Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer is acting strange, mbam found multiple trojans


  • Please log in to reply
12 replies to this topic

#1 mercuryrsng

mercuryrsng

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:02:07 PM

Posted 01 October 2013 - 08:42 PM

I have this laptop that is giving me some problems.  I ran a Malwarebytes AntiMalware scan and it found (and deleted) multiple trojan files.  I can produce that result as requested.   I was having issues connecting to the internet only with Chrome, so I checked the firewall settings and they had been altered.  I am helping a friend out and he doesn't know how to alter anything like that.  He's pretty computer illeterate.  Can I have some guidance so that I may know that there isn't anything strange going on?

 

Thanks.



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:07 PM

Posted 01 October 2013 - 08:49 PM

Is this the same laptop we looked at a few days ago? If it is and still acting up then I suggest you do this to get a deeper look.

Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:02:07 PM

Posted 01 October 2013 - 08:54 PM

No this is actually a new computer. I have apparently become my friends and families "fix this please" guy.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:07 PM

Posted 01 October 2013 - 09:07 PM

OK,then run these so we can see what's up.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.
.
.
ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • Last run ESET.
    • Hold down Control and click on this link to open ESET OnlineScan in a new window.
    • Click the esetonlinebtn.png button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.
    • Under scan settings, check "Scan Archives" and "Remove found threats"
    • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Click the Back button.
    • Click the Finish button.
    • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:02:07 PM

Posted 01 October 2013 - 09:26 PM

I ran some of these last night.  I am really trying to learn this process on my own.  Is there anywhere that I can go to learn more about Mini Toolbox and how it works?
 
I will post ESET after it's done since it usually takes longer.
 
Also I am posting the mbam results log too.
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.10.01.01
 
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Owner :: OWNER-PC [administrator]
 
9/30/2013 10:38:25 PM
mbam-log-2013-09-30 (22-38-25).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 212472
Time elapsed: 18 minute(s), 23 second(s)
 
Memory Processes Detected: 2
C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> 2864 -> Delete on reboot.
C:\Windows\System32\dmwu.exe (Adware.InstallBrain) -> 1064 -> Delete on reboot.
 
Memory Modules Detected: 2
C:\Program Files\FriendsChecker\IE\common.dll (PUP.Optional.SafeMonitor.A) -> Delete on reboot.
C:\Program Files\Updater By SweetPacks\Extension32.dll (PUP.Optional.SweetPacks) -> Delete on reboot.
 
Registry Keys Detected: 32
HKLM\SYSTEM\CurrentControlSet\Services\Updater By SweetPacks (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{44ed99e2-16a6-4b89-80d6-5b21cf42e78b} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{781CA792-9B6E-400B-B36F-15C097D2CA54} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.
HKCR\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.
HKCR\DynConIE.DynConIEObject.1 (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.
HKCR\DynConIE.DynConIEObject (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\Extension.ExtensionHelperObject.1 (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\Extension.ExtensionHelperObject (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162} (PUP.Optional.Crossrider) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{1C1356DA-1E98-4810-A9F6-18D89BD1C0C0} (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
HKCR\Interface\{3CE44CA0-188E-4B18-9B74-C9AF88493573} (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\DomaIQ (PUP.Optional.DomaIQ.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Updater By SweetPacks (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Updater By SweetPacks (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (Adware.InstallBrain) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1 (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 4
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Data: C:\Program Files\Updater By SweetPacks\Firefox -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} (PUP.Optional.SweetPacks) -> Data:  -> Quarantined and deleted successfully.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {5F77FA6F-A2F8-11E2-BCF1-00A0C6000000} -> Quarantined and deleted successfully.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {5F77FA6F-A2F8-11E2-BCF1-00A0C6000000} -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bad: (http://www.inbox.com/homepage.aspx?tbid=80116&lng=en) Good: (http://www.google.com) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.SweetPacks) -> Bad: (http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={5F77FA6F-A2F8-11E2-BCF1-00A0C6000000}) Good: (http://www.google.com) -> Quarantined and repaired successfully.
 
Folders Detected: 31
C:\Users\Owner\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Cache (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks (PUP.Optional.SweetPacks.A) -> Delete on reboot.
C:\Program Files\Updater By SweetPacks\Firefox (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\libraries (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\resources (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\locale (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\locale\en-US (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\skin (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\defaults (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\defaults\preferences (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\libraries (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\resources (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.16.16 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\ct3239904 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\ct3287768 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\ct3289847 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files\SweetIM\Toolbars (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files\SweetIM\Toolbars\Internet Explorer (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
 
Files Detected: 82
C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> Delete on reboot.
C:\Program Files\FriendsChecker\IE\common.dll (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Extension32.dll (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Windows\System32\roboot.exe (PUP.Optional.PCPerformer.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsn5E0A.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\awh80D.tmp (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\DM\seFtNGJNVPgsJ7v\OfferBrokerage_14003.exe (PUP.Optional.OfferBroker.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\DM\seFtNGJNVPgsJ7v\setup__120.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\DM\seFtNGJNVPgsJ7v\software\Setup__120_i10027014.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\ct3289847\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\ct3289847\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\Downloads\setup.exe (PUP.Optional.IBryte.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\playlist.vpl (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\config.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_181.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_191.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_193.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_199.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_200.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_201.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_204.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_221.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_224.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_28.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_34.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_37.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_49.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_57.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_86.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_99.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_103.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_11.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_120.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_121.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_122.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_123.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_124.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_125.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_126.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_127.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_136.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_137.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_140.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_141.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_149.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_150.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_160.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\player\images\channel_ld_165.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\speedanalysis.ico (PUP.Optional.SpeedAnalysis2.A) -> Quarantined and deleted successfully.
C:\Windows\System32\dmwu.exe (Adware.InstallBrain) -> Delete on reboot.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\DGChrome.exe (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\InstallerHelper.dll (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\source.crx (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\unins000.dat (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\unins000.exe (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome.manifest (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\install.rdf (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\main.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\main.js.bak (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\main.xul (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\libraries\DataExchangeScript.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\resources\localscript.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\locale\en-US\overlay.dtd (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\skin\overlay.css (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\defaults\preferences\defaults.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\libraries\DataExchangeScript.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\resources\localscript.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\ct3289847\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\ct3289847\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
 
(end)
 
 
 
MiniToolBox by Farbar  Version: 13-07-2013
Ran by Owner (administrator) on 01-10-2013 at 00:32:42
Running from "C:\Users\Owner\Downloads"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
::1             localhost
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0) = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection 4" forwarding=disabled advertise=disabled mtu=1428 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection 5" forwarding=disabled advertise=disabled mtu=1428 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Owner-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
   Physical Address. . . . . . . . . : 00-1E-65-66-4D-28
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9a0:ec09:63fd:abd%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.17(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, October 01, 2013 12:02:59 AM
   Lease Expires . . . . . . . . . . : Wednesday, October 02, 2013 12:02:59 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 234888805
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-13-3B-F6-00-1E-65-66-4D-28
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hvc.rr.com
   Description . . . . . . . . . . . : Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
   Physical Address. . . . . . . . . : 00-1F-16-E3-30-D4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 6:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{A083BC2B-A55C-4D41-9C6A-C8E360749A32}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 12:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:14bd:3d2d:3f57:feee(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::14bd:3d2d:3f57:feee%12(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter Local Area Connection* 13:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 14:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 15:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 16:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 17:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #6
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 18:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 22:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{F6ECDE35-7959-47D1-B44E-3B215DA17196}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 21:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.hvc.rr.com
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 25:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{F6ECDE35-7959-47D1-B44E-3B215DA17196}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 36:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{A1E50CAE-1B00-46FD-80CC-1DE758CBD49D}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 31:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{F6ECDE35-7959-47D1-B44E-3B215DA17196}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4006:801::1006
 173.194.43.5
 173.194.43.6
 173.194.43.7
 173.194.43.8
 173.194.43.9
 173.194.43.14
 173.194.43.0
 173.194.43.1
 173.194.43.2
 173.194.43.3
 173.194.43.4
 
 
 
Pinging google.com [173.194.43.2] with 32 bytes of data:
 
Reply from 173.194.43.2: bytes=32 time=28ms TTL=52
 
Reply from 173.194.43.2: bytes=32 time=26ms TTL=52
 
 
 
Ping statistics for 173.194.43.2:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 26ms, Maximum = 28ms, Average = 27ms
 
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
 
Reply from 206.190.36.45: bytes=32 time=98ms TTL=44
 
Reply from 206.190.36.45: bytes=32 time=98ms TTL=44
 
 
 
Ping statistics for 206.190.36.45:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 98ms, Maximum = 98ms, Average = 98ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
 11 ...00 1e 65 66 4d 28 ...... Intel® WiFi Link 5100 AGN
 10 ...00 1f 16 e3 30 d4 ...... Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
  1 ........................... Software Loopback Interface 1
 23 ...00 00 00 00 00 00 00 e0  isatap.{A083BC2B-A55C-4D41-9C6A-C8E360749A32}
 13 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 14 ...00 00 00 00 00 00 00 e0  Microsoft 6to4 Adapter #2
 15 ...00 00 00 00 00 00 00 e0  Microsoft 6to4 Adapter #3
 16 ...00 00 00 00 00 00 00 e0  Microsoft 6to4 Adapter #4
 17 ...00 00 00 00 00 00 00 e0  Microsoft 6to4 Adapter #5
 18 ...00 00 00 00 00 00 00 e0  Microsoft 6to4 Adapter #6
 25 ...00 00 00 00 00 00 00 e0  Microsoft ISATAP Adapter #3
 29 ...00 00 00 00 00 00 00 e0  isatap.{F6ECDE35-7959-47D1-B44E-3B215DA17196}
 27 ...00 00 00 00 00 00 00 e0  isatap.hvc.rr.com
 32 ...00 00 00 00 00 00 00 e0  isatap.{F6ECDE35-7959-47D1-B44E-3B215DA17196}
 43 ...00 00 00 00 00 00 00 e0  isatap.{A1E50CAE-1B00-46FD-80CC-1DE758CBD49D}
 38 ...00 00 00 00 00 00 00 e0  isatap.{F6ECDE35-7959-47D1-B44E-3B215DA17196}
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.17     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.17    281
     192.168.1.17  255.255.255.255         On-link      192.168.1.17    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.17    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.17    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.17    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     18 2001::/32                On-link
 12    266 2001:0:9d38:6ab8:14bd:3d2d:3f57:feee/128
                                    On-link
 11    281 fe80::/64                On-link
 12    266 fe80::/64                On-link
 11    281 fe80::9a0:ec09:63fd:abd/128
                                    On-link
 12    266 fe80::14bd:3d2d:3f57:feee/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    266 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/01/2013 00:04:25 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/30/2013 10:31:09 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (09/30/2013 10:31:09 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (09/30/2013 10:29:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/30/2013 10:19:39 PM) (Source: Google Update) (User: Owner-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7
 
Error: (09/30/2013 10:55:23 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/29/2013 10:19:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/29/2013 10:10:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/29/2013 05:18:34 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/29/2013 04:56:33 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (10/01/2013 00:04:29 AM) (Source: Service Control Manager) (User: )
Description: SRTSP
SRTSPX
 
Error: (10/01/2013 00:04:28 AM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service
 
Error: (10/01/2013 00:04:25 AM) (Source: Service Control Manager) (User: )
Description: Norton Internet Security%%3
 
Error: (10/01/2013 00:04:25 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
 
Error: (09/30/2013 10:30:14 PM) (Source: Service Control Manager) (User: )
Description: SRTSP
SRTSPX
 
Error: (09/30/2013 10:30:14 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service
 
Error: (09/30/2013 10:29:58 PM) (Source: Service Control Manager) (User: )
Description: Norton Internet Security%%3
 
Error: (09/30/2013 10:29:58 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
 
Error: (09/30/2013 10:28:18 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:19:31 PM on 9/30/2013 was unexpected.
 
Error: (09/30/2013 10:27:05 PM) (Source: Service Control Manager) (User: )
Description: 30000VZWConfigService
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-04-25 15:33:59.505
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-25 15:33:59.395
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-25 15:33:59.286
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-25 15:33:59.176
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-25 15:33:59.003
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
 Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe AIR (Version: 3.8.0.1430)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.175)
Adobe Reader 9 (Version: 9.0.0)
Adobe Shockwave Player (Version: 11.0)
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
BufferChm (Version: 100.0.170.000)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HD Audio (Version: 4.58.0.0)
CyberLink DVD Suite (Version: 6.0.2203)
CyberLink YouCam (Version: 2.0.2328)
D4300 (Version: 100.0.206.000)
D4300_Help (Version: 100.0.206.000)
DeviceDiscovery (Version: 100.0.190.000)
DJ_SF_03_D4300_ProductContext (Version: 100.0.215.000)
DJ_SF_03_D4300_Software (Version: 100.0.206.000)
DJ_SF_03_D4300_Software_Min (Version: 100.0.206.000)
dj_sf_ProductContext (Version: 90.0.235.000)
dj_sf_software (Version: 90.0.235.000)
dj_sf_software_req (Version: 90.0.235.000)
DomaIQ
Download Updater (AOL LLC)
ESU for Microsoft Vista (Version: 1.0.0)
eSupportQFolder (Version: 1.00.0000)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
FlashPlayer (Version: 1.6.8)
FriendsChecker (Version: 2.5.54)
Google Chrome (Version: 29.0.1547.76)
Google Update Helper (Version: 1.3.21.153)
GPBaseService (Version: 100.0.187.000)
HDAUDIO Soft Data Fax Modem with SmartCP
HP Active Support Library (Version: 3.1.9.1)
HP Customer Experience Enhancements (Version: 5.7.0.2664)
HP Customer Participation Program 10.0 (Version: 10.0)
HP Deskjet D4300 Printer Driver Software 10.0 Rel .3 (Version: 10.0)
HP Deskjet Printer Driver Software 9.0 (Version: 9.0)
HP Doc Viewer (Version: 1.03.0001)
HP DVD Play 3.7 (Version: 3.7.0.5723)
HP Help and Support (Version: 2.1.2.0)
HP Imaging Device Functions 10.0 (Version: 10.0)
HP Photosmart Essential 2.5 (Version: 1.02.0000)
HP Photosmart Essential 2.5 (Version: 2.5)
HP Quick Launch Buttons 6.40 H2 (Version: 6.40 H2)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 10.0 (Version: 10.0)
HP Total Care Advisor (Version: 2.4.4941.2798)
HP Total Care Advisor (Version: 2.4.6651.2902)
HP Total Care Setup (Version: 1.1.1983.2818)
HP Update (Version: 5.005.000.002)
HP User Guides 0118 (Version: 1.01.0000)
HP Wireless Assistant (Version: 3.00 K2)
HPAsset component for HP Active Support Library (Version: 3.0.0.3)
HPDiagnosticAlert (Version: 1.00.0000)
HPNetworkAssistant (Version: 1.1.70)
HPProductAssistant (Version: 100.0.170.000)
IB Updater Service (Version: 3.0.5.3)
InfoAtoms (Version: 1.6.0.1)
Intel® Graphics Media Accelerator Driver
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
LabelPrint (Version: 2.5.0926)
LightScribe System Software  1.14.17.1 (Version: 1.14.17.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 100.0.170.000)
McAfee Internet Security (Version: 10.5.221)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 9.7.0621)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NetWaiting (Version: 2.5.52)
Norton Internet Security (Version: 16.0.0.125)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PanoStandAlone (Version: 90.0.146.000)
PANTECH USB Modem V2 (Version: 1.2.4151.1109)
Power2Go (Version: 6.0.2202)
PowerDirector (Version: 7.0.2201)
PSSWCORE (Version: 2.02.0000)
QuickTime (Version: 7.73.80.64)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Realtek USB 2.0 Card Reader (Version: 3.0.1.3)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 100.0.175.000)
Status (Version: 100.0.175.000)
SUPERAntiSpyware (Version: 5.6.1020)
Synaptics Pointing Device Driver (Version: 11.1.3.0)
Toolbox (Version: 100.0.170.000)
TrayApp (Version: 100.0.170.000)
UnloadSupport (Version: 10.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Verizon Mobile Broadband Drivers (Version: 3.10.005.002.09)
VideoToolkit01 (Version: 100.0.128.000)
VZAccess Manager (Version: 7.6.3.1)
Web Launcher (Version: 1.0.0.20)
WebReg (Version: 100.0.170.000)
Yahoo! Messenger
Zoosk Messenger (Version: 4.157.2)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 47%
Total physical RAM: 3002.45 MB
Available physical RAM: 1563.34 MB
Total Pagefile: 6211.15 MB
Available Pagefile: 4339.7 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.09 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:287.17 GB) (Free:209.5 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10.92 GB) (Free:1.82 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\OWNER-PC
 
Administrator            ASPNET                   Guest                    
Owner                    
 
 
**** End of log ****
 
 
 
00:33:16.0108 0x1758  TDSS rootkit removing tool 3.0.0.11 Sep 30 2013 09:17:03
00:33:17.0453 0x1758  ============================================================
00:33:17.0453 0x1758  Current date / time: 2013/10/01 00:33:17.0453
00:33:17.0453 0x1758  SystemInfo:
00:33:17.0453 0x1758  
00:33:17.0453 0x1758  OS Version: 6.0.6002 ServicePack: 2.0
00:33:17.0453 0x1758  Product type: Workstation
00:33:17.0453 0x1758  ComputerName: OWNER-PC
00:33:17.0454 0x1758  UserName: Owner
00:33:17.0454 0x1758  Windows directory: C:\Windows
00:33:17.0454 0x1758  System windows directory: C:\Windows
00:33:17.0454 0x1758  Processor architecture: Intel x86
00:33:17.0454 0x1758  Number of processors: 2
00:33:17.0454 0x1758  Page size: 0x1000
00:33:17.0454 0x1758  Boot type: Normal boot
00:33:17.0454 0x1758  ============================================================
00:33:20.0515 0x1758  System UUID: {78E6E0AC-F84D-DE1F-47CB-7E44F7C995E8}
00:33:21.0052 0x1758  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x13135, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x7F, Type 'K0', Flags 0x00000050
00:33:21.0054 0x1758  ============================================================
00:33:21.0054 0x1758  \Device\Harddisk0\DR0:
00:33:21.0055 0x1758  MBR partitions:
00:33:21.0055 0x1758  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23E55000
00:33:21.0055 0x1758  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23E55800, BlocksNum 0x15D7800
00:33:21.0055 0x1758  ============================================================
00:33:21.0075 0x1758  C: <-> \Device\Harddisk0\DR0\Partition1
00:33:21.0128 0x1758  D: <-> \Device\Harddisk0\DR0\Partition2
00:33:21.0128 0x1758  ============================================================
00:33:21.0128 0x1758  Initialize success
00:33:21.0128 0x1758  ============================================================
00:34:56.0817 0x0d0c  ============================================================
00:34:56.0817 0x0d0c  Scan started
00:34:56.0818 0x0d0c  Mode: Manual; 
00:34:56.0818 0x0d0c  ============================================================
00:34:56.0818 0x0d0c  KSN ping started
00:34:59.0603 0x0d0c  KSN ping finished: true
00:35:00.0832 0x0d0c  ================ Scan system memory ========================
00:35:00.0832 0x0d0c  System memory - ok
00:35:00.0832 0x0d0c  ================ Scan services =============================
00:35:00.0918 0x0d0c  [ 44C85670246E4183650EF0E664346DDC, 684AB771D707E181C831C3BF0162D5B0B5A1E089400DD3C741D212D7D25AECF1 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
00:35:00.0923 0x0d0c  !SASCORE - ok
00:35:01.0097 0x0d0c  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
00:35:01.0106 0x0d0c  ACPI - ok
00:35:01.0158 0x0d0c  [ 24A0876D07EF356DCBC1D7A7929354AB, 765653E856EC5841DB851363E7C7CFC332D3605789ECD0998762F60ADD56A0D8 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:35:01.0166 0x0d0c  AdobeFlashPlayerUpdateSvc - ok
00:35:01.0208 0x0d0c  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
00:35:01.0224 0x0d0c  adp94xx - ok
00:35:01.0241 0x0d0c  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
00:35:01.0253 0x0d0c  adpahci - ok
00:35:01.0273 0x0d0c  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
00:35:01.0278 0x0d0c  adpu160m - ok
00:35:01.0309 0x0d0c  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
00:35:01.0316 0x0d0c  adpu320 - ok
00:35:01.0361 0x0d0c  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
00:35:01.0362 0x0d0c  AeLookupSvc - ok
00:35:01.0418 0x0d0c  [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD             C:\Windows\system32\drivers\afd.sys
00:35:01.0427 0x0d0c  AFD - ok
00:35:01.0449 0x0d0c  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
00:35:01.0452 0x0d0c  agp440 - ok
00:35:01.0466 0x0d0c  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
00:35:01.0469 0x0d0c  aic78xx - ok
00:35:01.0485 0x0d0c  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
00:35:01.0488 0x0d0c  ALG - ok
00:35:01.0503 0x0d0c  [ 3D76FDA1A10ACC3DC84728F55C29B6D4, E6D0FF73C7041C4F889269B91EEF3BB35467691B6EAA244F3C2AC2F65EA23C72 ] aliide          C:\Windows\system32\drivers\aliide.sys
00:35:01.0505 0x0d0c  aliide - ok
00:35:01.0532 0x0d0c  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
00:35:01.0535 0x0d0c  amdagp - ok
00:35:01.0541 0x0d0c  [ 5B92E7839F5A1FBC1B39DE67758AD6F8, 2672A666C8A2BADB01792EFFC09FCB295A3EDFFF4A2023C223F1ADBD4A8E77F2 ] amdide          C:\Windows\system32\drivers\amdide.sys
00:35:01.0542 0x0d0c  amdide - ok
00:35:01.0560 0x0d0c  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
00:35:01.0562 0x0d0c  AmdK7 - ok
00:35:01.0576 0x0d0c  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
00:35:01.0578 0x0d0c  AmdK8 - ok
00:35:01.0603 0x0d0c  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
00:35:01.0604 0x0d0c  Appinfo - ok
00:35:01.0630 0x0d0c  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
00:35:01.0633 0x0d0c  arc - ok
00:35:01.0643 0x0d0c  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
00:35:01.0646 0x0d0c  arcsas - ok
00:35:01.0767 0x0d0c  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:35:01.0770 0x0d0c  aspnet_state - ok
00:35:01.0787 0x0d0c  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
00:35:01.0789 0x0d0c  AsyncMac - ok
00:35:01.0818 0x0d0c  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
00:35:01.0820 0x0d0c  atapi - ok
00:35:01.0885 0x0d0c  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:35:01.0895 0x0d0c  AudioEndpointBuilder - ok
00:35:01.0911 0x0d0c  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
00:35:01.0921 0x0d0c  Audiosrv - ok
00:35:01.0949 0x0d0c  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
00:35:01.0951 0x0d0c  Beep - ok
00:35:01.0995 0x0d0c  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
00:35:02.0006 0x0d0c  BFE - ok
00:35:02.0091 0x0d0c  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
00:35:02.0116 0x0d0c  BITS - ok
00:35:02.0145 0x0d0c  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
00:35:02.0147 0x0d0c  blbdrive - ok
00:35:02.0202 0x0d0c  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
00:35:02.0206 0x0d0c  bowser - ok
00:35:02.0221 0x0d0c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
00:35:02.0223 0x0d0c  BrFiltLo - ok
00:35:02.0249 0x0d0c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
00:35:02.0251 0x0d0c  BrFiltUp - ok
00:35:02.0272 0x0d0c  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
00:35:02.0276 0x0d0c  Browser - ok
00:35:02.0302 0x0d0c  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
00:35:02.0306 0x0d0c  Brserid - ok
00:35:02.0330 0x0d0c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
00:35:02.0333 0x0d0c  BrSerWdm - ok
00:35:02.0345 0x0d0c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
00:35:02.0347 0x0d0c  BrUsbMdm - ok
00:35:02.0365 0x0d0c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
00:35:02.0367 0x0d0c  BrUsbSer - ok
00:35:02.0386 0x0d0c  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
00:35:02.0389 0x0d0c  BTHMODEM - ok
00:35:02.0414 0x0d0c  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
00:35:02.0417 0x0d0c  cdfs - ok
00:35:02.0456 0x0d0c  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
00:35:02.0459 0x0d0c  cdrom - ok
00:35:02.0495 0x0d0c  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
00:35:02.0498 0x0d0c  CertPropSvc - ok
00:35:02.0536 0x0d0c  [ 7E6F7DA1C4DE5680820F964562548949, 5DB700DB40E368042286BE285FD05D17F186C5C92DB3955D6D806EDFFD0A0020 ] cfwids          C:\Windows\system32\drivers\cfwids.sys
00:35:02.0539 0x0d0c  cfwids - ok
00:35:02.0573 0x0d0c  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
00:35:02.0576 0x0d0c  circlass - ok
00:35:02.0634 0x0d0c  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
00:35:02.0642 0x0d0c  CLFS - ok
00:35:02.0680 0x0d0c  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:35:02.0683 0x0d0c  clr_optimization_v2.0.50727_32 - ok
00:35:02.0721 0x0d0c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:35:02.0725 0x0d0c  clr_optimization_v4.0.30319_32 - ok
00:35:02.0752 0x0d0c  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
00:35:02.0753 0x0d0c  CmBatt - ok
00:35:02.0769 0x0d0c  [ D36372A6EA6805EFBE8884D10772313F, 243FCA697FEEBCB1F501C49DF75901C18F9BC301E693AA22EBB43F2B7CA26991 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
00:35:02.0770 0x0d0c  cmdide - ok
00:35:02.0813 0x0d0c  [ 1ADF6F4852E7D7E2E8AC481BDB970586, B5A89EE8E9BEE08FF99B9BEE2CC731FE023DA80DC52B575AE2B032F46445A65A ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
00:35:02.0820 0x0d0c  CnxtHdAudService - ok
00:35:02.0902 0x0d0c  [ 7795F8CEBC284A426B53F541E538695F, 1A56B32CA26505D9B1899EF4C3E1E1A815D8A36CC476691DBCE8A41109208C87 ] Com4QLBEx       C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
00:35:02.0907 0x0d0c  Com4QLBEx - ok
00:35:02.0918 0x0d0c  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
00:35:02.0920 0x0d0c  Compbatt - ok
00:35:02.0925 0x0d0c  COMSysApp - ok
00:35:02.0934 0x0d0c  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
00:35:02.0936 0x0d0c  crcdisk - ok
00:35:02.0957 0x0d0c  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
00:35:02.0959 0x0d0c  Crusoe - ok
00:35:03.0009 0x0d0c  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
00:35:03.0013 0x0d0c  CryptSvc - ok
00:35:03.0079 0x0d0c  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
00:35:03.0094 0x0d0c  DcomLaunch - ok
00:35:03.0111 0x0d0c  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
00:35:03.0114 0x0d0c  DfsC - ok
00:35:03.0213 0x0d0c  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
00:35:03.0261 0x0d0c  DFSR - ok
00:35:03.0306 0x0d0c  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
00:35:03.0312 0x0d0c  Dhcp - ok
00:35:03.0347 0x0d0c  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
00:35:03.0350 0x0d0c  disk - ok
00:35:03.0412 0x0d0c  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
00:35:03.0415 0x0d0c  Dnscache - ok
00:35:03.0452 0x0d0c  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
00:35:03.0459 0x0d0c  dot3svc - ok
00:35:03.0489 0x0d0c  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
00:35:03.0494 0x0d0c  DPS - ok
00:35:03.0517 0x0d0c  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
00:35:03.0518 0x0d0c  drmkaud - ok
00:35:03.0575 0x0d0c  [ 5DE0FAEC9E5D1AAE74F8568897891A01, 72E57A7F3591C8ABD3C4DF9842A661049A9B6883A534630EF460D60ACFAA4C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
00:35:03.0592 0x0d0c  DXGKrnl - ok
00:35:03.0616 0x0d0c  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
00:35:03.0622 0x0d0c  E1G60 - ok
00:35:03.0668 0x0d0c  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
00:35:03.0671 0x0d0c  EapHost - ok
00:35:03.0719 0x0d0c  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
00:35:03.0724 0x0d0c  Ecache - ok
00:35:03.0787 0x0d0c  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
00:35:03.0797 0x0d0c  ehRecvr - ok
00:35:03.0813 0x0d0c  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
00:35:03.0818 0x0d0c  ehSched - ok
00:35:03.0829 0x0d0c  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
00:35:03.0831 0x0d0c  ehstart - ok
00:35:03.0867 0x0d0c  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
00:35:03.0878 0x0d0c  elxstor - ok
00:35:03.0937 0x0d0c  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
00:35:03.0951 0x0d0c  EMDMgmt - ok
00:35:03.0969 0x0d0c  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
00:35:03.0971 0x0d0c  ErrDev - ok
00:35:04.0027 0x0d0c  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
00:35:04.0034 0x0d0c  EventSystem - ok
00:35:04.0070 0x0d0c  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
00:35:04.0075 0x0d0c  exfat - ok
00:35:04.0117 0x0d0c  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
00:35:04.0122 0x0d0c  fastfat - ok
00:35:04.0153 0x0d0c  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
00:35:04.0155 0x0d0c  fdc - ok
00:35:04.0174 0x0d0c  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
00:35:04.0176 0x0d0c  fdPHost - ok
00:35:04.0185 0x0d0c  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
00:35:04.0187 0x0d0c  FDResPub - ok
00:35:04.0203 0x0d0c  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
00:35:04.0206 0x0d0c  FileInfo - ok
00:35:04.0225 0x0d0c  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
00:35:04.0227 0x0d0c  Filetrace - ok
00:35:04.0254 0x0d0c  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
00:35:04.0255 0x0d0c  flpydisk - ok
00:35:04.0302 0x0d0c  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
00:35:04.0309 0x0d0c  FltMgr - ok
00:35:04.0391 0x0d0c  [ 119ACA7CADCA75BEA6B38E999443BAA6, 82A2C47AD4262E85AE9E8DAC22F4E4D31115E649DA28BFA5B7C64CD9BD3F7D39 ] FontCache       C:\Windows\system32\FntCache.dll
00:35:04.0409 0x0d0c  FontCache - ok
00:35:04.0472 0x0d0c  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:35:04.0474 0x0d0c  FontCache3.0.0.0 - ok
00:35:04.0497 0x0d0c  [ 65EA8B77B5851854F0C55C43FA51A198, 150BE6C195094DBEAC4FD73CC1C31FF59B77A73944574E244D280EE2DE69DC2F ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
00:35:04.0498 0x0d0c  Fs_Rec - ok
00:35:04.0513 0x0d0c  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
00:35:04.0516 0x0d0c  gagp30kx - ok
00:35:04.0569 0x0d0c  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
00:35:04.0583 0x0d0c  gpsvc - ok
00:35:04.0661 0x0d0c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
00:35:04.0666 0x0d0c  gupdate - ok
00:35:04.0673 0x0d0c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
00:35:04.0676 0x0d0c  gupdatem - ok
00:35:04.0709 0x0d0c  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:35:04.0716 0x0d0c  HdAudAddService - ok
00:35:04.0765 0x0d0c  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
00:35:04.0778 0x0d0c  HDAudBus - ok
00:35:04.0791 0x0d0c  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
00:35:04.0793 0x0d0c  HidBth - ok
00:35:04.0815 0x0d0c  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
00:35:04.0816 0x0d0c  HidIr - ok
00:35:04.0843 0x0d0c  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
00:35:04.0845 0x0d0c  hidserv - ok
00:35:04.0860 0x0d0c  [ 3C64042B95E583B366BA4E5D2450235E, B431F9692D66188AFEE372F312581178B14F49D763F8D1100D264623A239002A ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
00:35:04.0861 0x0d0c  HidUsb - ok
00:35:04.0891 0x0d0c  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
00:35:04.0895 0x0d0c  hkmsvc - ok
00:35:04.0945 0x0d0c  [ A19B0BB5A7EB6DF2DD4A0711D36955EE, 307648CAFB3DDCD76FD730CA623945ED71D4276715A38D8CBB203C157C45F691 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
00:35:04.0949 0x0d0c  HP Health Check Service - ok
00:35:04.0989 0x0d0c  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
00:35:04.0991 0x0d0c  HpCISSs - ok
00:35:05.0074 0x0d0c  [ F50F7984FDD151EDD8A70A8DBD9E2A44, 45E7ECA40298B233D124993D6C9D4FBBF05E9A843F4DE089317342B3D8A83696 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
00:35:05.0079 0x0d0c  hpqcxs08 - ok
00:35:05.0112 0x0d0c  [ DF446BA625CC441617843E87798CE048, B45C11EEA7EA792DE82E9BB283B9DCF30F891AAB8366075856BD84D10BCBCCD3 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
00:35:05.0117 0x0d0c  hpqddsvc - ok
00:35:05.0149 0x0d0c  [ 35956140E686D53BF676CF0C778880FC, AFFE1CC956E75AF1DE87F19A58CB03C861907C48DCA03F7454EF7762DEB46F2D ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
00:35:05.0151 0x0d0c  HpqKbFiltr - ok
00:35:05.0223 0x0d0c  [ 1665C7121A026DF10C903DB9BC5E9D43, D96189406774842923BC420C4AF33FA81C83B815E14CE7C444F9CCF545971B7E ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
00:35:05.0229 0x0d0c  hpqwmiex - ok
00:35:05.0299 0x0d0c  [ CC267848CB3508E72762BE65734E764D, E7E39607A48E77544EE286EA678FC2ED8A6C20C9DCB8C901BC70140ECB2E7C2F ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
00:35:05.0329 0x0d0c  HSF_DPV - ok
00:35:05.0358 0x0d0c  [ A2882945CC4B6E3E4E9E825590438888, C0B7E695BBFFB927A3A7122BCA41B454B27F285A0A380E82CEDF87CE573A5C60 ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
00:35:05.0365 0x0d0c  HSXHWAZL - ok
00:35:05.0411 0x0d0c  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
00:35:05.0424 0x0d0c  HTTP - ok
00:35:05.0459 0x0d0c  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
00:35:05.0461 0x0d0c  i2omp - ok
00:35:05.0485 0x0d0c  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
00:35:05.0488 0x0d0c  i8042prt - ok
00:35:05.0519 0x0d0c  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
00:35:05.0526 0x0d0c  iaStorV - ok
00:35:05.0593 0x0d0c  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
00:35:05.0600 0x0d0c  IDriverT - ok
00:35:05.0679 0x0d0c  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:35:05.0706 0x0d0c  idsvc - ok
00:35:06.0108 0x0d0c  [ 8266AE06DF974E5BA047B3E9E9E70B3F, 44E5A8EED802A1DDF3CCDB478A88A3AB3CF009F449FB11E0F94A28498342B4E2 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
00:35:06.0525 0x0d0c  igfx - ok
00:35:06.0594 0x0d0c  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
00:35:06.0596 0x0d0c  iirsp - ok
00:35:06.0657 0x0d0c  [ 9908D8A397B76CD8D31D0D383C5773C9, FFA6996BE9F11A81CB63C849C2400EB44A07706D1EEB7A3502D4110DAC3684A2 ] IKEEXT          C:\Windows\System32\ikeext.dll
00:35:06.0668 0x0d0c  IKEEXT - ok
00:35:06.0702 0x0d0c  [ C7E7E43CBD34D3B0A0156B51B917DFCC, 8F40D053D1AF89E0739D798D41F92801F95AB55CA0109386C426AB57784DD540 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
00:35:06.0707 0x0d0c  IntcHdmiAddService - ok
00:35:06.0724 0x0d0c  [ DD512A049BD7B4BCE8A83554C5EFF2C1, FBC44A9EBFCCE0EF4F6D007590158F7852340D3056298A0C1708E3AC30AB6CA9 ] intelide        C:\Windows\system32\drivers\intelide.sys
00:35:06.0726 0x0d0c  intelide - ok
00:35:06.0746 0x0d0c  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
00:35:06.0748 0x0d0c  intelppm - ok
00:35:06.0775 0x0d0c  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
00:35:06.0779 0x0d0c  IPBusEnum - ok
00:35:06.0812 0x0d0c  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:35:06.0814 0x0d0c  IpFilterDriver - ok
00:35:06.0845 0x0d0c  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
00:35:06.0851 0x0d0c  iphlpsvc - ok
00:35:06.0857 0x0d0c  IpInIp - ok
00:35:06.0891 0x0d0c  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
00:35:06.0894 0x0d0c  IPMIDRV - ok
00:35:06.0919 0x0d0c  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
00:35:06.0923 0x0d0c  IPNAT - ok
00:35:06.0947 0x0d0c  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
00:35:06.0951 0x0d0c  IRENUM - ok
00:35:06.0976 0x0d0c  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
00:35:06.0978 0x0d0c  isapnp - ok
00:35:07.0013 0x0d0c  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
00:35:07.0018 0x0d0c  iScsiPrt - ok
00:35:07.0041 0x0d0c  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
00:35:07.0043 0x0d0c  iteatapi - ok
00:35:07.0078 0x0d0c  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
00:35:07.0080 0x0d0c  iteraid - ok
00:35:07.0102 0x0d0c  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
00:35:07.0104 0x0d0c  kbdclass - ok
00:35:07.0120 0x0d0c  [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
00:35:07.0122 0x0d0c  kbdhid - ok
00:35:07.0177 0x0d0c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
00:35:07.0179 0x0d0c  KeyIso - ok
00:35:07.0249 0x0d0c  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
00:35:07.0263 0x0d0c  KSecDD - ok
00:35:07.0300 0x0d0c  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
00:35:07.0309 0x0d0c  KtmRm - ok
00:35:07.0364 0x0d0c  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
00:35:07.0369 0x0d0c  LanmanServer - ok
00:35:07.0396 0x0d0c  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:35:07.0402 0x0d0c  LanmanWorkstation - ok
00:35:07.0444 0x0d0c  [ ABF90FC5A127F481219B873C1B8DFC1C, 465188183B2848C11743B2A6B987B307D30F636E4958E60766336479473DD121 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
00:35:07.0447 0x0d0c  LightScribeService - ok
00:35:07.0472 0x0d0c  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
00:35:07.0474 0x0d0c  lltdio - ok
00:35:07.0530 0x0d0c  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
00:35:07.0537 0x0d0c  lltdsvc - ok
00:35:07.0553 0x0d0c  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
00:35:07.0556 0x0d0c  lmhosts - ok
00:35:07.0597 0x0d0c  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
00:35:07.0601 0x0d0c  LSI_FC - ok
00:35:07.0621 0x0d0c  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
00:35:07.0625 0x0d0c  LSI_SAS - ok
00:35:07.0642 0x0d0c  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
00:35:07.0645 0x0d0c  LSI_SCSI - ok
00:35:07.0660 0x0d0c  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
00:35:07.0663 0x0d0c  luafv - ok
00:35:07.0742 0x0d0c  [ 2DBFB4034448FDEAD9EA8B3AC375C8EC, 841915F19F42BD8B4B8AE9B3ECF7E6A245D6ADC83EC99131C9594CD2937E0884 ] McAfee SiteAdvisor Service C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
00:35:07.0745 0x0d0c  McAfee SiteAdvisor Service - ok
00:35:07.0815 0x0d0c  [ B26A3EA976E6FD5C03C65F6E5824AD7C, CBEFC3C62E0328C347AC6A4FAF42979AC4E0E6E5EE9DEAE605B0C7E60F297696 ] McMPFSvc        C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
00:35:07.0824 0x0d0c  McMPFSvc - ok
00:35:07.0843 0x0d0c  [ B26A3EA976E6FD5C03C65F6E5824AD7C, CBEFC3C62E0328C347AC6A4FAF42979AC4E0E6E5EE9DEAE605B0C7E60F297696 ] mcmscsvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:35:07.0849 0x0d0c  mcmscsvc - ok
00:35:07.0866 0x0d0c  [ B26A3EA976E6FD5C03C65F6E5824AD7C, CBEFC3C62E0328C347AC6A4FAF42979AC4E0E6E5EE9DEAE605B0C7E60F297696 ] McNaiAnn        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:35:07.0875 0x0d0c  McNaiAnn - ok
00:35:07.0894 0x0d0c  [ B26A3EA976E6FD5C03C65F6E5824AD7C, CBEFC3C62E0328C347AC6A4FAF42979AC4E0E6E5EE9DEAE605B0C7E60F297696 ] McNASvc         C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:35:07.0900 0x0d0c  McNASvc - ok
00:35:07.0984 0x0d0c  [ ADA83A989D5822DAA5E2F62FDF118AC6, E17BDDF4443154D97DEFEB6031F20CC322B4582528DC80E5768BB37D104C36B0 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
00:35:07.0996 0x0d0c  McODS - ok
00:35:08.0026 0x0d0c  [ B26A3EA976E6FD5C03C65F6E5824AD7C, CBEFC3C62E0328C347AC6A4FAF42979AC4E0E6E5EE9DEAE605B0C7E60F297696 ] McProxy         C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:35:08.0032 0x0d0c  McProxy - ok
00:35:08.0094 0x0d0c  [ BE02C80A9D856868BB14E4C7DB6F82BB, 98FA0D1D6CBBB1CFDAC134186916F91337CFE6E6D7D6221CAAA80C04498E56AF ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
00:35:08.0100 0x0d0c  McShield - ok
00:35:08.0134 0x0d0c  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
00:35:08.0138 0x0d0c  Mcx2Svc - ok
00:35:08.0160 0x0d0c  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
00:35:08.0161 0x0d0c  mdmxsdk - ok
00:35:08.0188 0x0d0c  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
00:35:08.0189 0x0d0c  megasas - ok
00:35:08.0212 0x0d0c  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
00:35:08.0224 0x0d0c  MegaSR - ok
00:35:08.0264 0x0d0c  [ 84D59A3EDDFB9438FB94F7F80D37859D, C932356D47382F4894A146DFADFD7EF53EE5680332FDEEE5DD60E46E9AD211BD ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
00:35:08.0268 0x0d0c  mfeapfk - ok
00:35:08.0315 0x0d0c  [ 67E961988312B1A28D6F93357B0BF998, D802889674C21F7A46EDE86E016A6ABC5FD70842F36DC2E2D19AADA2590E0A70 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
00:35:08.0323 0x0d0c  mfeavfk - ok
00:35:08.0360 0x0d0c  mfeavfk01 - ok
00:35:08.0387 0x0d0c  [ 19161B1796CF74A6A326ABDE309062BA, 6D770B310988E79D857CDA45FAE4D0CB588DD1CF03CA096FBB2A0BA2386D98E1 ] mfebopk         C:\Windows\system32\drivers\mfebopk.sys
00:35:08.0390 0x0d0c  mfebopk - ok
00:35:08.0448 0x0d0c  [ 3D8E909DA47E22E2B32056FD2AE66EDE, 63FD198011341ACDAD42D3E14C6DE24EEDBC2C97F78775EC139BD88737D37830 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
00:35:08.0453 0x0d0c  mfefire - ok
00:35:08.0510 0x0d0c  [ D5F89B4934960C70882924D992C6ABFC, B5FB5C00D6D03877867D5C056EBBC6F1A3F55C5611F10F21D5E5C0FEE2B632B4 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
00:35:08.0526 0x0d0c  mfefirek - ok
00:35:08.0568 0x0d0c  [ 0EFAB2B91B27543FE589DE700DE07136, 13E617DA589AB5173D385C995D6BA9558905837095609EF063F94F683391EDE0 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
00:35:08.0583 0x0d0c  mfehidk - ok
00:35:08.0615 0x0d0c  [ B4022E16569BBD1A85E68E7E78E68880, 9F07418C3C6A1663F0AD8EE04A1DC7DA13DAC8A9AA3C1A32E47747C10EA54434 ] mfenlfk         C:\Windows\system32\DRIVERS\mfenlfk.sys
00:35:08.0619 0x0d0c  mfenlfk - ok
00:35:08.0694 0x0d0c  [ C9EDA1EADA2AB6E34CD1A10C3A24AB25, 9326EB1FEE3C6DC4ED17A51726776FE505A1418F2E184E7B485FA8DA7D80A86A ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys
00:35:08.0696 0x0d0c  mferkdet - ok
00:35:08.0726 0x0d0c  [ 5C1B2814EF2A6313936A111D3FD095AF, C6869FA559444A6297B4E24E1A41348DEA146BA57BF2C41FCED4A15BBB269E62 ] mfevtp          C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
00:35:08.0730 0x0d0c  mfevtp - ok
00:35:08.0771 0x0d0c  [ 183F32C79D1693170DF3BAECEC611125, BD590261ADE85C262EFCA72FB892A66997583034286A78C4E9A3E8C7D760F8E1 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
00:35:08.0780 0x0d0c  mfewfpk - ok
00:35:08.0820 0x0d0c  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
00:35:08.0823 0x0d0c  MMCSS - ok
00:35:08.0844 0x0d0c  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
00:35:08.0846 0x0d0c  Modem - ok
00:35:08.0871 0x0d0c  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
00:35:08.0873 0x0d0c  monitor - ok
00:35:08.0889 0x0d0c  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
00:35:08.0896 0x0d0c  mouclass - ok
00:35:08.0923 0x0d0c  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
00:35:08.0925 0x0d0c  mouhid - ok
00:35:08.0939 0x0d0c  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
00:35:08.0941 0x0d0c  MountMgr - ok
00:35:08.0956 0x0d0c  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
00:35:08.0960 0x0d0c  mpio - ok
00:35:08.0977 0x0d0c  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
00:35:08.0982 0x0d0c  mpsdrv - ok
00:35:09.0041 0x0d0c  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
00:35:09.0052 0x0d0c  MpsSvc - ok
00:35:09.0091 0x0d0c  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
00:35:09.0093 0x0d0c  Mraid35x - ok
00:35:09.0135 0x0d0c  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
00:35:09.0140 0x0d0c  MRxDAV - ok
00:35:09.0193 0x0d0c  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
00:35:09.0197 0x0d0c  mrxsmb - ok
00:35:09.0262 0x0d0c  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:35:09.0270 0x0d0c  mrxsmb10 - ok
00:35:09.0293 0x0d0c  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:35:09.0297 0x0d0c  mrxsmb20 - ok
00:35:09.0343 0x0d0c  [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci          C:\Windows\system32\drivers\msahci.sys
00:35:09.0345 0x0d0c  msahci - ok
00:35:09.0372 0x0d0c  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
00:35:09.0376 0x0d0c  msdsm - ok
00:35:09.0402 0x0d0c  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
00:35:09.0408 0x0d0c  MSDTC - ok
00:35:09.0430 0x0d0c  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
00:35:09.0432 0x0d0c  Msfs - ok
00:35:09.0458 0x0d0c  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
00:35:09.0460 0x0d0c  msisadrv - ok
00:35:09.0501 0x0d0c  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
00:35:09.0506 0x0d0c  MSiSCSI - ok
00:35:09.0513 0x0d0c  msiserver - ok
00:35:09.0547 0x0d0c  [ B26A3EA976E6FD5C03C65F6E5824AD7C, CBEFC3C62E0328C347AC6A4FAF42979AC4E0E6E5EE9DEAE605B0C7E60F297696 ] MSK80Service    C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
00:35:09.0555 0x0d0c  MSK80Service - ok
00:35:09.0579 0x0d0c  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
00:35:09.0581 0x0d0c  MSKSSRV - ok
00:35:09.0599 0x0d0c  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
00:35:09.0600 0x0d0c  MSPCLOCK - ok
00:35:09.0621 0x0d0c  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
00:35:09.0622 0x0d0c  MSPQM - ok
00:35:09.0664 0x0d0c  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
00:35:09.0670 0x0d0c  MsRPC - ok
00:35:09.0705 0x0d0c  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
00:35:09.0706 0x0d0c  mssmbios - ok
00:35:09.0716 0x0d0c  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
00:35:09.0718 0x0d0c  MSTEE - ok
00:35:09.0753 0x0d0c  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
00:35:09.0755 0x0d0c  Mup - ok
00:35:09.0804 0x0d0c  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
00:35:09.0816 0x0d0c  napagent - ok
00:35:09.0861 0x0d0c  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
00:35:09.0866 0x0d0c  NativeWifiP - ok
00:35:09.0907 0x0d0c  NAVENG - ok
00:35:09.0916 0x0d0c  NAVEX15 - ok
00:35:09.0982 0x0d0c  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
00:35:09.0994 0x0d0c  NDIS - ok
00:35:10.0033 0x0d0c  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
00:35:10.0035 0x0d0c  NdisTapi - ok
00:35:10.0049 0x0d0c  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
00:35:10.0050 0x0d0c  Ndisuio - ok
00:35:10.0090 0x0d0c  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
00:35:10.0095 0x0d0c  NdisWan - ok
00:35:10.0121 0x0d0c  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
00:35:10.0123 0x0d0c  NDProxy - ok
00:35:10.0142 0x0d0c  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
00:35:10.0144 0x0d0c  NetBIOS - ok
00:35:10.0185 0x0d0c  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
00:35:10.0191 0x0d0c  netbt - ok
00:35:10.0221 0x0d0c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
00:35:10.0223 0x0d0c  Netlogon - ok
00:35:10.0261 0x0d0c  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
00:35:10.0270 0x0d0c  Netman - ok
00:35:10.0313 0x0d0c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:35:10.0321 0x0d0c  NetMsmqActivator - ok
00:35:10.0333 0x0d0c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:35:10.0337 0x0d0c  NetPipeActivator - ok
00:35:10.0365 0x0d0c  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
00:35:10.0372 0x0d0c  netprofm - ok
00:35:10.0385 0x0d0c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:35:10.0389 0x0d0c  NetTcpActivator - ok
00:35:10.0401 0x0d0c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:35:10.0405 0x0d0c  NetTcpPortSharing - ok
00:35:10.0537 0x0d0c  [ 35D5458D9A1B26B2005ABFFBF4C1C5E7, EE044FB7A49336FEDA1BDBBD2AD7A4A163C780A6A464B7712688E0BA0B4E6C40 ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
00:35:10.0608 0x0d0c  NETw3v32 - ok
00:35:10.0788 0x0d0c  [ BA420E8EBFCAD35581FE8E4C64F71469, 187C17409598A848602079664964C0B4699F420593410571CC84E26B26DAC514 ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
00:35:10.0941 0x0d0c  NETw5v32 - ok
00:35:10.0980 0x0d0c  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
00:35:10.0983 0x0d0c  nfrd960 - ok
00:35:11.0022 0x0d0c  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
00:35:11.0028 0x0d0c  NlaSvc - ok
00:35:11.0048 0x0d0c  Norton Internet Security - ok
00:35:11.0093 0x0d0c  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
00:35:11.0095 0x0d0c  Npfs - ok
00:35:11.0110 0x0d0c  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
00:35:11.0113 0x0d0c  nsi - ok
00:35:11.0139 0x0d0c  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
00:35:11.0141 0x0d0c  nsiproxy - ok
00:35:11.0235 0x0d0c  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
00:35:11.0271 0x0d0c  Ntfs - ok
00:35:11.0305 0x0d0c  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
00:35:11.0307 0x0d0c  ntrigdigi - ok
00:35:11.0323 0x0d0c  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
00:35:11.0324 0x0d0c  Null - ok
00:35:11.0344 0x0d0c  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
00:35:11.0347 0x0d0c  nvraid - ok
00:35:11.0368 0x0d0c  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
00:35:11.0373 0x0d0c  nvstor - ok
00:35:11.0404 0x0d0c  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
00:35:11.0409 0x0d0c  nv_agp - ok
00:35:11.0442 0x0d0c  [ 977ABAF16F4785A96AFDF4A0BDD3B632, 787F3CC11C2BDCE40AFD1DBDA0092B2397CDC77EAEBC6F730C199A4FD47D7873 ] NWADI           C:\Windows\system32\DRIVERS\NWADIenum.sys
00:35:11.0448 0x0d0c  NWADI - ok
00:35:11.0458 0x0d0c  NwlnkFlt - ok
00:35:11.0472 0x0d0c  NwlnkFwd - ok
00:35:11.0500 0x0d0c  [ F096072E2DAB3ED6CE1FC3591A1626ED, CCCDF027C2211D99AFA27D56D3C50FCB55286F04BE79855F7CFB73C83D840F1A ] NWRmNet_001     C:\Windows\system32\DRIVERS\NWRmNet_001.sys
00:35:11.0508 0x0d0c  NWRmNet_001 - ok
00:35:11.0535 0x0d0c  [ A880714FA83F46E3A564F50B2A4F2BD8, 66C89FFC5B769748FACC952A81D0E00854696A4F312AF6607A3C5B6269C374BF ] NWUSBModem_001  C:\Windows\system32\DRIVERS\nwusbmdm_001.sys
00:35:11.0542 0x0d0c  NWUSBModem_001 - ok
00:35:11.0567 0x0d0c  [ A880714FA83F46E3A564F50B2A4F2BD8, 66C89FFC5B769748FACC952A81D0E00854696A4F312AF6607A3C5B6269C374BF ] NWUSBPort2_001  C:\Windows\system32\DRIVERS\nwusbser2_001.sys
00:35:11.0574 0x0d0c  NWUSBPort2_001 - ok
00:35:11.0596 0x0d0c  [ A880714FA83F46E3A564F50B2A4F2BD8, 66C89FFC5B769748FACC952A81D0E00854696A4F312AF6607A3C5B6269C374BF ] NWUSBPort_001   C:\Windows\system32\DRIVERS\nwusbser_001.sys
00:35:11.0602 0x0d0c  NWUSBPort_001 - ok
00:35:11.0672 0x0d0c  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:35:11.0687 0x0d0c  odserv - ok
00:35:11.0718 0x0d0c  [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
00:35:11.0720 0x0d0c  ohci1394 - ok
00:35:11.0747 0x0d0c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:35:11.0752 0x0d0c  ose - ok
00:35:11.0836 0x0d0c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
00:35:11.0860 0x0d0c  p2pimsvc - ok
00:35:11.0888 0x0d0c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
00:35:11.0908 0x0d0c  p2psvc - ok
00:35:11.0949 0x0d0c  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
00:35:11.0952 0x0d0c  Parport - ok
00:35:11.0994 0x0d0c  [ 57389FA59A36D96B3EB09D0CB91E9CDC, 05A3E2B155789990517CCFDC57FC3D1E9A596E4F31D86350B8BF0C043DE5EE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
00:35:11.0996 0x0d0c  partmgr - ok
00:35:12.0031 0x0d0c  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
00:35:12.0032 0x0d0c  Parvdm - ok
00:35:12.0063 0x0d0c  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
00:35:12.0066 0x0d0c  PcaSvc - ok
00:35:12.0104 0x0d0c  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
00:35:12.0109 0x0d0c  pci - ok
00:35:12.0139 0x0d0c  [ 1D8B3D8DF8EB7FCF2F0AC02F9F947802, E50E68A105B4A2C554B9EC169D404A51566F2010BECB9452BC1B2AC1A77283B0 ] pciide          C:\Windows\system32\drivers\pciide.sys
00:35:12.0141 0x0d0c  pciide - ok
00:35:12.0170 0x0d0c  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
00:35:12.0176 0x0d0c  pcmcia - ok
00:35:12.0231 0x0d0c  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
00:35:12.0261 0x0d0c  PEAUTH - ok
00:35:12.0376 0x0d0c  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
00:35:12.0422 0x0d0c  pla - ok
00:35:12.0481 0x0d0c  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
00:35:12.0489 0x0d0c  PlugPlay - ok
00:35:12.0536 0x0d0c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
00:35:12.0553 0x0d0c  PNRPAutoReg - ok
00:35:12.0582 0x0d0c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
00:35:12.0605 0x0d0c  PNRPsvc - ok
00:35:12.0658 0x0d0c  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
00:35:12.0667 0x0d0c  PolicyAgent - ok
00:35:12.0704 0x0d0c  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
00:35:12.0707 0x0d0c  PptpMiniport - ok
00:35:12.0721 0x0d0c  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
00:35:12.0726 0x0d0c  Processor - ok
00:35:12.0775 0x0d0c  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
00:35:12.0780 0x0d0c  ProfSvc - ok
00:35:12.0799 0x0d0c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
00:35:12.0801 0x0d0c  ProtectedStorage - ok
00:35:12.0845 0x0d0c  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
00:35:12.0848 0x0d0c  PSched - ok
00:35:12.0876 0x0d0c  [ 9866479C5C894C3A064EEB6F68618822, FEBE4E72392FFD6EF3646E27FBB98F444A3A75010940CB6E257B84E99952D6D1 ] PTUMWBus        C:\Windows\system32\DRIVERS\PTUMWBus.sys
00:35:12.0878 0x0d0c  PTUMWBus - ok
00:35:12.0901 0x0d0c  [ C51EAC8FB88163304329279E82F1D89F, E13B9B057D74D4EDD8FD69904ACCC31FC4882E0B3EFF293DCE33B2C707B4CFC7 ] PTUMWCDF        C:\Windows\system32\DRIVERS\PTUMWCDF.sys
00:35:12.0904 0x0d0c  PTUMWCDF - ok
00:35:12.0934 0x0d0c  [ BDE873E80C037F170C7E71835051F0CF, FDC611E8AECBABC240B7B8BDEB368E2043304B673EF8846F23864D775BDBD3E5 ] PTUMWCSP        C:\Windows\system32\DRIVERS\PTUMWCSP.sys
00:35:12.0941 0x0d0c  PTUMWCSP - ok
00:35:12.0962 0x0d0c  [ 4F840761BB4D674856F6C36F9B66624C, F5C88F9958C8086B885A2A0F5790A19A598BDA7E351443B3AC0A7CA70A028335 ] PTUMWFLT        C:\Windows\system32\DRIVERS\PTUMWFLT.sys
00:35:12.0963 0x0d0c  PTUMWFLT - ok
00:35:13.0001 0x0d0c  [ 411E332A6426C9B87F5F9B02BCDD15BF, 524D26337D00426071DC876214403C68AB84832DE66B98344FCA9D5A160558EC ] PTUMWMdm        C:\Windows\system32\DRIVERS\PTUMWMdm.sys
00:35:13.0007 0x0d0c  PTUMWMdm - ok
00:35:13.0035 0x0d0c  [ BDC1F41F77415A432CA030F30F2AB898, 170A111CB1EFE95F1EE08D015D83ADA19213820B1AA4CCE6D435097529896532 ] PTUMWNET        C:\Windows\system32\DRIVERS\PTUMWNET.sys
00:35:13.0040 0x0d0c  PTUMWNET - ok
00:35:13.0071 0x0d0c  [ 08BE854076E8A54F3F2E59C89CDCFC96, 9EC1C452B8D172F4D342A1AE0FEF245F17D6C15079FD91FA554101FB6A9FD81E ] PTUMWNSP        C:\Windows\system32\DRIVERS\PTUMWNSP.sys
00:35:13.0080 0x0d0c  PTUMWNSP - ok
00:35:13.0122 0x0d0c  [ E4812824CDC46A90DDE225C0FD284098, B7C54AD48CEAF705B5738D360DDA318838744E4189E1592CE99A2932AB5D947D ] PTUMWVsp        C:\Windows\system32\DRIVERS\PTUMWVsp.sys
00:35:13.0128 0x0d0c  PTUMWVsp - ok
00:35:13.0197 0x0d0c  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
00:35:13.0231 0x0d0c  ql2300 - ok
00:35:13.0248 0x0d0c  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
00:35:13.0252 0x0d0c  ql40xx - ok
00:35:13.0296 0x0d0c  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
00:35:13.0306 0x0d0c  QWAVE - ok
00:35:13.0337 0x0d0c  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
00:35:13.0342 0x0d0c  QWAVEdrv - ok
00:35:13.0364 0x0d0c  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
00:35:13.0366 0x0d0c  RasAcd - ok
00:35:13.0401 0x0d0c  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
00:35:13.0407 0x0d0c  RasAuto - ok
00:35:13.0430 0x0d0c  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
00:35:13.0434 0x0d0c  Rasl2tp - ok
00:35:13.0492 0x0d0c  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
00:35:13.0500 0x0d0c  RasMan - ok
00:35:13.0551 0x0d0c  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
00:35:13.0553 0x0d0c  RasPppoe - ok
00:35:13.0603 0x0d0c  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
00:35:13.0607 0x0d0c  RasSstp - ok
00:35:13.0647 0x0d0c  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
00:35:13.0657 0x0d0c  rdbss - ok
00:35:13.0683 0x0d0c  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
00:35:13.0684 0x0d0c  RDPCDD - ok
00:35:13.0722 0x0d0c  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
00:35:13.0730 0x0d0c  rdpdr - ok
00:35:13.0744 0x0d0c  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
00:35:13.0746 0x0d0c  RDPENCDD - ok
00:35:13.0796 0x0d0c  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
00:35:13.0803 0x0d0c  RDPWD - ok
00:35:13.0869 0x0d0c  [ 0D362785BEF9BDF5A6E1F4628D06716D, DFB22D15BFE57988915C46EA366ECA8B47F663AFC87FD45F7BB2B1C966CCD34A ] Recovery Service for Windows C:\Program Files\SMINST\BLService.exe
00:35:13.0878 0x0d0c  Recovery Service for Windows - ok
00:35:13.0928 0x0d0c  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
00:35:13.0933 0x0d0c  RemoteAccess - ok
00:35:13.0973 0x0d0c  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
00:35:13.0979 0x0d0c  RemoteRegistry - ok
00:35:14.0035 0x0d0c  [ 805AE1F90C64758D19AAA001CF8CBA12, 28E389FD9D8106D922AAD0FF93107C4C2900565480ACD9E909D8C134E39E39A1 ] RichVideo       C:\Program Files\CyberLink\Shared files\RichVideo.exe
00:35:14.0041 0x0d0c  RichVideo - ok
00:35:14.0059 0x0d0c  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
00:35:14.0062 0x0d0c  RpcLocator - ok
00:35:14.0103 0x0d0c  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
00:35:14.0117 0x0d0c  RpcSs - ok
00:35:14.0161 0x0d0c  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
00:35:14.0163 0x0d0c  rspndr - ok
00:35:14.0193 0x0d0c  [ 125C504A34D0A2E152517E342E7E432C, 78E8B42B80B267602336C0164EC56DDF0FC634C5E57C63998EEDA79B372A0863 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
00:35:14.0198 0x0d0c  RTL8169 - ok
00:35:14.0235 0x0d0c  [ 8DAB5975B5C7923D61506A48E251DBAD, 34C197BDBFEB676ED7C0262E27EF9190E684A47E4DBFDFA889958966406F9862 ] RTSTOR          C:\Windows\system32\drivers\RTSTOR.SYS
00:35:14.0237 0x0d0c  RTSTOR - ok
00:35:14.0265 0x0d0c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
00:35:14.0268 0x0d0c  SamSs - ok
00:35:14.0347 0x0d0c  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
00:35:14.0349 0x0d0c  SASDIFSV - ok
00:35:14.0379 0x0d0c  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
00:35:14.0382 0x0d0c  SASKUTIL - ok
00:35:14.0400 0x0d0c  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
00:35:14.0403 0x0d0c  sbp2port - ok
00:35:14.0444 0x0d0c  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
00:35:14.0450 0x0d0c  SCardSvr - ok
00:35:14.0509 0x0d0c  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
00:35:14.0525 0x0d0c  Schedule - ok
00:35:14.0572 0x0d0c  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
00:35:14.0574 0x0d0c  SCPolicySvc - ok
00:35:14.0602 0x0d0c  [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
00:35:14.0606 0x0d0c  sdbus - ok
00:35:14.0633 0x0d0c  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
00:35:14.0639 0x0d0c  SDRSVC - ok
00:35:14.0659 0x0d0c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
00:35:14.0661 0x0d0c  secdrv - ok
00:35:14.0673 0x0d0c  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
00:35:14.0676 0x0d0c  seclogon - ok
00:35:14.0695 0x0d0c  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
00:35:14.0699 0x0d0c  SENS - ok
00:35:14.0715 0x0d0c  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
00:35:14.0716 0x0d0c  Serenum - ok
00:35:14.0745 0x0d0c  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
00:35:14.0749 0x0d0c  Serial - ok
00:35:14.0767 0x0d0c  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
00:35:14.0769 0x0d0c  sermouse - ok
00:35:14.0821 0x0d0c  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
00:35:14.0826 0x0d0c  SessionEnv - ok
00:35:14.0860 0x0d0c  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
00:35:14.0862 0x0d0c  sffdisk - ok
00:35:14.0904 0x0d0c  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
00:35:14.0906 0x0d0c  sffp_mmc - ok
00:35:14.0923 0x0d0c  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
00:35:14.0925 0x0d0c  sffp_sd - ok
00:35:14.0943 0x0d0c  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
00:35:14.0945 0x0d0c  sfloppy - ok
00:35:15.0004 0x0d0c  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
00:35:15.0015 0x0d0c  SharedAccess - ok
00:35:15.0085 0x0d0c  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:35:15.0093 0x0d0c  ShellHWDetection - ok
00:35:15.0129 0x0d0c  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
00:35:15.0131 0x0d0c  sisagp - ok
00:35:15.0153 0x0d0c  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
00:35:15.0155 0x0d0c  SiSRaid2 - ok
00:35:15.0180 0x0d0c  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
00:35:15.0183 0x0d0c  SiSRaid4 - ok
00:35:15.0359 0x0d0c  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
00:35:15.0439 0x0d0c  slsvc - ok
00:35:15.0485 0x0d0c  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
00:35:15.0489 0x0d0c  SLUINotify - ok
00:35:15.0516 0x0d0c  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
00:35:15.0519 0x0d0c  Smb - ok
00:35:15.0566 0x0d0c  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
00:35:15.0570 0x0d0c  SNMPTRAP - ok
00:35:15.0604 0x0d0c  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
00:35:15.0606 0x0d0c  spldr - ok
00:35:15.0661 0x0d0c  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
00:35:15.0666 0x0d0c  Spooler - ok
00:35:15.0679 0x0d0c  SRTSP - ok
00:35:15.0705 0x0d0c  SRTSPX - ok
00:35:15.0769 0x0d0c  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
00:35:15.0779 0x0d0c  srv - ok
00:35:15.0823 0x0d0c  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
00:35:15.0828 0x0d0c  srv2 - ok
00:35:15.0859 0x0d0c  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
00:35:15.0864 0x0d0c  srvnet - ok
00:35:15.0901 0x0d0c  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
00:35:15.0907 0x0d0c  SSDPSRV - ok
00:35:15.0928 0x0d0c  [ F87737D83B965EFA765117051E3B9D0C, 7A0A6C02C2E8B9436EE125C7F27817449F8FD0B20B937341A3525CDEAC956A01 ] ssrangdr        C:\Windows\system32\DRIVERS\ssrangdr.sys
00:35:15.0930 0x0d0c  ssrangdr - ok
00:35:15.0948 0x0d0c  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
00:35:15.0953 0x0d0c  SstpSvc - ok
00:35:16.0008 0x0d0c  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
00:35:16.0020 0x0d0c  stisvc - ok
00:35:16.0041 0x0d0c  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
00:35:16.0043 0x0d0c  swenum - ok
00:35:16.0079 0x0d0c  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
00:35:16.0093 0x0d0c  swprv - ok
00:35:16.0115 0x0d0c  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
00:35:16.0117 0x0d0c  Symc8xx - ok
00:35:16.0139 0x0d0c  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
00:35:16.0140 0x0d0c  Sym_hi - ok
00:35:16.0158 0x0d0c  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
00:35:16.0163 0x0d0c  Sym_u3 - ok
00:35:16.0195 0x0d0c  [ 00B19F27858F56181EDB58B71A7C67A0, 50810EAD2234F61310A234DC20B7306E6E809CFFE72F7C71FDE89D4068A29853 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
00:35:16.0202 0x0d0c  SynTP - ok
00:35:16.0260 0x0d0c  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
00:35:16.0279 0x0d0c  SysMain - ok
00:35:16.0317 0x0d0c  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:35:16.0321 0x0d0c  TabletInputService - ok
00:35:16.0378 0x0d0c  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
00:35:16.0386 0x0d0c  TapiSrv - ok
00:35:16.0419 0x0d0c  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
00:35:16.0423 0x0d0c  TBS - ok
00:35:16.0508 0x0d0c  [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
00:35:16.0542 0x0d0c  Tcpip - ok
00:35:16.0583 0x0d0c  [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
00:35:16.0603 0x0d0c  Tcpip6 - ok
00:35:16.0649 0x0d0c  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
00:35:16.0651 0x0d0c  tcpipreg - ok
00:35:16.0676 0x0d0c  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
00:35:16.0681 0x0d0c  TDPIPE - ok
00:35:16.0706 0x0d0c  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
00:35:16.0709 0x0d0c  TDTCP - ok
00:35:16.0748 0x0d0c  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
00:35:16.0754 0x0d0c  tdx - ok
00:35:16.0776 0x0d0c  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
00:35:16.0781 0x0d0c  TermDD - ok
00:35:16.0837 0x0d0c  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
00:35:16.0849 0x0d0c  TermService - ok
00:35:16.0885 0x0d0c  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
00:35:16.0895 0x0d0c  Themes - ok
00:35:16.0917 0x0d0c  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
00:35:16.0921 0x0d0c  THREADORDER - ok
00:35:16.0948 0x0d0c  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
00:35:16.0953 0x0d0c  TrkWks - ok
00:35:17.0010 0x0d0c  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:35:17.0012 0x0d0c  TrustedInstaller - ok
00:35:17.0072 0x0d0c  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
00:35:17.0074 0x0d0c  tssecsrv - ok
00:35:17.0104 0x0d0c  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
00:35:17.0106 0x0d0c  tunmp - ok
00:35:17.0134 0x0d0c  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
00:35:17.0136 0x0d0c  tunnel - ok
00:35:17.0221 0x0d0c  [ 711561440FDC396CB6E4C69C13375A38, 42489100F9E0CCED6CC3C7A6CCE6FDF4EF31A773D7D39A24F06DB2DCBAAA1E87 ] tvnserver       C:\Program Files\ShowMyPCService\tvnserver.exe
00:35:17.0240 0x0d0c  tvnserver - ok
00:35:17.0279 0x0d0c  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
00:35:17.0282 0x0d0c  uagp35 - ok
00:35:17.0327 0x0d0c  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
00:35:17.0335 0x0d0c  udfs - ok
00:35:17.0388 0x0d0c  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
00:35:17.0392 0x0d0c  UI0Detect - ok
00:35:17.0424 0x0d0c  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
00:35:17.0426 0x0d0c  uliagpkx - ok
00:35:17.0461 0x0d0c  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
00:35:17.0468 0x0d0c  uliahci - ok
00:35:17.0485 0x0d0c  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
00:35:17.0491 0x0d0c  UlSata - ok
00:35:17.0515 0x0d0c  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
00:35:17.0519 0x0d0c  ulsata2 - ok
00:35:17.0544 0x0d0c  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
00:35:17.0548 0x0d0c  umbus - ok
00:35:17.0595 0x0d0c  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
00:35:17.0604 0x0d0c  upnphost - ok
00:35:17.0647 0x0d0c  [ CAF811AE4C147FFCD5B51750C7F09142, BD670CF88D8F932AD1C6BA91FB68A7204BC473657C6A057C92AFB84D164D393C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
00:35:17.0650 0x0d0c  usbccgp - ok
00:35:17.0681 0x0d0c  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
00:35:17.0684 0x0d0c  usbcir - ok
00:35:17.0726 0x0d0c  [ 79E96C23A97CE7B8F14D310DA2DB0C9B, EB441D3B93965CD927E0C181031AD1082F59F9885BF35CABFDCA08C6C76B0DAF ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
00:35:17.0728 0x0d0c  usbehci - ok
00:35:17.0770 0x0d0c  [ 4673BBCB006AF60E7ABDDBE7A130BA42, 0B7DED0D887A3530AA5497FDBCB69389486FB9E2B6FAE3163E33713256D575BA ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
00:35:17.0776 0x0d0c  usbhub - ok
00:35:17.0801 0x0d0c  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
00:35:17.0803 0x0d0c  usbohci - ok
00:35:17.0851 0x0d0c  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
00:35:17.0855 0x0d0c  usbprint - ok
00:35:17.0895 0x0d0c  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:35:17.0897 0x0d0c  USBSTOR - ok
00:35:17.0929 0x0d0c  [ 814D653EFC4D48BE3B04A307ECEFF56F, D73D62F51AEFE2F8F2B938B20107C246F2AC2F62ED49112DBD092A5D2E4024B3 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
00:35:17.0931 0x0d0c  usbuhci - ok
00:35:17.0966 0x0d0c  [ E67998E8F14CB0627A769F6530BCB352, 60982F168E9BF13954328C728F55F4D3ADDC572CACB65289B0E895A63DAA08C1 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
00:35:17.0971 0x0d0c  usbvideo - ok
00:35:18.0011 0x0d0c  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
00:35:18.0014 0x0d0c  UxSms - ok
00:35:18.0064 0x0d0c  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
00:35:18.0078 0x0d0c  vds - ok
00:35:18.0106 0x0d0c  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
00:35:18.0108 0x0d0c  vga - ok
00:35:18.0128 0x0d0c  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
00:35:18.0130 0x0d0c  VgaSave - ok
00:35:18.0149 0x0d0c  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
00:35:18.0152 0x0d0c  viaagp - ok
00:35:18.0184 0x0d0c  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
00:35:18.0186 0x0d0c  ViaC7 - ok
00:35:18.0202 0x0d0c  [ EA1AA6E3ABB3C194FEBA12A46DE8CF2C, 5D395C20D9121EA3970980703D8692380B4D8CFDAAC4FA8A2B352209F49318B7 ] viaide          C:\Windows\system32\drivers\viaide.sys
00:35:18.0204 0x0d0c  viaide - ok
00:35:18.0228 0x0d0c  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
00:35:18.0231 0x0d0c  volmgr - ok
00:35:18.0272 0x0d0c  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
00:35:18.0281 0x0d0c  volmgrx - ok
00:35:18.0317 0x0d0c  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
00:35:18.0324 0x0d0c  volsnap - ok
00:35:18.0363 0x0d0c  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
00:35:18.0368 0x0d0c  vsmraid - ok
00:35:18.0449 0x0d0c  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
00:35:18.0483 0x0d0c  VSS - ok
00:35:18.0538 0x0d0c  [ 05D348A272AF77AD77F74F5EEF85ABBE, E43968235E84DA38D48384362D858AC1E66D4A70417625572AF462B5DC4E3D0A ] VZWConfigService C:\Program Files\Novatel Wireless\Verizon\Drivers\VZWMSConfig.exe
00:35:18.0542 0x0d0c  VZWConfigService - ok
00:35:18.0591 0x0d0c  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
00:35:18.0600 0x0d0c  W32Time - ok
00:35:18.0644 0x0d0c  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
00:35:18.0646 0x0d0c  WacomPen - ok
00:35:18.0669 0x0d0c  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
00:35:18.0672 0x0d0c  Wanarp - ok
00:35:18.0686 0x0d0c  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
00:35:18.0688 0x0d0c  Wanarpv6 - ok
00:35:18.0749 0x0d0c  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
00:35:18.0765 0x0d0c  wcncsvc - ok
00:35:18.0803 0x0d0c  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:35:18.0808 0x0d0c  WcsPlugInService - ok
00:35:18.0861 0x0d0c  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
00:35:18.0865 0x0d0c  Wd - ok
00:35:18.0933 0x0d0c  [ A840213F1ACDCC175B4D1D5AAEAC0D7A, B20F7CAEEA790290072BC170EBEEADB4C19E1C40DB0B3FE0D4A640D0D82300D6 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
00:35:18.0949 0x0d0c  Wdf01000 - ok
00:35:18.0984 0x0d0c  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
00:35:18.0988 0x0d0c  WdiServiceHost - ok
00:35:19.0011 0x0d0c  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
00:35:19.0018 0x0d0c  WdiSystemHost - ok
00:35:19.0064 0x0d0c  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
00:35:19.0073 0x0d0c  WebClient - ok
00:35:19.0122 0x0d0c  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
00:35:19.0129 0x0d0c  Wecsvc - ok
00:35:19.0154 0x0d0c  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
00:35:19.0158 0x0d0c  wercplsupport - ok
00:35:19.0204 0x0d0c  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
00:35:19.0210 0x0d0c  WerSvc - ok
00:35:19.0272 0x0d0c  [ 0ACD399F5DB3DF1B58903CF4949AB5A8, F8FA0A8F631AA8F34A0506F1E5E09DFB6CDA1E9E92207A73A74F1A0E7768C49A ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
00:35:19.0293 0x0d0c  winachsf - ok
00:35:19.0340 0x0d0c  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
00:35:19.0349 0x0d0c  WinDefend - ok
00:35:19.0372 0x0d0c  WinHttpAutoProxySvc - ok
00:35:19.0423 0x0d0c  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
00:35:19.0427 0x0d0c  Winmgmt - ok
00:35:19.0508 0x0d0c  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
00:35:19.0546 0x0d0c  WinRM - ok
00:35:19.0631 0x0d0c  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
00:35:19.0645 0x0d0c  Wlansvc - ok
00:35:19.0680 0x0d0c  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
00:35:19.0682 0x0d0c  WmiAcpi - ok
00:35:19.0732 0x0d0c  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
00:35:19.0740 0x0d0c  wmiApSrv - ok
00:35:19.0813 0x0d0c  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
00:35:19.0841 0x0d0c  WMPNetworkSvc - ok
00:35:19.0893 0x0d0c  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
00:35:19.0900 0x0d0c  WPCSvc - ok
00:35:19.0962 0x0d0c  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
00:35:19.0967 0x0d0c  WPDBusEnum - ok
00:35:20.0065 0x0d0c  [ B800EEC15851597405784126C407188C, 78FE6A9CBFC2C10DB88D5D8616DBFD848849630907906D06199C14DC4F6C152D ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:35:20.0089 0x0d0c  WPFFontCache_v0400 - ok
00:35:20.0129 0x0d0c  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
00:35:20.0130 0x0d0c  ws2ifsl - ok
00:35:20.0169 0x0d0c  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
00:35:20.0173 0x0d0c  wscsvc - ok
00:35:20.0187 0x0d0c  WSearch - ok
00:35:20.0307 0x0d0c  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
00:35:20.0362 0x0d0c  wuauserv - ok
00:35:20.0447 0x0d0c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
00:35:20.0451 0x0d0c  WudfPf - ok
00:35:20.0489 0x0d0c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
00:35:20.0495 0x0d0c  WUDFRd - ok
00:35:20.0521 0x0d0c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
00:35:20.0526 0x0d0c  wudfsvc - ok
00:35:20.0563 0x0d0c  [ DAB33CFA9DD24251AAA389FF36B64D4B, 1C5D7C3D6C3552BDD52EB7E76031746D7DAAF64CA2432CC23329DA72BE7252D0 ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
00:35:20.0564 0x0d0c  XAudio - ok
00:35:20.0600 0x0d0c  [ CD5F291A1161F15896D1A4D63DAFF5DF, 4F30DC454F255249431FCD14DE17858A79A088A4084F2CEDD0CF25382D427285 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
00:35:20.0609 0x0d0c  XAudioService - ok
00:35:20.0681 0x0d0c  [ 24FB8DB6D1D55E2C5D0A53DFE48E6AF8, 967B7FA83171485DA1EEF51DB2A21FD17DFB4846E1F700C83E516BD40A542DCA ] Yontoo Desktop Updater C:\Program Files\Yontoo\Y2Desktop.Updater.exe
00:35:20.0682 0x0d0c  Yontoo Desktop Updater - ok
00:35:20.0717 0x0d0c  [ 7D1F3B131D503EF43EE594B5A2B9B427, 307DEC572FBC171D68ED098D73CB6F06754F26E51F8F7DB48035A8CF97AB37D0 ] yukonwlh        C:\Windows\system32\DRIVERS\yk60x86.sys
00:35:20.0723 0x0d0c  yukonwlh - ok
00:35:20.0791 0x0d0c  ================ Scan global ===============================
00:35:20.0846 0x0d0c  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
00:35:20.0897 0x0d0c  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
00:35:20.0925 0x0d0c  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
00:35:20.0974 0x0d0c  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
00:35:20.0982 0x0d0c  [ Global ] - ok
00:35:20.0982 0x0d0c  ================ Scan MBR ==================================
00:35:20.0996 0x0d0c  [ 588AE8F0C685C02BA11F30D9CD7E61A0 ] \Device\Harddisk0\DR0
00:35:21.0324 0x0d0c  \Device\Harddisk0\DR0 - ok
00:35:21.0327 0x0d0c  ================ Scan VBR ==================================
00:35:21.0345 0x0d0c  [ 6BFA14D23CEA50F3EC57851D16B87537 ] \Device\Harddisk0\DR0\Partition1
00:35:21.0346 0x0d0c  \Device\Harddisk0\DR0\Partition1 - ok
00:35:21.0384 0x0d0c  [ 21F462810DE2B3295B0341E14FE4330A ] \Device\Harddisk0\DR0\Partition2
00:35:21.0386 0x0d0c  \Device\Harddisk0\DR0\Partition2 - ok
00:35:21.0389 0x0d0c  Waiting for KSN requests completion. In queue: 327
00:35:22.0389 0x0d0c  Waiting for KSN requests completion. In queue: 327
00:35:23.0389 0x0d0c  Waiting for KSN requests completion. In queue: 327
00:35:24.0402 0x0d0c  AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 10.5.0.0 ), 0x51000 ( enabled : updated )
00:35:24.0407 0x0d0c  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 10.5.0.0 ), 0x51010 ( enabled )
00:35:31.0177 0x0d0c  ============================================================
00:35:31.0177 0x0d0c  Scan finished
00:35:31.0177 0x0d0c  ============================================================
00:35:31.0187 0x15c8  Detected object count: 0
00:35:31.0187 0x15c8  Actual detected object count: 0
00:35:35.0344 0x0864  Deinitialize success
 
 
 
 
# AdwCleaner v3.006 - Report created 01/10/2013 at 00:44:53
# Updated 01/10/2013 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Owner - OWNER-PC
# Running from : C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PTNDJ82X\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : Yontoo Desktop Updater
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\DomaIQ Uninstaller
Folder Deleted : C:\Program Files\InfoAtoms
Folder Deleted : C:\Program Files\MyPC Backup 
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\Program Files\tuguu sl
Folder Deleted : C:\Program Files\Yontoo
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Windows\system32\ARFC
Folder Deleted : C:\Windows\system32\jmdp
Folder Deleted : C:\Windows\system32\WNLT
Folder Deleted : C:\Users\Owner\AppData\Local\Conduit
Folder Deleted : C:\Users\Owner\AppData\Local\Supreme Savings
Folder Deleted : C:\Users\Owner\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Owner\AppData\LocalLow\Delta
Folder Deleted : C:\Users\Owner\AppData\LocalLow\iac
Folder Deleted : C:\Users\Owner\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Owner\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Owner\AppData\Roaming\SpeedanAlysis
Folder Deleted : C:\Users\Owner\AppData\Roaming\Yontoo
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\infoatoms@infoatoms.com
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
File Deleted : C:\END
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Windows\system32\ImhxxpComm.dll
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [infoatoms@infoatoms.com]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [pluswinks@PlusWinks]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [pluswinks@PlusWinks]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [speedanalysis@SpeedAnalysis.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis@SpeedAnalysis.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbog
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKCU\Software\595288d1e738ef40
Key Deleted : HKLM\SOFTWARE\595288d1e738ef40
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3239904
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3287768
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110111991162}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\wnlt
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\InfoAtoms
Key Deleted : HKLM\Software\Supreme Savings
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\Uniblue\DriverScanner
Key Deleted : HKLM\Software\wnlt
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InfoAtoms
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wnlt
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\InfoAtoms
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16506
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
 
-\\ Google Chrome v29.0.1547.76
 
[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : homepage
 
*************************
 
AdwCleaner[R0].txt - [10180 octets] - [01/10/2013 00:35:57]
AdwCleaner[S0].txt - [9957 octets] - [01/10/2013 00:44:53]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10017 octets] ##########
 


#6 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:02:07 PM

Posted 02 October 2013 - 06:08 AM

ESET results:

 

 

C:\AdwCleaner\Quarantine\C\Program Files\DomaIQ Uninstaller\DomaIQUninstall.exe.vir probably a variant of MSIL/DomaIQ.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooLayers.crx.vir JS/Adware.Yontoo.B application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\back.js.vir JS/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Windows\system32\ARFC\wrtc.exe.vir a variant of Win32/Toolbar.Perion.G application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Windows\system32\jmdp\SweetNT.crx.vir Win32/SweetIM.E application deleted - quarantined
C:\Program Files\FriendsChecker\Chrome\common.crx Win32/ExFriendAlert.A application deleted - quarantined
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.5.54248_0\plugin\gc_getcid.dll Win32/ExFriendAlert.A application cleaned by deleting - quarantined
C:\Users\Owner\AppData\Local\Temp\DM\seFtNGJNVPgsJ7v\software\FlashPlayer.exe Win32/DomaIQ.M application cleaned by deleting - quarantined
C:\Users\Owner\AppData\Local\Temp\DM\seFtNGJNVPgsJ7v\software\speedupmypc.exe multiple threats cleaned by deleting - quarantined
C:\Users\Owner\AppData\Local\Temp\nsa1640.tmp\ConduitMsTimestamp.dll Win32/Conduit.SearchProtect.A application cleaned by deleting - quarantined
C:\Users\Owner\Downloads\AA_v3 (1).exe a variant of Win32/RemoteAdmin.Ammyy.B application cleaned by deleting - quarantined
C:\Users\Owner\Downloads\AA_v3 (2).exe a variant of Win32/RemoteAdmin.Ammyy.B application cleaned by deleting - quarantined
C:\Users\Owner\Downloads\AA_v3 (3).exe a variant of Win32/RemoteAdmin.Ammyy.B application cleaned by deleting - quarantined
C:\Users\Owner\Downloads\AA_v3 (4).exe a variant of Win32/RemoteAdmin.Ammyy.B application cleaned by deleting - quarantined
C:\Users\Owner\Downloads\AA_v3 (5).exe a variant of Win32/RemoteAdmin.Ammyy.B application cleaned by deleting - quarantined
C:\Users\Owner\Downloads\AA_v3.exe a variant of Win32/RemoteAdmin.Ammyy.B application cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\54NZC4DW\update[1] multiple threats cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U7A16JNN\update[1] multiple threats cleaned by deleting - quarantined
C:\Windows\Temp\INJ001\ExtensionUpdate.exe multiple threats cleaned by deleting - quarantined
C:\Windows\Temp\INJ002\ExtensionUpdate.exe multiple threats cleaned by deleting - quarantined


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:07 PM

Posted 02 October 2013 - 09:28 AM

Looking good. Reboot after ESET scan.

These need to be removed and updated.

Adobe Reader 9 (Version: 9.0.0)
Java 7 Update 21 (Version: 7.0.210)
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:02:07 PM

Posted 02 October 2013 - 09:16 PM

Done, anything else?



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:07 PM

Posted 02 October 2013 - 09:45 PM

Finally Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can re-infect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup
  • to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically. Vista and Windows 7 users can refer to these links:
  • Create a New Restore Point in Vista
  • Create a New Restore Point in Windows 7 (alternate method)
  • Disk Cleanup in Vista
  • Disk Cleanup in Windows 7
  • ◾Reboot and see how it is.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:02:07 PM

Posted 03 October 2013 - 07:56 AM

Done and it's running pretty good at this point.  Think it's all set?



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:07 PM

Posted 03 October 2013 - 08:28 PM

You're good to go!


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:02:07 PM

Posted 03 October 2013 - 08:30 PM

Thanks for all of your help!!


Is there anywhere I can go to learn how to use some of the tools that you offer on your site?  Like MiniToolbox for a specific example.



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:07 PM

Posted 03 October 2013 - 08:49 PM

You're welcome.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users