFS - ok
11:26:03.0087 0x0acc  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\Windows\System32\wiarpc.dll
11:26:03.0100 0x0acc  WiaRpc - ok
11:26:03.0122 0x0acc  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:26:03.0133 0x0acc  WIMMount - ok
11:26:03.0214 0x0acc  WinDefend - ok
11:26:03.0280 0x0acc  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
11:26:03.0304 0x0acc  WinHttpAutoProxySvc - ok
11:26:03.0413 0x0acc  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:26:03.0430 0x0acc  Winmgmt - ok
11:26:03.0500 0x0acc  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\Windows\system32\WsmSvc.dll
11:26:03.0549 0x0acc  WinRM - ok
11:26:03.0589 0x0acc  [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:26:03.0612 0x0acc  WinUsb - ok
11:26:03.0639 0x0acc  [ 4F2A80D65AE6F845776E2F06AE6782ED ] WirelessButtonDriver C:\Windows\System32\drivers\WirelessButtonDriver64.sys
11:26:03.0646 0x0acc  WirelessButtonDriver - ok
11:26:03.0702 0x0acc  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         C:\Windows\System32\wlansvc.dll
11:26:03.0727 0x0acc  WlanSvc - ok
11:26:03.0785 0x0acc  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\Windows\system32\wlidsvc.dll
11:26:03.0816 0x0acc  wlidsvc - ok
11:26:03.0846 0x0acc  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
11:26:03.0855 0x0acc  WmiAcpi - ok
11:26:03.0901 0x0acc  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:26:03.0916 0x0acc  wmiApSrv - ok
11:26:03.0947 0x0acc  WMPNetworkSvc - ok
11:26:03.0981 0x0acc  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
11:26:03.0991 0x0acc  wpcfltr - ok
11:26:04.0025 0x0acc  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:26:04.0036 0x0acc  WPCSvc - ok
11:26:04.0065 0x0acc  [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:26:04.0077 0x0acc  WPDBusEnum - ok
11:26:04.0090 0x0acc  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
11:26:04.0100 0x0acc  WpdUpFltr - ok
11:26:04.0129 0x0acc  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:26:04.0138 0x0acc  ws2ifsl - ok
11:26:04.0169 0x0acc  [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc          C:\Windows\System32\wscsvc.dll
11:26:04.0181 0x0acc  wscsvc - ok
11:26:04.0210 0x0acc  [ 74EFDA0526862C3D8D01A776182798EA ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
11:26:04.0222 0x0acc  WSDPrintDevice - ok
11:26:04.0258 0x0acc  [ 6ED437C0BE2280AF78070B4BEDD0D221 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
11:26:04.0269 0x0acc  WSDScan - ok
11:26:04.0274 0x0acc  WSearch - ok
11:26:04.0369 0x0acc  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       C:\Windows\System32\WSService.dll
11:26:04.0419 0x0acc  WSService - ok
11:26:04.0506 0x0acc  [ BE302BABE45EC05995F8DC66E37BBB3D ] wuauserv        C:\Windows\system32\wuaueng.dll
11:26:04.0561 0x0acc  wuauserv - ok
11:26:04.0607 0x0acc  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:26:04.0621 0x0acc  WudfPf - ok
11:26:04.0654 0x0acc  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
11:26:04.0677 0x0acc  WUDFRd - ok
11:26:04.0726 0x0acc  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:26:04.0738 0x0acc  wudfsvc - ok
11:26:04.0759 0x0acc  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
11:26:04.0773 0x0acc  WUDFWpdFs - ok
11:26:04.0779 0x0acc  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
11:26:04.0792 0x0acc  WUDFWpdMtp - ok
11:26:04.0833 0x0acc  [ FBB9B00D7A5756B0AA8E10BF7619E604 ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:26:04.0855 0x0acc  WwanSvc - ok
11:26:04.0877 0x0acc  ================ Scan global ===============================
11:26:04.0915 0x0acc  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\Windows\system32\basesrv.dll
11:26:04.0955 0x0acc  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\Windows\system32\winsrv.dll
11:26:04.0985 0x0acc  [ BD7C6949984D19AAA609896B675E7357 ] C:\Windows\system32\sxssrv.dll
11:26:05.0031 0x0acc  [ 8F226143046435C75C033B0C52E90FFE ] C:\Windows\system32\services.exe
11:26:05.0036 0x0acc  [Global] - ok
11:26:05.0036 0x0acc  ================ Scan MBR ==================================
11:26:05.0046 0x0acc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:26:05.0169 0x0acc  \Device\Harddisk0\DR0 - ok
11:26:05.0173 0x0acc  ================ Scan VBR ==================================
11:26:05.0211 0x0acc  [ 5C007B93B98EDBAECBB4834128AC7F8C ] \Device\Harddisk0\DR0\Partition1
11:26:05.0246 0x0acc  \Device\Harddisk0\DR0\Partition1 - ok
11:26:05.0291 0x0acc  [ 2EC1C3B44DE6C7EE631CCC77C3602F8B ] \Device\Harddisk0\DR0\Partition2
11:26:05.0309 0x0acc  \Device\Harddisk0\DR0\Partition2 - ok
11:26:05.0328 0x0acc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
11:26:05.0328 0x0acc  \Device\Harddisk0\DR0\Partition3 - ok
11:26:05.0364 0x0acc  [ 0B7A93AC79CF22D071EA5C4B6CAA3DD2 ] \Device\Harddisk0\DR0\Partition4
11:26:05.0385 0x0acc  \Device\Harddisk0\DR0\Partition4 - ok
11:26:05.0418 0x0acc  [ 6CFF3B307F5858E0B9473225B51F91E1 ] \Device\Harddisk0\DR0\Partition5
11:26:05.0420 0x0acc  \Device\Harddisk0\DR0\Partition5 - ok
11:26:05.0421 0x0acc  ============================================================
11:26:05.0421 0x0acc  Scan finished
11:26:05.0421 0x0acc  ============================================================
11:26:05.0434 0x0cec  Detected object count: 2
11:26:05.0434 0x0cec  Actual detected object count: 2
11:26:40.0923 0x0cec  HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:26:40.0923 0x0cec  HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:26:40.0927 0x0cec  IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
11:26:40.0927 0x0cec  IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip 
 

 



#4 esteban63

esteban63
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:19 PM

Posted 04 September 2013 - 10:46 AM

# AdwCleaner v3.002 - Report created 04/09/2013 at 11:36:09
# Updated 01/09/2013 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Steve - STEVEPC
# Running from : C:\Users\Steve\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\Users\Public\Desktop\eBay.lnk
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\HDvidCodec.com
Folder Found C:\Program Files (x86)\mixidj
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\BrowserProtect
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\59ed98bb56fbd17
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKLM\SOFTWARE\59ed98bb56fbd17
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3289663
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3291326
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\InfoAtoms
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\Software\PIP
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16660
 
 
-\\ Mozilla Firefox v23.0.1 (en-US)
 
[ File : C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\nu5vnelm.default\prefs.js ]
 
 
-\\ Google Chrome v29.0.1547.62
 
[ File : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found : urls_to_restore_on_startup
Found : urls_to_restore_on_startup
Found : urls_to_restore_on_startup
Found : urls_to_restore_on_startup
Found : urls_to_restore_on_startup
 
*************************
 
AdwCleaner[R0].txt - [4095 octets] - [04/09/2013 11:36:09]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4155 octets] ##########


#5 esteban63

esteban63
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:19 PM

Posted 04 September 2013 - 10:49 AM

Farbar Service Scanner Version: 28-08-2013
Ran by Steve (administrator) on 04-09-2013 at 11:48:28
Running from "C:\Users\Steve\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MsMpEng.exe => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****


#6 esteban63

esteban63
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:19 PM

Posted 04 September 2013 - 10:54 AM

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Steve (administrator) on 04-09-2013 at 11:50:57
Running from "C:\Users\Steve\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter = Wi-Fi (Connected)
Realtek PCIe FE Family Controller = Ethernet (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled taskoffload=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 13" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 14" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : StevePC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Local Area Connection* 14:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #3
   Physical Address. . . . . . . . . : 12-68-9D-C3-CA-08
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : 20-68-9D-C3-CA-08
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5551:8c91:ff01:22e7%20(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.8(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, September 4, 2013 10:51:46 AM
   Lease Expires . . . . . . . . . . : Wednesday, September 4, 2013 12:21:46 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 220227741
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-9B-17-37-84-34-97-7E-BF-79
   DNS Servers . . . . . . . . . . . : 65.32.5.111
                                       65.32.5.112
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 84-34-97-7E-BF-79
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:20c3:2bc2:3f57:fff7(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::20c3:2bc2:3f57:fff7%16(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{758C6A34-F00D-4CA3-B3B2-43F0384DE3E5}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dns-redir-lb-01.tampabay.rr.com
Address:  65.32.5.111
 
Name:    google.com
Addresses:  2607:f8b0:4008:803::1005
 74.125.229.198
 74.125.229.199
 74.125.229.200
 74.125.229.201
 74.125.229.206
 74.125.229.192
 74.125.229.193
 74.125.229.194
 74.125.229.195
 74.125.229.196
 74.125.229.197
 
 
Pinging google.com [74.125.229.206] with 32 bytes of data:
Reply from 74.125.229.206: bytes=32 time=27ms TTL=51
Reply from 74.125.229.206: bytes=32 time=71ms TTL=51
 
Ping statistics for 74.125.229.206:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 27ms, Maximum = 71ms, Average = 49ms
Server:  dns-redir-lb-01.tampabay.rr.com
Address:  65.32.5.111
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=180ms TTL=45
Reply from 206.190.36.45: bytes=32 time=120ms TTL=45
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 120ms, Maximum = 180ms, Average = 150ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=10ms TTL=128
Reply from 127.0.0.1: bytes=32 time=5ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 5ms, Maximum = 10ms, Average = 7ms
===========================================================================
Interface List
 21...12 68 9d c3 ca 08 ......Microsoft Wi-Fi Direct Virtual Adapter #3
 20...20 68 9d c3 ca 08 ......Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter
 13...84 34 97 7e bf 79 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.8     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.0.8    281
      192.168.0.8  255.255.255.255         On-link       192.168.0.8    281
    192.168.0.255  255.255.255.255         On-link       192.168.0.8    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.8    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.8    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 16    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 16    306 2001::/32                On-link
 16    306 2001:0:5ef5:79fd:20c3:2bc2:3f57:fff7/128
                                    On-link
 20    281 fe80::/64                On-link
 16    306 fe80::/64                On-link
 16    306 fe80::20c3:2bc2:3f57:fff7/128
                                    On-link
 20    281 fe80::5551:8c91:ff01:22e7/128
                                    On-link
  1    306 ff00::/8                 On-link
 16    306 ff00::/8                 On-link
 20    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (09/04/2013 09:46:12 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1482
 
Error: (09/04/2013 09:46:12 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1482
 
Error: (09/04/2013 09:46:12 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/04/2013 09:32:11 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
 
Error: (09/04/2013 09:32:00 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
 
Error: (09/04/2013 09:29:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
 
Error: (09/04/2013 09:27:08 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
 
Error: (09/04/2013 08:56:18 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29334381
 
Error: (09/04/2013 08:56:18 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29334381
 
Error: (09/04/2013 08:56:18 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (08/30/2013 04:48:34 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: {FBA44040-BD27-4A09-ACC8-C08B7C723DCD}
 
Error: (08/30/2013 04:48:34 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: {FBA44040-BD27-4A09-ACC8-C08B7C723DCD}
 
Error: (08/30/2013 04:48:34 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: {FBA44040-BD27-4A09-ACC8-C08B7C723DCD}
 
Error: (08/30/2013 07:34:45 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (08/17/2013 09:03:39 PM) (Source: Service Control Manager) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error: 
%%2
 
Error: (08/17/2013 09:03:39 PM) (Source: Service Control Manager) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error: 
%%2
 
Error: (07/24/2013 03:11:01 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabSearch service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (07/18/2013 00:17:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f082f: Update for Windows 8 for x64-based Systems (KB2822241).
 
Error: (07/17/2013 03:47:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f082f: Update for Windows 8 for x64-based Systems (KB2822241).
 
Error: (07/15/2013 01:04:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f082f: Update for Windows 8 for x64-based Systems (KB2822241).
 
 
Microsoft Office Sessions:
=========================
Error: (09/04/2013 09:46:12 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1482
 
Error: (09/04/2013 09:46:12 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1482
 
Error: (09/04/2013 09:46:12 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/04/2013 09:32:11 AM) (Source: SideBySide)(User: )
Description: c:\program files\WinZip\adxloader.dll.Manifestc:\program files\WinZip\adxloader.dll.Manifest2
 
Error: (09/04/2013 09:32:00 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe
 
Error: (09/04/2013 09:29:44 AM) (Source: SideBySide)(User: )
Description: c:\program files\WinZip\adxloader.dll.Manifestc:\program files\WinZip\adxloader.dll.Manifest2
 
Error: (09/04/2013 09:27:08 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe
 
Error: (09/04/2013 08:56:18 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29334381
 
Error: (09/04/2013 08:56:18 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29334381
 
Error: (09/04/2013 08:56:18 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-06-07 11:19:13.683
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-07 11:18:39.728
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-07 11:18:06.230
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-07 11:16:04.752
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-07 11:15:54.203
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-07 11:05:22.569
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-07 10:40:24.693
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-07 10:14:06.316
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-07 10:14:06.265
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-06 20:56:06.567
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
4 Elements II (Version: 2.2.0.98)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Quick Stream (Version: 3.3.26.0)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Bejeweled 3 (Version: 2.2.0.98)
Bonjour (Version: 3.0.0.10)
Build-a-lot 4 - Power Source (Version: 2.2.0.98)
Calyx Installer (Version: 1.0.0.371)
CCleaner (Version: 4.05)
Chuzzle Deluxe (Version: 2.2.0.95)
Cradle Of Egypt Collector's Edition (Version: 2.2.0.98)
Cradle of Rome 2 (Version: 2.2.0.98)
CyberLink LabelPrint (Version: 2.5.1.5407)
CyberLink Media Suite 10 (Version: 10.0.2.2114)
CyberLink PhotoDirector (Version: 2.0.2.3317)
CyberLink Power2Go 8 (Version: 8.0.2.2110)
CyberLink PowerDirector 10 (Version: 10.0.3.2817)
CyberLink PowerDVD (Version: 10.0.6.4319)
CyberLink YouCam (Version: 3.5.6.6119)
Energy Star (Version: 1.0.8)
Farm Frenzy (Version: 2.2.0.98)
FATE: The Cursed King (Version: 2.2.0.97)
Final Drive Fury (Version: 2.2.0.95)
FlatOut 2 (Version: 2.2.0.98)
Google Chrome (Version: 29.0.1547.62)
Google Drive (Version: 1.11.4865.2530)
Google Talk Plugin (Version: 4.5.3.14917)
Google Update Helper (Version: 1.3.21.153)
GoToMeeting 5.5.0.1132 (Version: 5.5.0.1132)
Governor of Poker 2 Premium Edition (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
Hoyle Card Games (Version: 2.2.0.95)
HP 3D DriveGuard (Version: 4.2.9.1)
HP Connected Music (Meridian - installer) (Version: v1.0)
HP CoolSense (Version: 2.10.51)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.1.0.0)
HP Games (Version: 1.0.3.0)
HP MyRoom (Version: 9.0.0.0)
HP Postscript Converter (Version: 3.1.3554)
HP Quick Launch (Version: 3.0.6)
HP Recovery Manager (Version: 7.00)
HP Registration Service (Version: 1.0.5976.4186)
HP Software Framework (Version: 4.6.10.1)
HP Support Assistant (Version: 7.0.39.15)
HP Utility Center (Version: 1.0.7)
HP Wireless Button Driver (Version: 1.0.6.1)
IDT Audio (Version: 1.0.6425.0)
iTunes (Version: 11.0.5.5)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Jewel Match 3 (Version: 2.2.0.98)
John Deere Drive Green (Version: 2.2.0.95)
LG PC Suite (Version: 5.2.33.20130406)
LG United Mobile Drivers (Version: 3.8.1)
Luxor Evolved (Version: 2.2.0.98)
Mahjongg Dimensions Deluxe: Tiles in Time (Version: 2.2.0.98)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SkyDrive (Version: 17.0.2003.1112)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mortimer Beckett and the Crimson Thief Premium Edition (Version: 2.2.0.98)
Mozilla Firefox 23.0.1 (x86 en-US) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
Mystery P.I. - Curious Case of Counterfeit Cove (Version: 2.2.0.98)
Nitro Reader 3 (Version: 3.5.2.10)
OpenOffice.org 3.4.1 (Version: 3.41.9593)
Peggle Nights (Version: 2.2.0.98)
Penguins! (Version: 2.2.0.98)
Point 8.0 (Version: 8.0.1467)
Point 8.1 (Version: 8.1.1493)
Point Old Verison Clean up Tool
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.98)
Qualcomm Atheros Driver Installation Program (Version: 10.0)
QuickTime (Version: 7.74.80.86)
Realtek Ethernet Controller Driver (Version: 8.3.730.2012)
Realtek PCIE Card Reader (Version: 6.2.8400.29029)
Roads of Rome 3 (Version: 2.2.0.98)
Spotify (Version: 0.9.1.57.ge7405149)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 16.2.10.12)
Tales of Lagoona (Version: 2.2.0.110)
Update Installer for WildTangent Games App
Vacation Quest™ - Australia (Version: 2.2.0.98)
WildTangent Games (Version: 1.0.3.0)
WildTangent Games App (Version: 4.0.9.6)
WinZip 17.5 (Version: 17.5.10480)
Zuma's Revenge (Version: 2.2.0.98)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 50%
Total physical RAM: 3554.26 MB
Available physical RAM: 1765.25 MB
Total Pagefile: 4706.26 MB
Available Pagefile: 2347.61 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.03 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:570.04 GB) (Free:511.3 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:25.36 GB) (Free:3.02 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\STEVEPC
 
Administrator            bevgr_000                Guest                    
Steve                    
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
30-08-2013 11:41:32 Scheduled Checkpoint
 
**** End of log ****


thank you for your help thus far. hope I did it right



#7 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:19 AM

Posted 04 September 2013 - 06:09 PM

Hi
 
Please do the following next:
 
:step1:

Launch Malwarebytes' Anti-Malware (aka MBAM).

  • Check for updates. If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log in your next reply.

If requested by MBAM, restart the computer.

The log can also be found here:
C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt


:step2:

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
       icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


:step3:

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

:step4:

How is the computer running now?


Edited by dev00790, 04 September 2013 - 06:10 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#8 esteban63

esteban63
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:19 PM

Posted 05 September 2013 - 04:41 PM

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.09.03.08
 
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16660
Steve :: STEVEPC [administrator]
 
Protection: Enabled
 
9/5/2013 4:24:07 PM
mbam-log-2013-09-05 (16-24-07).txt
 
Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 447907
Time elapsed: 1 hour(s), 12 minute(s), 38 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 1
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 1
C:\Users\Steve\AppData\Local\Temp\J5QtGhh_.exe.part (PUP.Optional.IBryte) -> Quarantined and deleted successfully.
 
(end)


#9 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:19 AM

Posted 06 September 2013 - 05:00 AM

Hi Please post the ESET and Adwcleaner logs also.

I'm away until tuesday GMT. I will not have access to a computer in this time, but will occasionally use mobile where I can.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#10 esteban63

esteban63
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:19 PM

Posted 07 September 2013 - 12:56 PM

eset

 

C:\Program Files (x86)\mixidj\mixidj\1.8.4.1\mixidjTlbr.dll a variant of Win32/Toolbar.Montiera.F application cleaned by deleting - quarantined
C:\Program Files (x86)\OpenDownloaderManager\fttsetup.exe multiple threats cleaned by deleting - quarantined
C:\Users\Steve\Documents\APNSetup.exe Win32/Bundled.Toolbar.Ask.B application deleted - quarantined
C:\Users\Steve\Google Drive\Documents\Documents\APNSetup.exe Win32/Bundled.Toolbar.Ask.B application deleted - quarantined
 

adwcleaner

# AdwCleaner v3.003 - Report created 07/09/2013 at 13:44:37
# Updated 07/09/2013 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Steve - STEVEPC
# Running from : C:\Users\Steve\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\HDvidCodec.com
Folder Deleted : C:\Program Files (x86)\mixidj
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\eBay.lnk
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKCU\Software\59ed98bb56fbd17
Key Deleted : HKLM\SOFTWARE\59ed98bb56fbd17
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289663
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3291326
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\InfoAtoms
Key Deleted : HKLM\Software\PIP
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16660
 
 
-\\ Mozilla Firefox v23.0.1 (en-US)
 
[ File : C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\nu5vnelm.default\prefs.js ]
 
 
-\\ Google Chrome v29.0.1547.66
 
[ File : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : urls_to_restore_on_startup
 
*************************
 
AdwCleaner[R0].txt - [4255 octets] - [04/09/2013 11:36:09]
AdwCleaner[R1].txt - [4151 octets] - [07/09/2013 12:21:28]
AdwCleaner[S0].txt - [4006 octets] - [07/09/2013 13:44:37]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4066 octets] ##########
 

So far so good with computer.  Thanks much for your obvious expertise and help!



#11 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:19 AM

Posted 09 September 2013 - 01:25 PM

Hi

 

Please do the following next:

 

:step1:

 

Online Gaming Warning!

 

Online gaming sites are a security risk which can make your computer susceptible to a large number of malware infections, remote attacks, exposure of personal information, and identity theft. They can lead to other sites containing malware which you can inadvertently download without knowledge. Users visiting such sites may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. Gaming sites can put you at risk to fraud, phishing and theft of personal data. Even if the gaming site is a clean site, there is always the potential of some type of malware making its way there and then onto your system. In some instances an infection may have caused so much damage to your system that it cannot be successfully cleaned or repaired. In those cases, recovery is not possible and the only option is to reformat/reinstall the OS.

 

More specifically, I noticed you had WildTangent on your computer.

WildTangent Program Warning

 

Wild Tangent is a video game software company specializing in online games. It has even made a partnership with AOL to include itself as part of the AOL Instant Messenger for their AIM games section. The WildTangent Web Driver is their technology that allows you to play 3D games over the Internet. Although its not technically considered spyware it does have built in components to update itself and gather information about the computer system including:

 

 

  • Operating System Version

     


  • CPU Type and Speed

     


  • Memory Amount

     


  • Video Card type and Driver Version

     


  • Sound Card type and Driver Version

     


  • DirectX Version

     


  • Location that the Web Driver was installed from

     


For that reason I would suggest you uninstalled it via add/remove or Programs and Features

 

Reboot after the uninstallation.<- Important.

 

 

:step2:

 

Important Note: Your version of Adobe Shockwave Player is out of date.

 

Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.

 

 

Uninstall Adobe Shockwave

 

  • Open Programs and Features or Add and Remove Programs by clicking the Start / Windows "Orb" button, clicking Control Panel, clicking Programs, and then clicking Programs and Features or Add and Remove Programs.

     


  • Select any program with Adobe Shockwave in the name, and then click Uninstall.

     


  • Repeat step 2 until no more programs containing Adobe Shockwave are visible.

     


Note: Some programs include the option to change or repair the program in addition to uninstalling it. but many simply offer the option to uninstall. To change a program, click

Change or Repair. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

 

Please follow these steps to Install the latest Adobe Shockwave player:

 

 

 

 

:step3:

 

FINAL STEPS

 

If you are not experiencing any other malware related issues, it is time to do our final steps:

 

  • Any programs that we had you download and/or install can be removed at this time.

     


  • If you used DeFogger to disable your Disk Emulation Software, you can reopen DeFogger and use the "Enable" button.

     


  • You can download this tool to delete more traces of our tools. Delete the tool itself afterwards.

     


  • Toggle System Restore OFF and then back ON.

     


  • You should delete your our old, potentially infected System Restore points and create a new, clean restore point.

     

    • If you are using Windows XP, read and follow the steps on "How to turn off or turn on System Restore" from this link

       


    • If you are using Windows Vista, read and follow the steps on "How do I turn System Restore on and off?" proceeded by "How do I create a restore point manually?" from this link.

       


    • If you are using Windows 7, read and follow the steps on "To delete all restore points" from this link proceeded by "Create a restore point" from this link.

       


    • If you are using Windows 8, read and follow the steps on "Disabling System Restore" from this link proceeded by "Manually Creating Restore Points" from this link.


  • Recommended reading material to protect your computer from infection in the future:

     

    Be safe :hello:



Edited by dev00790, 09 September 2013 - 01:26 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#12 esteban63

esteban63
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:19 PM

Posted 09 September 2013 - 03:21 PM

Ugggh! After uninstalling Wild Tangent and rebooting. I signed into Google and the same Delta Search tab, along with other multiple, annoying tabs are showing up again in Chrome.  I presume I should wait for further instructs before proceeding with the other steps listed?

 

Thank you VERY much for all of your help by the way.  I am truly blown away by the responsiveness, expertise and willingness to help.

 

Steve



#13 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:19 AM

Posted 09 September 2013 - 03:54 PM

Ok let's try a different tool:
 
thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#14 esteban63

esteban63
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:19 PM

Posted 09 September 2013 - 04:51 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.9 (09.07.2013:1)
OS: Windows 8 x64
Ran by Steve on Mon 09/09/2013 at 17:36:18.32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-487809406-2951782825-2521690832-1002\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181102}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181102}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
 
 
 
~~~ Files


#15 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:19 AM

Posted 10 September 2013 - 06:48 PM

Hi

 

Thank you VERY much for all of your help by the way.  I am truly blown away by the responsiveness, expertise and willingness to help.

You're welcome :)

 

 

Ugggh! After uninstalling Wild Tangent and rebooting. I signed into Google and the same Delta Search tab, along with other multiple, annoying tabs are showing up again in Chrome.

 

- Do you still get this now?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users