Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Sendori hijacking my search bar


  • Please log in to reply
18 replies to this topic

#1 xingxang

xingxang

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 30 December 2013 - 10:33 PM

Hello.  My wife tried to download and install some software without my help and ended up getting infected (I think) with various programs- Optimizer Pro, Search Smart, and Spring Start among them. 

I ran MalwareBytes (free version) to try to clean up the problems, and it seemed to remove the aforementioned programs, but now when I try to use the google search bar in my browser (Firefox 26.0), I get redirected to sendori.com 

 

So I think I may be in over my head, and before trying anything else on my own I thought I'd seek professional help, so here I am.

 

Any help would be greatly appreciated.

 

Here is the start of the malwarebytes log (i can post the whole thing if you want):

 

www.malwarebytes.org

Database version: v2013.12.30.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:55 AM

Posted 31 December 2013 - 12:09 AM

Hello xingxang

Do this next.. Run Rkill and Rerun Malwarebytes, post both logs

Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.
Run MBAM


Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 xingxang

xingxang
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 01 January 2014 - 03:14 PM

RKill log:

 

Rkill 2.6.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/01/2014 03:10:38 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\Christopher\AppData\Roaming\Google\Google Talk\googletalk.exe (PID: 4552) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
 C:\Users\Christopher\Desktop\rkill\rkill-01-01-2014-03-10-46.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 01/01/2014 03:13:33 PM
Execution time: 0 hours(s), 2 minute(s), and 55 seconds(s)
 



#4 xingxang

xingxang
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 01 January 2014 - 03:29 PM

(Happy New Year, by the way)

 

MBAM Log:

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.01.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Christopher :: LENOVOY550 [administrator]

Protection: Enabled

1/1/2014 3:16:59 PM
mbam-log-2014-01-01 (15-16-59).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 299230
Time elapsed: 10 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 



#5 xingxang

xingxang
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 01 January 2014 - 03:37 PM

TDSSKiller log:

 

15:34:24.0620 0x20f8  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
15:34:52.0482 0x20f8  ============================================================
15:34:52.0482 0x20f8  Current date / time: 2014/01/01 15:34:52.0482
15:34:52.0482 0x20f8  SystemInfo:
15:34:52.0482 0x20f8  
15:34:52.0482 0x20f8  OS Version: 6.1.7601 ServicePack: 1.0
15:34:52.0482 0x20f8  Product type: Workstation
15:34:52.0482 0x20f8  ComputerName: LENOVOY550
15:34:52.0482 0x20f8  UserName: Christopher
15:34:52.0482 0x20f8  Windows directory: C:\windows
15:34:52.0482 0x20f8  System windows directory: C:\windows
15:34:52.0482 0x20f8  Running under WOW64
15:34:52.0482 0x20f8  Processor architecture: Intel x64
15:34:52.0482 0x20f8  Number of processors: 2
15:34:52.0482 0x20f8  Page size: 0x1000
15:34:52.0482 0x20f8  Boot type: Normal boot
15:34:52.0482 0x20f8  ============================================================
15:34:52.0622 0x20f8  KLMD registered as C:\windows\system32\drivers\30499106.sys
15:34:52.0809 0x20f8  System UUID: {565BD69A-FE81-80D4-A4B4-B1D862C30E9C}
15:34:53.0543 0x20f8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:34:53.0543 0x20f8  ============================================================
15:34:53.0543 0x20f8  \Device\Harddisk0\DR0:
15:34:53.0543 0x20f8  MBR partitions:
15:34:53.0543 0x20f8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
15:34:53.0543 0x20f8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x34920980
15:34:53.0574 0x20f8  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x34985980, BlocksNum 0x3C7E000
15:34:53.0574 0x20f8  ============================================================
15:34:53.0605 0x20f8  C: <-> \Device\Harddisk0\DR0\Partition2
15:34:53.0636 0x20f8  D: <-> \Device\Harddisk0\DR0\Partition3
15:34:53.0636 0x20f8  ============================================================
15:34:53.0636 0x20f8  Initialize success
15:34:53.0636 0x20f8  ============================================================
15:34:57.0848 0x0b0c  ============================================================
15:34:57.0848 0x0b0c  Scan started
15:34:57.0848 0x0b0c  Mode: Manual;
15:34:57.0848 0x0b0c  ============================================================
15:34:57.0848 0x0b0c  KSN ping started
15:35:00.0781 0x0b0c  KSN ping finished: true
15:35:01.0046 0x0b0c  ================ Scan system memory ========================
15:35:01.0046 0x0b0c  System memory - ok
15:35:01.0046 0x0b0c  ================ Scan services =============================
15:35:01.0202 0x0b0c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
15:35:01.0202 0x0b0c  1394ohci - ok
15:35:01.0265 0x0b0c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
15:35:01.0280 0x0b0c  ACPI - ok
15:35:01.0343 0x0b0c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
15:35:01.0343 0x0b0c  AcpiPmi - ok
15:35:01.0374 0x0b0c  [ 2E68544BCE94DE6677F700CF1D582B6D, D2DF57D25582B86AF1AFD50C80DCCB1E3B33F2844906EC427121A159C60316AF ] ACPIVPC         C:\windows\system32\DRIVERS\AcpiVpc.sys
15:35:01.0374 0x0b0c  ACPIVPC - ok
15:35:01.0499 0x0b0c  [ 3927397AC60D943DAF8808AFFED582B7, 2688254085C219E8CA9C5494ABDAD8FAE52533CEF7FA3C152715E0B78D591BCF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:35:01.0499 0x0b0c  AdobeARMservice - ok
15:35:01.0639 0x0b0c  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:35:01.0639 0x0b0c  AdobeFlashPlayerUpdateSvc - ok
15:35:01.0717 0x0b0c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
15:35:01.0748 0x0b0c  adp94xx - ok
15:35:01.0795 0x0b0c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
15:35:01.0826 0x0b0c  adpahci - ok
15:35:01.0873 0x0b0c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
15:35:01.0873 0x0b0c  adpu320 - ok
15:35:01.0920 0x0b0c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
15:35:01.0935 0x0b0c  AeLookupSvc - ok
15:35:02.0013 0x0b0c  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\windows\system32\drivers\afd.sys
15:35:02.0029 0x0b0c  AFD - ok
15:35:02.0076 0x0b0c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
15:35:02.0076 0x0b0c  agp440 - ok
15:35:02.0091 0x0b0c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
15:35:02.0091 0x0b0c  ALG - ok
15:35:02.0138 0x0b0c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
15:35:02.0138 0x0b0c  aliide - ok
15:35:02.0185 0x0b0c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
15:35:02.0185 0x0b0c  amdide - ok
15:35:02.0216 0x0b0c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
15:35:02.0216 0x0b0c  AmdK8 - ok
15:35:02.0247 0x0b0c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
15:35:02.0247 0x0b0c  AmdPPM - ok
15:35:02.0294 0x0b0c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
15:35:02.0310 0x0b0c  amdsata - ok
15:35:02.0357 0x0b0c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
15:35:02.0357 0x0b0c  amdsbs - ok
15:35:02.0372 0x0b0c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
15:35:02.0372 0x0b0c  amdxata - ok
15:35:02.0435 0x0b0c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\windows\system32\drivers\appid.sys
15:35:02.0435 0x0b0c  AppID - ok
15:35:02.0450 0x0b0c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\windows\System32\appidsvc.dll
15:35:02.0450 0x0b0c  AppIDSvc - ok
15:35:02.0528 0x0b0c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll
15:35:02.0528 0x0b0c  Appinfo - ok
15:35:02.0622 0x0b0c  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:35:02.0622 0x0b0c  Apple Mobile Device - ok
15:35:02.0700 0x0b0c  [ F522D5FFE47200FED198873969FEAB7E, D2B32B868CD65364E41B1CD6BB90C2776D15672E9B5F1D335A54996EE564DAFD ] Application Sendori C:\Program Files (x86)\Sendori\SendoriSvc.exe
15:35:02.0700 0x0b0c  Application Sendori - ok
15:35:02.0747 0x0b0c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\DRIVERS\arc.sys
15:35:02.0747 0x0b0c  arc - ok
15:35:02.0762 0x0b0c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
15:35:02.0778 0x0b0c  arcsas - ok
15:35:02.0793 0x0b0c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
15:35:02.0793 0x0b0c  AsyncMac - ok
15:35:02.0840 0x0b0c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
15:35:02.0856 0x0b0c  atapi - ok
15:35:02.0903 0x0b0c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
15:35:02.0949 0x0b0c  AudioEndpointBuilder - ok
15:35:02.0981 0x0b0c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\windows\System32\Audiosrv.dll
15:35:02.0996 0x0b0c  AudioSrv - ok
15:35:03.0090 0x0b0c  [ 27CA53E91543B800E16129BCEC3247AD, D13DAF369EDEC383377A7FCE4AA997F8EA6740D18819BBEBAEC0C09C41F700B8 ] Avgdiska        C:\windows\system32\DRIVERS\avgdiska.sys
15:35:03.0090 0x0b0c  Avgdiska - ok
15:35:03.0293 0x0b0c  [ F89B2DACE0FBE54CF65D12B7081C19C3, 64BBA5A29948ABFADB8865CE0D7D0259AB291B8DA04786AB351055D57B49D439 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
15:35:03.0449 0x0b0c  AVGIDSAgent - ok
15:35:03.0573 0x0b0c  [ 57250DDDE2523115D0927DBBA745F9FA, 0560733DBECC074016532ABCF2B2428DBA689A9B930993E7544A2D50B0DCAFA9 ] AVGIDSDriver    C:\windows\system32\DRIVERS\avgidsdrivera.sys
15:35:03.0589 0x0b0c  AVGIDSDriver - ok
15:35:03.0651 0x0b0c  [ 19AD820FC44AA71EDD1BC70B6E3F36B0, 997CA09273476881E4F824803B769BF3B67CC5ADAE8B99EBBD7A72C2205C3153 ] AVGIDSHA        C:\windows\system32\DRIVERS\avgidsha.sys
15:35:03.0651 0x0b0c  AVGIDSHA - ok
15:35:03.0714 0x0b0c  [ 4BE8BB177B4C2BC3564845EF6D1073F1, 4ACA54EA54F5ABA96A73BD83C0C5A83C37090FEB7CBE67AE94E9CD3E364931C8 ] Avgldx64        C:\windows\system32\DRIVERS\avgldx64.sys
15:35:03.0714 0x0b0c  Avgldx64 - ok
15:35:03.0761 0x0b0c  [ D3772CC086FB81F76B5A82C85E1C7C8E, B1BEFD7AC658F28AECEF5468F5815504BDDC8A4203207B6F0CA53C5B216F782D ] Avgloga         C:\windows\system32\DRIVERS\avgloga.sys
15:35:03.0776 0x0b0c  Avgloga - ok
15:35:03.0823 0x0b0c  [ A0BCE5DC2C1F1EE5C1CA19A33375AC23, 517663AEDD7A45607E17910DE60B2847E521472F9C0AB56034617BE2F351DE8D ] Avgmfx64        C:\windows\system32\DRIVERS\avgmfx64.sys
15:35:03.0823 0x0b0c  Avgmfx64 - ok
15:35:03.0854 0x0b0c  [ 12FAAF366975B2BF2E93F1866C0E480D, 559480A1434E6805CF4F3DB5352E98387053194BB7B0DB18099B53D306D9951D ] Avgrkx64        C:\windows\system32\DRIVERS\avgrkx64.sys
15:35:03.0854 0x0b0c  Avgrkx64 - ok
15:35:03.0917 0x0b0c  [ 4E364FABBD147F59E5D524C9EA86D772, 5D2B1E35EDBF68C23C5BF38B8B7AC484E3430219E0072C4831F58A9E8386A5FD ] Avgtdia         C:\windows\system32\DRIVERS\avgtdia.sys
15:35:03.0932 0x0b0c  Avgtdia - ok
15:35:03.0995 0x0b0c  [ A1F53D2A00E64679A1D81B61D2333D06, 41D4F252693A2382A1C1FB85A49DF5AAB5B21620DC09A0E1A7F66A437E3A0B3B ] avgtp           C:\windows\system32\drivers\avgtpx64.sys
15:35:03.0995 0x0b0c  avgtp - ok
15:35:04.0041 0x0b0c  [ B747B6BB015E552F49C634BB19540F3D, 5000AD41BD101BC06D595484B6E58DEEBB962939ACF4B24DE515771D1C4AE3ED ] avgwd           C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
15:35:04.0088 0x0b0c  avgwd - ok
15:35:04.0135 0x0b0c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
15:35:04.0135 0x0b0c  AxInstSV - ok
15:35:04.0182 0x0b0c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\DRIVERS\bxvbda.sys
15:35:04.0197 0x0b0c  b06bdrv - ok
15:35:04.0244 0x0b0c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
15:35:04.0275 0x0b0c  b57nd60a - ok
15:35:04.0400 0x0b0c  [ 369C1928C9BBED65C9E347448BD376B0, FFADEEBD2A24EB2C362958FAE467F7B319D9AE1EE9B5724CDB6B70FBE31E6EE8 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe
15:35:04.0431 0x0b0c  BBSvc - ok
15:35:04.0463 0x0b0c  [ 54949AFAC5CE6FA2E4D7846D4362BAB3, 1C7025FF250023991BB719C5E03C9F9EB861E08F3B11DFB2AFDC83A81F6A39DD ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
15:35:04.0478 0x0b0c  BBUpdate - ok
15:35:04.0541 0x0b0c  [ 6163664C7E9CD110AF70180C126C3FDC, 9A801295CDE2BDE4EE0E96C610E4C01F6915DBDA2104D0E8873AFF1BC34A0FA1 ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
15:35:04.0541 0x0b0c  BcmSqlStartupSvc - ok
15:35:04.0572 0x0b0c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
15:35:04.0572 0x0b0c  BDESVC - ok
15:35:04.0603 0x0b0c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
15:35:04.0603 0x0b0c  Beep - ok
15:35:04.0681 0x0b0c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
15:35:04.0728 0x0b0c  BFE - ok
15:35:04.0790 0x0b0c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
15:35:04.0853 0x0b0c  BITS - ok
15:35:04.0899 0x0b0c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
15:35:04.0899 0x0b0c  blbdrive - ok
15:35:05.0009 0x0b0c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:35:05.0024 0x0b0c  Bonjour Service - ok
15:35:05.0087 0x0b0c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
15:35:05.0087 0x0b0c  bowser - ok
15:35:05.0118 0x0b0c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
15:35:05.0118 0x0b0c  BrFiltLo - ok
15:35:05.0133 0x0b0c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
15:35:05.0133 0x0b0c  BrFiltUp - ok
15:35:05.0180 0x0b0c  [ 34F786535F9245E4028C57B28248C9D8, 95CB2B765BF4388A9204A8A974DCFF431CBC26E7274937386720514FF23871CB ] Bridge0         C:\windows\system32\drivers\WDBridge.sys
15:35:05.0180 0x0b0c  Bridge0 - ok
15:35:05.0227 0x0b0c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
15:35:05.0227 0x0b0c  Browser - ok
15:35:05.0289 0x0b0c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
15:35:05.0305 0x0b0c  Brserid - ok
15:35:05.0352 0x0b0c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
15:35:05.0352 0x0b0c  BrSerWdm - ok
15:35:05.0383 0x0b0c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
15:35:05.0383 0x0b0c  BrUsbMdm - ok
15:35:05.0383 0x0b0c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
15:35:05.0383 0x0b0c  BrUsbSer - ok
15:35:05.0445 0x0b0c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
15:35:05.0445 0x0b0c  BthEnum - ok
15:35:05.0477 0x0b0c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
15:35:05.0477 0x0b0c  BTHMODEM - ok
15:35:05.0492 0x0b0c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
15:35:05.0492 0x0b0c  BthPan - ok
15:35:05.0555 0x0b0c  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
15:35:05.0586 0x0b0c  BTHPORT - ok
15:35:05.0617 0x0b0c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
15:35:05.0617 0x0b0c  bthserv - ok
15:35:05.0648 0x0b0c  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
15:35:05.0648 0x0b0c  BTHUSB - ok
15:35:05.0695 0x0b0c  [ 2641A3FE3D7B0646308F33B67F3B5300, 8D2E37F6524D10197D36AAE41F59028B3DF0692A113EA342BB1AC36DEA13D8F6 ] btusbflt        C:\windows\system32\drivers\btusbflt.sys
15:35:05.0695 0x0b0c  btusbflt - ok
15:35:05.0742 0x0b0c  [ 6BCFDC2B5B7F66D484486D4BD4B39A6B, 2A2039DD524E989EA91B7C91D5F295C663D1E27ABD64777D2F3137EB1C42C258 ] btwaudio        C:\windows\system32\drivers\btwaudio.sys
15:35:05.0742 0x0b0c  btwaudio - ok
15:35:05.0789 0x0b0c  [ 82DC8B7C626E526681C1BEBED2BC3FF9, 58260E88CDD7388ABA563F9B8F2F3FA17022DB9E4C56EBA0761E99B919A8EAF8 ] btwavdt         C:\windows\system32\DRIVERS\btwavdt.sys
15:35:05.0804 0x0b0c  btwavdt - ok
15:35:05.0898 0x0b0c  [ D65AA164ACD0F6706DBCFBBCC9731584, BC6E421E75CFF765D9152A8BAA847122DA1CA85A7CFDC8BE2082AD6CF1A2C7A9 ] btwdins         C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
15:35:05.0945 0x0b0c  btwdins - ok
15:35:06.0007 0x0b0c  [ 6149301DC3F81D6F9667A3FBAC410975, 120E201AFB07054C7F6321461D194843C695012431DBD791E36BBF73FDD41E8A ] btwl2cap        C:\windows\system32\DRIVERS\btwl2cap.sys
15:35:06.0007 0x0b0c  btwl2cap - ok
15:35:06.0038 0x0b0c  [ 28E105AD3B79F440BF94780F507BF66A, EF4E6CCAB16765E2C88666625C13CB3299B668159A94CB201E3B44701A30640A ] btwrchid        C:\windows\system32\DRIVERS\btwrchid.sys
15:35:06.0038 0x0b0c  btwrchid - ok
15:35:06.0069 0x0b0c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
15:35:06.0069 0x0b0c  cdfs - ok
15:35:06.0132 0x0b0c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\drivers\cdrom.sys
15:35:06.0147 0x0b0c  cdrom - ok
15:35:06.0194 0x0b0c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
15:35:06.0194 0x0b0c  CertPropSvc - ok
15:35:06.0241 0x0b0c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
15:35:06.0241 0x0b0c  circlass - ok
15:35:06.0272 0x0b0c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys
15:35:06.0288 0x0b0c  CLFS - ok
15:35:06.0366 0x0b0c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:35:06.0366 0x0b0c  clr_optimization_v2.0.50727_32 - ok
15:35:06.0413 0x0b0c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:35:06.0413 0x0b0c  clr_optimization_v2.0.50727_64 - ok
15:35:06.0475 0x0b0c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:35:06.0491 0x0b0c  clr_optimization_v4.0.30319_32 - ok
15:35:06.0537 0x0b0c  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:35:06.0553 0x0b0c  clr_optimization_v4.0.30319_64 - ok
15:35:06.0584 0x0b0c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
15:35:06.0584 0x0b0c  CmBatt - ok
15:35:06.0631 0x0b0c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
15:35:06.0631 0x0b0c  cmdide - ok
15:35:06.0678 0x0b0c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\windows\system32\Drivers\cng.sys
15:35:06.0709 0x0b0c  CNG - ok
15:35:06.0740 0x0b0c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
15:35:06.0740 0x0b0c  Compbatt - ok
15:35:06.0787 0x0b0c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
15:35:06.0787 0x0b0c  CompositeBus - ok
15:35:06.0803 0x0b0c  COMSysApp - ok
15:35:06.0834 0x0b0c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
15:35:06.0834 0x0b0c  crcdisk - ok
15:35:06.0881 0x0b0c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\windows\system32\cryptsvc.dll
15:35:06.0896 0x0b0c  CryptSvc - ok
15:35:06.0927 0x0b0c  [ 88123E5A5572405DF6FE56E4A2A95BD4, F24BD9B54E1758942468C9280F1285091DE7EBE8BC2FAC8AFB98B62C1C8C1F5E ] dc3d            C:\windows\system32\DRIVERS\dc3d.sys
15:35:06.0927 0x0b0c  dc3d - ok
15:35:06.0990 0x0b0c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
15:35:07.0005 0x0b0c  DcomLaunch - ok
15:35:07.0099 0x0b0c  [ 696C496DDAB0A608D02894E9D4F62980, 0669C27119088B78E58F602A914B1F5DC197B02B0B113EC36ED075EDF6651A89 ] DDNIMSGService  C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
15:35:07.0099 0x0b0c  DDNIMSGService - ok
15:35:07.0146 0x0b0c  [ A767A85632556477021D43259397B21A, B9E6A04FA6F3141A7E130AB95987E17D1FFB5758F224CB8AD5CFB7D8A04FB5C4 ] DDNIService     C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe
15:35:07.0161 0x0b0c  DDNIService - ok
15:35:07.0193 0x0b0c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
15:35:07.0208 0x0b0c  defragsvc - ok
15:35:07.0255 0x0b0c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
15:35:07.0255 0x0b0c  DfsC - ok
15:35:07.0317 0x0b0c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
15:35:07.0333 0x0b0c  Dhcp - ok
15:35:07.0380 0x0b0c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
15:35:07.0380 0x0b0c  discache - ok
15:35:07.0427 0x0b0c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\DRIVERS\disk.sys
15:35:07.0427 0x0b0c  Disk - ok
15:35:07.0473 0x0b0c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
15:35:07.0473 0x0b0c  Dnscache - ok
15:35:07.0536 0x0b0c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
15:35:07.0551 0x0b0c  dot3svc - ok
15:35:07.0598 0x0b0c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
15:35:07.0598 0x0b0c  DPS - ok
15:35:07.0661 0x0b0c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
15:35:07.0661 0x0b0c  drmkaud - ok
15:35:07.0723 0x0b0c  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
15:35:07.0785 0x0b0c  DXGKrnl - ok
15:35:07.0817 0x0b0c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
15:35:07.0817 0x0b0c  EapHost - ok
15:35:07.0973 0x0b0c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\DRIVERS\evbda.sys
15:35:08.0082 0x0b0c  ebdrv - ok
15:35:08.0129 0x0b0c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\windows\System32\lsass.exe
15:35:08.0129 0x0b0c  EFS - ok
15:35:08.0222 0x0b0c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
15:35:08.0269 0x0b0c  ehRecvr - ok
15:35:08.0300 0x0b0c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
15:35:08.0300 0x0b0c  ehSched - ok
15:35:08.0363 0x0b0c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
15:35:08.0394 0x0b0c  elxstor - ok
15:35:08.0425 0x0b0c  [ 524C79054636D2E5751169005006460B, 1EBA5972E13C5BB07BBD94D6647B86469B4910F60A3C8BDDC6BB5736EF99C9C3 ] enecir          C:\windows\system32\DRIVERS\enecir.sys
15:35:08.0425 0x0b0c  enecir - ok
15:35:08.0441 0x0b0c  [ E17EB95358F396E27D573A1B20F891F8, 23D12C2AC2CF7D3441632F1BAF43E9C7554DD9A85F2B08253710DE3C7555B540 ] enecirhid       C:\windows\system32\DRIVERS\enecirhid.sys
15:35:08.0441 0x0b0c  enecirhid - ok
15:35:08.0472 0x0b0c  [ 8492D808C79BD6FE439F77BE84956CDF, 8B2D14C5A7FFA72144E1113B4DDAD7F1258F707442EDE0E4EF3CBB72886EFE8E ] enecirhidma     C:\windows\system32\DRIVERS\enecirhidma.sys
15:35:08.0487 0x0b0c  enecirhidma - ok
15:35:08.0519 0x0b0c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
15:35:08.0519 0x0b0c  ErrDev - ok
15:35:08.0581 0x0b0c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
15:35:08.0612 0x0b0c  EventSystem - ok
15:35:08.0628 0x0b0c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
15:35:08.0643 0x0b0c  exfat - ok
15:35:08.0675 0x0b0c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
15:35:08.0690 0x0b0c  fastfat - ok
15:35:08.0737 0x0b0c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
15:35:08.0768 0x0b0c  Fax - ok
15:35:08.0784 0x0b0c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\DRIVERS\fdc.sys
15:35:08.0784 0x0b0c  fdc - ok
15:35:08.0815 0x0b0c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
15:35:08.0815 0x0b0c  fdPHost - ok
15:35:08.0815 0x0b0c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
15:35:08.0815 0x0b0c  FDResPub - ok
15:35:08.0831 0x0b0c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
15:35:08.0831 0x0b0c  FileInfo - ok
15:35:08.0846 0x0b0c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
15:35:08.0846 0x0b0c  Filetrace - ok
15:35:08.0877 0x0b0c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
15:35:08.0877 0x0b0c  flpydisk - ok
15:35:08.0909 0x0b0c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
15:35:08.0940 0x0b0c  FltMgr - ok
15:35:09.0033 0x0b0c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\windows\system32\FntCache.dll
15:35:09.0096 0x0b0c  FontCache - ok
15:35:09.0158 0x0b0c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:35:09.0158 0x0b0c  FontCache3.0.0.0 - ok
15:35:09.0189 0x0b0c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
15:35:09.0189 0x0b0c  FsDepends - ok
15:35:09.0236 0x0b0c  [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr         C:\windows\system32\DRIVERS\fssfltr.sys
15:35:09.0236 0x0b0c  fssfltr - ok
15:35:09.0314 0x0b0c  [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:35:09.0392 0x0b0c  fsssvc - ok
15:35:09.0423 0x0b0c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
15:35:09.0423 0x0b0c  Fs_Rec - ok
15:35:09.0486 0x0b0c  [ 6CCF66BCA3D24146CB8B0930DBA1448F, 89BAD905F7836D8606A734D8582A42566F9D36DAD04FEF87D5C5BFD7C4508EFB ] funfrm          C:\windows\system32\drivers\funfrm.sys
15:35:09.0486 0x0b0c  funfrm - ok
15:35:09.0533 0x0b0c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
15:35:09.0548 0x0b0c  fvevol - ok
15:35:09.0579 0x0b0c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
15:35:09.0579 0x0b0c  gagp30kx - ok
15:35:09.0626 0x0b0c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
15:35:09.0626 0x0b0c  GEARAspiWDM - ok
15:35:09.0689 0x0b0c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
15:35:09.0735 0x0b0c  gpsvc - ok
15:35:09.0813 0x0b0c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:35:09.0829 0x0b0c  gupdate - ok
15:35:09.0860 0x0b0c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:35:09.0860 0x0b0c  gupdatem - ok
15:35:09.0907 0x0b0c  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:35:09.0907 0x0b0c  gusvc - ok
15:35:09.0938 0x0b0c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
15:35:09.0938 0x0b0c  hcw85cir - ok
15:35:10.0001 0x0b0c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
15:35:10.0032 0x0b0c  HdAudAddService - ok
15:35:10.0063 0x0b0c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
15:35:10.0063 0x0b0c  HDAudBus - ok
15:35:10.0094 0x0b0c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
15:35:10.0094 0x0b0c  HidBatt - ok
15:35:10.0110 0x0b0c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
15:35:10.0110 0x0b0c  HidBth - ok
15:35:10.0157 0x0b0c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
15:35:10.0157 0x0b0c  HidIr - ok
15:35:10.0188 0x0b0c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
15:35:10.0188 0x0b0c  hidserv - ok
15:35:10.0219 0x0b0c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\drivers\hidusb.sys
15:35:10.0219 0x0b0c  HidUsb - ok
15:35:10.0266 0x0b0c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
15:35:10.0266 0x0b0c  hkmsvc - ok
15:35:10.0313 0x0b0c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
15:35:10.0328 0x0b0c  HomeGroupListener - ok
15:35:10.0375 0x0b0c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
15:35:10.0391 0x0b0c  HomeGroupProvider - ok
15:35:10.0422 0x0b0c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
15:35:10.0422 0x0b0c  HpSAMD - ok
15:35:10.0484 0x0b0c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys
15:35:10.0515 0x0b0c  HTTP - ok
15:35:10.0562 0x0b0c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
15:35:10.0562 0x0b0c  hwpolicy - ok
15:35:10.0609 0x0b0c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
15:35:10.0609 0x0b0c  i8042prt - ok
15:35:10.0671 0x0b0c  [ 0E899D0DB39617AA0B2F992E7E95B5EB, 214AA4A0F298BB97C9DC6CB0496D566519C45C1092CE2C5BF92E5FFB8E4B6FA3 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
15:35:10.0687 0x0b0c  IAANTMON - ok
15:35:10.0703 0x0b0c  [ BBB3B6DF1ABB0FE35802EDE85CC1C011, 6E1FA8519A7D417969244E807D2863B39656169A925966045036A989A5EB611D ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
15:35:10.0718 0x0b0c  iaStor - ok
15:35:10.0749 0x0b0c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
15:35:10.0781 0x0b0c  iaStorV - ok
15:35:10.0874 0x0b0c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:35:10.0905 0x0b0c  idsvc - ok
15:35:10.0952 0x0b0c  IEEtwCollectorService - ok
15:35:11.0171 0x0b0c  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
15:35:11.0436 0x0b0c  igfx - ok
15:35:11.0545 0x0b0c  [ D951D20153E51928F9DB2227D6FF5C7A, 8D49F3D85452C65D5188C9516E89631E718A07E34176CF6FA0B1E02D8C18ABDB ] IGRS            C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
15:35:11.0545 0x0b0c  IGRS - ok
15:35:11.0561 0x0b0c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
15:35:11.0561 0x0b0c  iirsp - ok
15:35:11.0623 0x0b0c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
15:35:11.0685 0x0b0c  IKEEXT - ok
15:35:11.0795 0x0b0c  [ BEA724F57B1525883B72856FB8CAA410, 6CA5B6CEC17C95A065242FFD7BAFCBF07DB2A561FCFEDB01A157B09F5D15BC05 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
15:35:11.0873 0x0b0c  IntcAzAudAddService - ok
15:35:11.0919 0x0b0c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
15:35:11.0919 0x0b0c  intelide - ok
15:35:11.0966 0x0b0c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
15:35:11.0966 0x0b0c  intelppm - ok
15:35:11.0997 0x0b0c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
15:35:11.0997 0x0b0c  IPBusEnum - ok
15:35:12.0029 0x0b0c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
15:35:12.0029 0x0b0c  IpFilterDriver - ok
15:35:12.0091 0x0b0c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
15:35:12.0122 0x0b0c  iphlpsvc - ok
15:35:12.0153 0x0b0c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
15:35:12.0169 0x0b0c  IPMIDRV - ok
15:35:12.0185 0x0b0c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
15:35:12.0185 0x0b0c  IPNAT - ok
15:35:12.0263 0x0b0c  [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:35:12.0263 0x0b0c  iPod Service - ok
15:35:12.0294 0x0b0c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
15:35:12.0309 0x0b0c  IRENUM - ok
15:35:12.0309 0x0b0c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
15:35:12.0325 0x0b0c  isapnp - ok
15:35:12.0356 0x0b0c  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
15:35:12.0372 0x0b0c  iScsiPrt - ok
15:35:12.0419 0x0b0c  [ 08DD34F74D65E1C8F238565570952630, CD58D4A05AE191A60FC4A1D6D11EF86885A600F42607BFD57895F8611A1F7A23 ] k57nd60a        C:\windows\system32\DRIVERS\k57nd60a.sys
15:35:12.0434 0x0b0c  k57nd60a - ok
15:35:12.0465 0x0b0c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
15:35:12.0465 0x0b0c  kbdclass - ok
15:35:12.0497 0x0b0c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
15:35:12.0497 0x0b0c  kbdhid - ok
15:35:12.0528 0x0b0c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\windows\system32\lsass.exe
15:35:12.0528 0x0b0c  KeyIso - ok
15:35:12.0575 0x0b0c  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
15:35:12.0575 0x0b0c  KSecDD - ok
15:35:12.0590 0x0b0c  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
15:35:12.0590 0x0b0c  KSecPkg - ok
15:35:12.0637 0x0b0c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
15:35:12.0637 0x0b0c  ksthunk - ok
15:35:12.0668 0x0b0c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
15:35:12.0699 0x0b0c  KtmRm - ok
15:35:12.0746 0x0b0c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
15:35:12.0762 0x0b0c  LanmanServer - ok
15:35:12.0793 0x0b0c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
15:35:12.0809 0x0b0c  LanmanWorkstation - ok
15:35:12.0996 0x0b0c  [ 7FCB3EC66361F157BCD5B5C33CE2AC16, F4A96124AE0B4BEB1B7A8F7865B9FE474DD87B9C409681A2DDFAA3AADE562B13 ] Lenovo ReadyComm AppSvc C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
15:35:13.0027 0x0b0c  Lenovo ReadyComm AppSvc - ok
15:35:13.0058 0x0b0c  [ 5287074E79E4BA82510886F684DC5F72, 76C884617FBDEBEE61B33997CA93C2A2B9B902692B84E2D897E56C54833CFD1E ] Lenovo ReadyComm ConnSvc C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
15:35:13.0089 0x0b0c  Lenovo ReadyComm ConnSvc - ok
15:35:13.0121 0x0b0c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
15:35:13.0121 0x0b0c  lltdio - ok
15:35:13.0167 0x0b0c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
15:35:13.0183 0x0b0c  lltdsvc - ok
15:35:13.0199 0x0b0c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
15:35:13.0214 0x0b0c  lmhosts - ok
15:35:13.0245 0x0b0c  [ 16679269303613C4CE7C8FF03413410F, 4DECDD4C07878F30670ADB650EA1591EFFF419C0B629C72A5960158890A28BC7 ] LPCFilter       C:\windows\system32\DRIVERS\LPCFilter.sys
15:35:13.0245 0x0b0c  LPCFilter - ok
15:35:13.0277 0x0b0c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
15:35:13.0277 0x0b0c  LSI_FC - ok
15:35:13.0308 0x0b0c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
15:35:13.0308 0x0b0c  LSI_SAS - ok
15:35:13.0370 0x0b0c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
15:35:13.0370 0x0b0c  LSI_SAS2 - ok
15:35:13.0401 0x0b0c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
15:35:13.0401 0x0b0c  LSI_SCSI - ok
15:35:13.0464 0x0b0c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
15:35:13.0464 0x0b0c  luafv - ok
15:35:13.0511 0x0b0c  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
15:35:13.0511 0x0b0c  MBAMProtector - ok
15:35:13.0604 0x0b0c  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:35:13.0635 0x0b0c  MBAMScheduler - ok
15:35:13.0713 0x0b0c  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:35:13.0776 0x0b0c  MBAMService - ok
15:35:13.0838 0x0b0c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
15:35:13.0838 0x0b0c  Mcx2Svc - ok
15:35:13.0869 0x0b0c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
15:35:13.0869 0x0b0c  megasas - ok
15:35:13.0916 0x0b0c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
15:35:13.0916 0x0b0c  MegaSR - ok
15:35:13.0963 0x0b0c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
15:35:13.0963 0x0b0c  MMCSS - ok
15:35:13.0994 0x0b0c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
15:35:13.0994 0x0b0c  Modem - ok
15:35:14.0025 0x0b0c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
15:35:14.0025 0x0b0c  monitor - ok
15:35:14.0072 0x0b0c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
15:35:14.0072 0x0b0c  mouclass - ok
15:35:14.0103 0x0b0c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
15:35:14.0103 0x0b0c  mouhid - ok
15:35:14.0150 0x0b0c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
15:35:14.0150 0x0b0c  mountmgr - ok
15:35:14.0244 0x0b0c  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:35:14.0244 0x0b0c  MozillaMaintenance - ok
15:35:14.0291 0x0b0c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
15:35:14.0291 0x0b0c  mpio - ok
15:35:14.0337 0x0b0c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
15:35:14.0353 0x0b0c  mpsdrv - ok
15:35:14.0400 0x0b0c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
15:35:14.0447 0x0b0c  MpsSvc - ok
15:35:14.0493 0x0b0c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
15:35:14.0493 0x0b0c  MRxDAV - ok
15:35:14.0540 0x0b0c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
15:35:14.0540 0x0b0c  mrxsmb - ok
15:35:14.0603 0x0b0c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
15:35:14.0618 0x0b0c  mrxsmb10 - ok
15:35:14.0665 0x0b0c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
15:35:14.0665 0x0b0c  mrxsmb20 - ok
15:35:14.0696 0x0b0c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
15:35:14.0712 0x0b0c  msahci - ok
15:35:14.0727 0x0b0c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
15:35:14.0727 0x0b0c  msdsm - ok
15:35:14.0759 0x0b0c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
15:35:14.0759 0x0b0c  MSDTC - ok
15:35:14.0805 0x0b0c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
15:35:14.0805 0x0b0c  Msfs - ok
15:35:14.0821 0x0b0c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
15:35:14.0821 0x0b0c  mshidkmdf - ok
15:35:14.0868 0x0b0c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
15:35:14.0868 0x0b0c  msisadrv - ok
15:35:14.0883 0x0b0c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
15:35:14.0899 0x0b0c  MSiSCSI - ok
15:35:14.0899 0x0b0c  msiserver - ok
15:35:14.0930 0x0b0c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
15:35:14.0930 0x0b0c  MSKSSRV - ok
15:35:14.0946 0x0b0c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
15:35:14.0946 0x0b0c  MSPCLOCK - ok
15:35:14.0977 0x0b0c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
15:35:14.0977 0x0b0c  MSPQM - ok
15:35:15.0024 0x0b0c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
15:35:15.0055 0x0b0c  MsRPC - ok
15:35:15.0086 0x0b0c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
15:35:15.0086 0x0b0c  mssmbios - ok
15:35:15.0133 0x0b0c  MSSQL$MSSMLBIZ - ok
15:35:15.0195 0x0b0c  [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
15:35:15.0195 0x0b0c  MSSQLServerADHelper - ok
15:35:15.0242 0x0b0c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
15:35:15.0242 0x0b0c  MSTEE - ok
15:35:15.0258 0x0b0c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
15:35:15.0258 0x0b0c  MTConfig - ok
15:35:15.0289 0x0b0c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
15:35:15.0289 0x0b0c  Mup - ok
15:35:15.0336 0x0b0c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
15:35:15.0351 0x0b0c  napagent - ok
15:35:15.0429 0x0b0c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
15:35:15.0445 0x0b0c  NativeWifiP - ok
15:35:15.0523 0x0b0c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
15:35:15.0570 0x0b0c  NDIS - ok
15:35:15.0585 0x0b0c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
15:35:15.0585 0x0b0c  NdisCap - ok
15:35:15.0632 0x0b0c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
15:35:15.0632 0x0b0c  NdisTapi - ok
15:35:15.0663 0x0b0c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
15:35:15.0663 0x0b0c  Ndisuio - ok
15:35:15.0710 0x0b0c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
15:35:15.0710 0x0b0c  NdisWan - ok
15:35:15.0757 0x0b0c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
15:35:15.0757 0x0b0c  NDProxy - ok
15:35:15.0773 0x0b0c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
15:35:15.0773 0x0b0c  NetBIOS - ok
15:35:15.0819 0x0b0c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
15:35:15.0819 0x0b0c  NetBT - ok
15:35:15.0913 0x0b0c  [ 40DE9F282262D5CD87DC6091277FE149, 68840F91241481402A5C5D5E7F5D15F696964F9A1D2030B51671CF7EB2804D95 ] NETGEARGenieDaemon C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
15:35:15.0913 0x0b0c  NETGEARGenieDaemon - ok
15:35:15.0929 0x0b0c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\windows\system32\lsass.exe
15:35:15.0929 0x0b0c  Netlogon - ok
15:35:15.0975 0x0b0c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
15:35:16.0007 0x0b0c  Netman - ok
15:35:16.0022 0x0b0c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
15:35:16.0053 0x0b0c  netprofm - ok
15:35:16.0069 0x0b0c  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:35:16.0085 0x0b0c  NetTcpPortSharing - ok
15:35:16.0365 0x0b0c  [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64        C:\windows\system32\DRIVERS\NETw5s64.sys
15:35:16.0693 0x0b0c  NETw5s64 - ok
15:35:16.0943 0x0b0c  [ 705283C02177809CA9FA7CC58A4F1E77, EA723588AA706F3D1E6007B300119AF6A99D1E4FB6B454751F48519191DE26E5 ] netw5v64        C:\windows\system32\DRIVERS\netw5v64.sys
15:35:17.0145 0x0b0c  netw5v64 - ok
15:35:17.0192 0x0b0c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
15:35:17.0192 0x0b0c  nfrd960 - ok
15:35:17.0208 0x0b0c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\windows\System32\nlasvc.dll
15:35:17.0239 0x0b0c  NlaSvc - ok
15:35:17.0317 0x0b0c  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] NPF             C:\windows\system32\drivers\npf.sys
15:35:17.0317 0x0b0c  NPF - ok
15:35:17.0348 0x0b0c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
15:35:17.0348 0x0b0c  Npfs - ok
15:35:17.0379 0x0b0c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
15:35:17.0379 0x0b0c  nsi - ok
15:35:17.0395 0x0b0c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
15:35:17.0395 0x0b0c  nsiproxy - ok
15:35:17.0489 0x0b0c  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
15:35:17.0567 0x0b0c  Ntfs - ok
15:35:17.0629 0x0b0c  [ 317020D31F1696334679B9D0416EB62E, 7A12A86FAD9F3767B8578D5A79B7AE109E3FADC8FD876A8A326FCC70D83D4E7E ] NuidFltr        C:\windows\system32\DRIVERS\NuidFltr.sys
15:35:17.0645 0x0b0c  NuidFltr - ok
15:35:17.0660 0x0b0c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
15:35:17.0660 0x0b0c  Null - ok
15:35:17.0707 0x0b0c  [ AD37248BD442D41C9A896E53EB8A85EE, 9CC50602480544DBD0B873B3444D355CC13CB97EC1BCA97F85668C45DEFE78C1 ] NVHDA           C:\windows\system32\drivers\nvhda64v.sys
15:35:17.0707 0x0b0c  NVHDA - ok
15:35:18.0159 0x0b0c  [ FD39B98FF1BB8ED3848781497E9D02E0, EF078BC65FAF214860C177206793FFA47EB216FCC2F711DB1D63FE584FF18706 ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
15:35:18.0565 0x0b0c  nvlddmkm - ok
15:35:18.0643 0x0b0c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
15:35:18.0643 0x0b0c  nvraid - ok
15:35:18.0674 0x0b0c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
15:35:18.0674 0x0b0c  nvstor - ok
15:35:18.0721 0x0b0c  [ C1668D58547DD0C4A0FBD6AFA20D5890, CF003E17B4DB83B88E3CE3010BE9A970756BB45C4D3500D3F02EBDC92BBC2AF8 ] nvsvc           C:\windows\system32\nvvsvc.exe
15:35:18.0768 0x0b0c  nvsvc - ok
15:35:18.0799 0x0b0c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
15:35:18.0799 0x0b0c  nv_agp - ok
15:35:18.0893 0x0b0c  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:35:18.0924 0x0b0c  odserv - ok
15:35:18.0955 0x0b0c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
15:35:18.0971 0x0b0c  ohci1394 - ok
15:35:19.0002 0x0b0c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:35:19.0002 0x0b0c  ose - ok
15:35:19.0049 0x0b0c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
15:35:19.0064 0x0b0c  p2pimsvc - ok
15:35:19.0095 0x0b0c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
15:35:19.0142 0x0b0c  p2psvc - ok
15:35:19.0173 0x0b0c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\DRIVERS\parport.sys
15:35:19.0173 0x0b0c  Parport - ok
15:35:19.0205 0x0b0c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
15:35:19.0205 0x0b0c  partmgr - ok
15:35:19.0236 0x0b0c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\windows\System32\pcasvc.dll
15:35:19.0236 0x0b0c  PcaSvc - ok
15:35:19.0298 0x0b0c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
15:35:19.0314 0x0b0c  pci - ok
15:35:19.0345 0x0b0c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
15:35:19.0345 0x0b0c  pciide - ok
15:35:19.0376 0x0b0c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
15:35:19.0376 0x0b0c  pcmcia - ok
15:35:19.0423 0x0b0c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
15:35:19.0423 0x0b0c  pcw - ok
15:35:19.0470 0x0b0c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
15:35:19.0517 0x0b0c  PEAUTH - ok
15:35:19.0595 0x0b0c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
15:35:19.0595 0x0b0c  PerfHost - ok
15:35:19.0704 0x0b0c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
15:35:19.0766 0x0b0c  pla - ok
15:35:19.0829 0x0b0c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
15:35:19.0860 0x0b0c  PlugPlay - ok
15:35:19.0875 0x0b0c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
15:35:19.0875 0x0b0c  PNRPAutoReg - ok
15:35:19.0907 0x0b0c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
15:35:19.0907 0x0b0c  PNRPsvc - ok
15:35:19.0953 0x0b0c  [ 34A8FAE065249F85A67A3215FF5ECB34, 913297755C1046BA004E79660B7DA5BBE5E92B96AAA83D78AE3FF379371950D5 ] Point64         C:\windows\system32\DRIVERS\point64.sys
15:35:19.0953 0x0b0c  Point64 - ok
15:35:19.0985 0x0b0c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
15:35:20.0000 0x0b0c  PolicyAgent - ok
15:35:20.0047 0x0b0c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
15:35:20.0047 0x0b0c  Power - ok
15:35:20.0094 0x0b0c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
15:35:20.0094 0x0b0c  PptpMiniport - ok
15:35:20.0125 0x0b0c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\DRIVERS\processr.sys
15:35:20.0125 0x0b0c  Processor - ok
15:35:20.0172 0x0b0c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\windows\system32\profsvc.dll
15:35:20.0172 0x0b0c  ProfSvc - ok
15:35:20.0203 0x0b0c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\windows\system32\lsass.exe
15:35:20.0203 0x0b0c  ProtectedStorage - ok
15:35:20.0250 0x0b0c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
15:35:20.0265 0x0b0c  Psched - ok
15:35:20.0265 0x0b0c  PS_MDP - ok
15:35:20.0359 0x0b0c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
15:35:20.0406 0x0b0c  ql2300 - ok
15:35:20.0437 0x0b0c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
15:35:20.0437 0x0b0c  ql40xx - ok
15:35:20.0468 0x0b0c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
15:35:20.0484 0x0b0c  QWAVE - ok
15:35:20.0499 0x0b0c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
15:35:20.0499 0x0b0c  QWAVEdrv - ok
15:35:20.0515 0x0b0c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
15:35:20.0515 0x0b0c  RasAcd - ok
15:35:20.0546 0x0b0c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
15:35:20.0546 0x0b0c  RasAgileVpn - ok
15:35:20.0562 0x0b0c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
15:35:20.0577 0x0b0c  RasAuto - ok
15:35:20.0609 0x0b0c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
15:35:20.0624 0x0b0c  Rasl2tp - ok
15:35:20.0655 0x0b0c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
15:35:20.0687 0x0b0c  RasMan - ok
15:35:20.0718 0x0b0c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
15:35:20.0718 0x0b0c  RasPppoe - ok
15:35:20.0749 0x0b0c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
15:35:20.0749 0x0b0c  RasSstp - ok
15:35:20.0796 0x0b0c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
15:35:20.0811 0x0b0c  rdbss - ok
15:35:20.0827 0x0b0c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
15:35:20.0827 0x0b0c  rdpbus - ok
15:35:20.0843 0x0b0c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
15:35:20.0843 0x0b0c  RDPCDD - ok
15:35:20.0874 0x0b0c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
15:35:20.0874 0x0b0c  RDPENCDD - ok
15:35:20.0889 0x0b0c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
15:35:20.0889 0x0b0c  RDPREFMP - ok
15:35:20.0936 0x0b0c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
15:35:20.0952 0x0b0c  RDPWD - ok
15:35:20.0999 0x0b0c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
15:35:21.0014 0x0b0c  rdyboost - ok
15:35:21.0014 0x0b0c  ReadyComm.DirectRouter - ok
15:35:21.0108 0x0b0c  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
15:35:21.0108 0x0b0c  RealNetworks Downloader Resolver Service - ok
15:35:21.0139 0x0b0c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
15:35:21.0139 0x0b0c  RemoteAccess - ok
15:35:21.0186 0x0b0c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
15:35:21.0186 0x0b0c  RemoteRegistry - ok
15:35:21.0217 0x0b0c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
15:35:21.0233 0x0b0c  RFCOMM - ok
15:35:21.0326 0x0b0c  [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo       C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
15:35:21.0326 0x0b0c  RichVideo - ok
15:35:21.0357 0x0b0c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
15:35:21.0357 0x0b0c  RpcEptMapper - ok
15:35:21.0389 0x0b0c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
15:35:21.0389 0x0b0c  RpcLocator - ok
15:35:21.0435 0x0b0c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
15:35:21.0451 0x0b0c  RpcSs - ok
15:35:21.0498 0x0b0c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
15:35:21.0498 0x0b0c  rspndr - ok
15:35:21.0529 0x0b0c  [ DA67387F9644C48F204147B351877CB3, 09182DDEC41C13405A448970AD88ABAC6EDB6AE2A60C39F33D52F1177643D706 ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
15:35:21.0545 0x0b0c  RSUSBSTOR - ok
15:35:21.0560 0x0b0c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\windows\system32\lsass.exe
15:35:21.0560 0x0b0c  SamSs - ok
15:35:21.0591 0x0b0c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
15:35:21.0591 0x0b0c  sbp2port - ok
15:35:21.0623 0x0b0c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
15:35:21.0623 0x0b0c  SCardSvr - ok
15:35:21.0654 0x0b0c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
15:35:21.0654 0x0b0c  scfilter - ok
15:35:21.0732 0x0b0c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
15:35:21.0794 0x0b0c  Schedule - ok
15:35:21.0825 0x0b0c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
15:35:21.0841 0x0b0c  SCPolicySvc - ok
15:35:21.0872 0x0b0c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
15:35:21.0888 0x0b0c  SDRSVC - ok
15:35:21.0919 0x0b0c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
15:35:21.0919 0x0b0c  secdrv - ok
15:35:21.0950 0x0b0c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
15:35:21.0950 0x0b0c  seclogon - ok
15:35:21.0997 0x0b0c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
15:35:21.0997 0x0b0c  SENS - ok
15:35:22.0013 0x0b0c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
15:35:22.0028 0x0b0c  SensrSvc - ok
15:35:22.0044 0x0b0c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
15:35:22.0044 0x0b0c  Serenum - ok
15:35:22.0091 0x0b0c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\DRIVERS\serial.sys
15:35:22.0091 0x0b0c  Serial - ok
15:35:22.0106 0x0b0c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
15:35:22.0106 0x0b0c  sermouse - ok
15:35:22.0184 0x0b0c  [ 192C159DA850C18D5C859E9BA95E9515, 33C4AD9305CE6CE32B6EFC9A0E8EEEF554B3F3F6B9E23680BC49AE07C7AFA70F ] Service Sendori C:\Program Files (x86)\Sendori\Sendori.Service.exe
15:35:22.0184 0x0b0c  Service Sendori - ok
15:35:22.0231 0x0b0c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
15:35:22.0231 0x0b0c  SessionEnv - ok
15:35:22.0262 0x0b0c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
15:35:22.0278 0x0b0c  sffdisk - ok
15:35:22.0293 0x0b0c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
15:35:22.0293 0x0b0c  sffp_mmc - ok
15:35:22.0309 0x0b0c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
15:35:22.0309 0x0b0c  sffp_sd - ok
15:35:22.0340 0x0b0c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
15:35:22.0340 0x0b0c  sfloppy - ok
15:35:22.0387 0x0b0c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
15:35:22.0403 0x0b0c  SharedAccess - ok
15:35:22.0449 0x0b0c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
15:35:22.0481 0x0b0c  ShellHWDetection - ok
15:35:22.0496 0x0b0c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
15:35:22.0496 0x0b0c  SiSRaid2 - ok
15:35:22.0527 0x0b0c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
15:35:22.0527 0x0b0c  SiSRaid4 - ok
15:35:22.0605 0x0b0c  [ CA355B308AA537C6B9D67CD3A5485AF9, 574072A3A52AF35F6293B082D5A4748CB4465CD0406A7E2AF6B5F86D94DE67AD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:35:22.0605 0x0b0c  SkypeUpdate - ok
15:35:22.0715 0x0b0c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
15:35:22.0715 0x0b0c  Smb - ok
15:35:23.0073 0x0b0c  [ 0376EB78E8A8E52CB46E6A7BB1B419E3, 56644E14D94E291A22F92A7DFD649EB48A12FEF2002F3608A414CB7469213098 ] sndappv2        C:\Program Files (x86)\Sendori\sndappv2.exe
15:35:23.0151 0x0b0c  sndappv2 - ok
15:35:23.0229 0x0b0c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
15:35:23.0245 0x0b0c  SNMPTRAP - ok
15:35:23.0292 0x0b0c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
15:35:23.0292 0x0b0c  spldr - ok
15:35:23.0354 0x0b0c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
15:35:23.0432 0x0b0c  Spooler - ok
15:35:23.0588 0x0b0c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
15:35:23.0713 0x0b0c  sppsvc - ok
15:35:23.0744 0x0b0c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
15:35:23.0744 0x0b0c  sppuinotify - ok
15:35:23.0791 0x0b0c  [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:35:23.0807 0x0b0c  SQLBrowser - ok
15:35:23.0869 0x0b0c  [ 3C432A96363097870995E2A3C8B66ABD, AA0AE0935FC5317FE93D7D3C3B9A6B2E026915D07704AF3E36F14FEA8595F4A6 ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:35:23.0885 0x0b0c  SQLWriter - ok
15:35:23.0931 0x0b0c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
15:35:23.0963 0x0b0c  srv - ok
15:35:24.0009 0x0b0c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
15:35:24.0041 0x0b0c  srv2 - ok
15:35:24.0056 0x0b0c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
15:35:24.0056 0x0b0c  srvnet - ok
15:35:24.0103 0x0b0c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
15:35:24.0103 0x0b0c  SSDPSRV - ok
15:35:24.0119 0x0b0c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
15:35:24.0119 0x0b0c  SstpSvc - ok
15:35:24.0150 0x0b0c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
15:35:24.0150 0x0b0c  stexstor - ok
15:35:24.0212 0x0b0c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
15:35:24.0228 0x0b0c  stisvc - ok
15:35:24.0259 0x0b0c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\drivers\swenum.sys
15:35:24.0259 0x0b0c  swenum - ok
15:35:24.0290 0x0b0c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
15:35:24.0321 0x0b0c  swprv - ok
15:35:24.0384 0x0b0c  [ 12A35E44D8647985FCDB8D298A590134, 65CF4B5E69CD6B03B004D7E2D5966756DA70E8938DAA698184D58F5E01EA4054 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
15:35:24.0399 0x0b0c  SynTP - ok
15:35:24.0493 0x0b0c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
15:35:24.0571 0x0b0c  SysMain - ok
15:35:24.0618 0x0b0c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
15:35:24.0633 0x0b0c  TabletInputService - ok
15:35:24.0680 0x0b0c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
15:35:24.0711 0x0b0c  TapiSrv - ok
15:35:24.0727 0x0b0c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
15:35:24.0743 0x0b0c  TBS - ok
15:35:24.0867 0x0b0c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\windows\system32\drivers\tcpip.sys
15:35:24.0945 0x0b0c  Tcpip - ok
15:35:25.0039 0x0b0c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
15:35:25.0086 0x0b0c  TCPIP6 - ok
15:35:25.0133 0x0b0c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
15:35:25.0133 0x0b0c  tcpipreg - ok
15:35:25.0164 0x0b0c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
15:35:25.0164 0x0b0c  TDPIPE - ok
15:35:25.0195 0x0b0c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
15:35:25.0195 0x0b0c  TDTCP - ok
15:35:25.0242 0x0b0c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
15:35:25.0257 0x0b0c  tdx - ok
15:35:25.0320 0x0b0c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\drivers\termdd.sys
15:35:25.0320 0x0b0c  TermDD - ok
15:35:25.0382 0x0b0c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\windows\System32\termsrv.dll
15:35:25.0429 0x0b0c  TermService - ok
15:35:25.0460 0x0b0c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
15:35:25.0460 0x0b0c  Themes - ok
15:35:25.0491 0x0b0c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
15:35:25.0491 0x0b0c  THREADORDER - ok
15:35:25.0507 0x0b0c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
15:35:25.0523 0x0b0c  TrkWks - ok
15:35:25.0569 0x0b0c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
15:35:25.0569 0x0b0c  TrustedInstaller - ok
15:35:25.0616 0x0b0c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
15:35:25.0616 0x0b0c  tssecsrv - ok
15:35:25.0663 0x0b0c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
15:35:25.0663 0x0b0c  TsUsbFlt - ok
15:35:25.0725 0x0b0c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
15:35:25.0725 0x0b0c  tunnel - ok
15:35:25.0741 0x0b0c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
15:35:25.0741 0x0b0c  uagp35 - ok
15:35:25.0788 0x0b0c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
15:35:25.0803 0x0b0c  udfs - ok
15:35:25.0850 0x0b0c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
15:35:25.0850 0x0b0c  UI0Detect - ok
15:35:25.0866 0x0b0c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
15:35:25.0866 0x0b0c  uliagpkx - ok
15:35:25.0913 0x0b0c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\drivers\umbus.sys
15:35:25.0913 0x0b0c  umbus - ok
15:35:25.0944 0x0b0c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
15:35:25.0944 0x0b0c  UmPass - ok
15:35:25.0975 0x0b0c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
15:35:25.0991 0x0b0c  upnphost - ok
15:35:26.0053 0x0b0c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys
15:35:26.0053 0x0b0c  USBAAPL64 - ok
15:35:26.0084 0x0b0c  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
15:35:26.0100 0x0b0c  usbccgp - ok
15:35:26.0209 0x0b0c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
15:35:26.0209 0x0b0c  usbcir - ok
15:35:26.0240 0x0b0c  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
15:35:26.0240 0x0b0c  usbehci - ok
15:35:26.0272 0x0b0c  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
15:35:26.0304 0x0b0c  usbhub - ok
15:35:26.0335 0x0b0c  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\windows\system32\drivers\usbohci.sys
15:35:26.0335 0x0b0c  usbohci - ok
15:35:26.0366 0x0b0c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
15:35:26.0366 0x0b0c  usbprint - ok
15:35:26.0413 0x0b0c  [ 5878E66639535AB9238412CB5F0DC2BE, 91B9C092A877F400A157CE221B6C4E317C3E74F89527F3CE68FB023DBD15311F ] usbsmi          C:\windows\system32\DRIVERS\SMIksdrv.sys
15:35:26.0428 0x0b0c  usbsmi - ok
15:35:26.0444 0x0b0c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
15:35:26.0460 0x0b0c  USBSTOR - ok
15:35:26.0475 0x0b0c  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\windows\system32\DRIVERS\usbuhci.sys
15:35:26.0491 0x0b0c  usbuhci - ok
15:35:26.0538 0x0b0c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
15:35:26.0553 0x0b0c  usbvideo - ok
15:35:26.0569 0x0b0c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
15:35:26.0584 0x0b0c  UxSms - ok
15:35:26.0600 0x0b0c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\windows\system32\lsass.exe
15:35:26.0600 0x0b0c  VaultSvc - ok
15:35:26.0647 0x0b0c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
15:35:26.0647 0x0b0c  vdrvroot - ok
15:35:26.0694 0x0b0c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
15:35:26.0725 0x0b0c  vds - ok
15:35:26.0756 0x0b0c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
15:35:26.0756 0x0b0c  vga - ok
15:35:26.0772 0x0b0c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
15:35:26.0772 0x0b0c  VgaSave - ok
15:35:26.0818 0x0b0c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
15:35:26.0818 0x0b0c  vhdmp - ok
15:35:26.0850 0x0b0c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
15:35:26.0850 0x0b0c  viaide - ok
15:35:26.0881 0x0b0c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
15:35:26.0896 0x0b0c  volmgr - ok
15:35:26.0928 0x0b0c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
15:35:26.0943 0x0b0c  volmgrx - ok
15:35:26.0974 0x0b0c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys
15:35:26.0990 0x0b0c  volsnap - ok
15:35:27.0021 0x0b0c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
15:35:27.0021 0x0b0c  vsmraid - ok
15:35:27.0130 0x0b0c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
15:35:27.0193 0x0b0c  VSS - ok
15:35:27.0350 0x0b0c  [ 0FE113245E2994F2C772601FB7006337, C44F3F620D91E1D89BECC1F159CBFA7BD5833A93B32384D67D2ED9BE4AF0C5EF ] vToolbarUpdater17.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe
15:35:27.0443 0x0b0c  vToolbarUpdater17.2.0 - ok
15:35:27.0475 0x0b0c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
15:35:27.0475 0x0b0c  vwifibus - ok
15:35:27.0490 0x0b0c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
15:35:27.0506 0x0b0c  vwififlt - ok
15:35:27.0506 0x0b0c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
15:35:27.0506 0x0b0c  vwifimp - ok
15:35:27.0584 0x0b0c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
15:35:27.0584 0x0b0c  W32Time - ok
15:35:27.0615 0x0b0c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
15:35:27.0631 0x0b0c  WacomPen - ok
15:35:27.0693 0x0b0c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
15:35:27.0693 0x0b0c  WANARP - ok
15:35:27.0709 0x0b0c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
15:35:27.0724 0x0b0c  Wanarpv6 - ok
15:35:27.0833 0x0b0c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
15:35:27.0880 0x0b0c  WatAdminSvc - ok
15:35:27.0974 0x0b0c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
15:35:28.0036 0x0b0c  wbengine - ok
15:35:28.0067 0x0b0c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
15:35:28.0067 0x0b0c  WbioSrvc - ok
15:35:28.0130 0x0b0c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
15:35:28.0145 0x0b0c  wcncsvc - ok
15:35:28.0177 0x0b0c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
15:35:28.0177 0x0b0c  WcsPlugInService - ok
15:35:28.0208 0x0b0c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\DRIVERS\wd.sys
15:35:28.0208 0x0b0c  Wd - ok
15:35:28.0255 0x0b0c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
15:35:28.0301 0x0b0c  Wdf01000 - ok
15:35:28.0317 0x0b0c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\windows\system32\wdi.dll
15:35:28.0333 0x0b0c  WdiServiceHost - ok
15:35:28.0333 0x0b0c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\windows\system32\wdi.dll
15:35:28.0348 0x0b0c  WdiSystemHost - ok
15:35:28.0364 0x0b0c  [ 2A444ACF7DD446505BCC801F8F6AE5FD, A257CBA8D1B96D4E8C2085DB5D28C5D4FFA64767ABA5FE764F1AA2697D0E994B ] wdmirror        C:\windows\system32\DRIVERS\WDMirror.sys
15:35:28.0364 0x0b0c  wdmirror - ok
15:35:28.0411 0x0b0c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll
15:35:28.0426 0x0b0c  WebClient - ok
15:35:28.0457 0x0b0c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
15:35:28.0473 0x0b0c  Wecsvc - ok
15:35:28.0489 0x0b0c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
15:35:28.0504 0x0b0c  wercplsupport - ok
15:35:28.0520 0x0b0c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
15:35:28.0520 0x0b0c  WerSvc - ok
15:35:28.0551 0x0b0c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
15:35:28.0551 0x0b0c  WfpLwf - ok
15:35:28.0598 0x0b0c  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\windows\system32\DRIVERS\wimfltr.sys
15:35:28.0598 0x0b0c  WimFltr - ok
15:35:28.0613 0x0b0c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
15:35:28.0613 0x0b0c  WIMMount - ok
15:35:28.0645 0x0b0c  WinDefend - ok
15:35:28.0676 0x0b0c  WinHttpAutoProxySvc - ok
15:35:28.0723 0x0b0c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
15:35:28.0738 0x0b0c  Winmgmt - ok
15:35:28.0832 0x0b0c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\windows\system32\WsmSvc.dll
15:35:28.0910 0x0b0c  WinRM - ok
15:35:28.0988 0x0b0c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
15:35:28.0988 0x0b0c  WinUsb - ok
15:35:29.0035 0x0b0c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
15:35:29.0097 0x0b0c  Wlansvc - ok
15:35:29.0159 0x0b0c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:35:29.0159 0x0b0c  wlcrasvc - ok
15:35:29.0300 0x0b0c  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:35:29.0409 0x0b0c  wlidsvc - ok
15:35:29.0440 0x0b0c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
15:35:29.0456 0x0b0c  WmiAcpi - ok
15:35:29.0487 0x0b0c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
15:35:29.0503 0x0b0c  wmiApSrv - ok
15:35:29.0534 0x0b0c  WMPNetworkSvc - ok
15:35:29.0565 0x0b0c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
15:35:29.0565 0x0b0c  WPCSvc - ok
15:35:29.0612 0x0b0c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
15:35:29.0612 0x0b0c  WPDBusEnum - ok
15:35:29.0643 0x0b0c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
15:35:29.0643 0x0b0c  ws2ifsl - ok
15:35:29.0674 0x0b0c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
15:35:29.0674 0x0b0c  wscsvc - ok
15:35:29.0674 0x0b0c  WSearch - ok
15:35:29.0721 0x0b0c  [ 83575C43B2BFE9AB0661A7F957E843C0, 6FCE62721902A4F35F1A4CED8AF60A0346CFAB657ED92DE4CEFF19BDB830D32D ] wsvd            C:\windows\system32\DRIVERS\wsvd.sys
15:35:29.0721 0x0b0c  wsvd - ok
15:35:29.0846 0x0b0c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\windows\system32\wuaueng.dll
15:35:29.0939 0x0b0c  wuauserv - ok
15:35:29.0971 0x0b0c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
15:35:29.0986 0x0b0c  WudfPf - ok
15:35:30.0017 0x0b0c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
15:35:30.0017 0x0b0c  WUDFRd - ok
15:35:30.0049 0x0b0c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
15:35:30.0049 0x0b0c  wudfsvc - ok
15:35:30.0095 0x0b0c  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\windows\System32\wwansvc.dll
15:35:30.0111 0x0b0c  WwanSvc - ok
15:35:30.0158 0x0b0c  ================ Scan global ===============================
15:35:30.0189 0x0b0c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
15:35:30.0220 0x0b0c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
15:35:30.0251 0x0b0c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
15:35:30.0283 0x0b0c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
15:35:30.0314 0x0b0c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
15:35:30.0345 0x0b0c  [ Global ] - ok
15:35:30.0345 0x0b0c  ================ Scan MBR ==================================
15:35:30.0361 0x0b0c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:35:30.0532 0x0b0c  \Device\Harddisk0\DR0 - ok
15:35:30.0532 0x0b0c  ================ Scan VBR ==================================
15:35:30.0548 0x0b0c  [ 6A64B17961F26DF9D91806A77C42306E ] \Device\Harddisk0\DR0\Partition1
15:35:30.0548 0x0b0c  \Device\Harddisk0\DR0\Partition1 - ok
15:35:30.0548 0x0b0c  [ 138F775DF3D5C12AC1E94E3844D5FAEE ] \Device\Harddisk0\DR0\Partition2
15:35:30.0563 0x0b0c  \Device\Harddisk0\DR0\Partition2 - ok
15:35:30.0595 0x0b0c  [ DE0E7107D9C903E5362F41FAE3D949D4 ] \Device\Harddisk0\DR0\Partition3
15:35:30.0595 0x0b0c  \Device\Harddisk0\DR0\Partition3 - ok
15:35:30.0595 0x0b0c  Waiting for KSN requests completion. In queue: 92
15:35:31.0609 0x0b0c  Waiting for KSN requests completion. In queue: 92
15:35:32.0623 0x0b0c  Waiting for KSN requests completion. In queue: 92
15:35:33.0824 0x0b0c  AV detected via SS2: AVG AntiVirus Free Edition 2014, C:\Program Files (x86)\AVG\AVG2014\avgwsc.exe ( 14.0.0.4110 ), 0x42000 ( disabled : updated )
15:35:33.0839 0x0b0c  Win FW state via NFP2: enabled
15:35:36.0757 0x0b0c  ============================================================
15:35:36.0757 0x0b0c  Scan finished
15:35:36.0757 0x0b0c  ============================================================
15:35:36.0772 0x1af0  Detected object count: 0
15:35:36.0772 0x1af0  Actual detected object count: 0
 



#6 xingxang

xingxang
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 01 January 2014 - 03:46 PM

I hope it's ok to reboot the pc now, I had turned off my AVG antivirus until reboot in order to run MBAM, and am nervous without AVG running.



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:55 AM

Posted 02 January 2014 - 10:20 AM

Hello, look in your browser(s) add-ons/extensions for Sendori and disable/delete if there.

See quietman7's post 3 here for how
http://www.bleepingcomputer.com/forums/t/513638/malware-or-virus-affecting-my-computer/?hl=%2Bremoval+%2Btool#entry3204205


Now run these and see if it is gone.

ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 xingxang

xingxang
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 02 January 2014 - 07:36 PM

Not sure I understood step 4  but here's the Log from AdwCleaner:

 

# AdwCleaner v3.016 - Report created 02/01/2014 at 19:25:54
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Christopher - LENOVOY550
# Running from : C:\Users\Christopher\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\Coupon Companion Plugin
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
[!] Folder Deleted : C:\Users\Christopher\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Christopher\AppData\Local\Coupon Companion Plugin
Folder Deleted : C:\Users\Christopher\AppData\Local\Searchprotect
Folder Deleted : C:\Users\Christopher\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Christopher\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Sarah\AppData\Local\apn
[!] Folder Deleted : C:\Users\Sarah\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Sarah\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Sarah\AppData\Local\Searchprotect
Folder Deleted : C:\Users\Sarah\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Sarah\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Sarah\AppData\Roaming\optimizer pro
Folder Deleted : C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Deleted : C:\Users\Sarah\Documents\Mobogenie
Folder Deleted : C:\Users\Thomas\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Thomas\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Thomas\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Jack\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Jack\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Jack\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\y279df04.default\Extensions\toolbar@ask.com
Folder Deleted : C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Folder Deleted : C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj
File Deleted : C:\Users\Sarah\Desktop\Mobogenie.lnk
File Deleted : C:\Users\Sarah\Desktop\Optimizer Pro.lnk
File Deleted : C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\y279df04.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\y279df04.default\searchplugins\conduit-search.xml
File Deleted : C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\y4ntnwf6.default\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\y279df04.default\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\y279df04.default\user.js
File Deleted : C:\windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220222182204}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186604}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181104}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186604}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Coupon Companion Plugin
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Companion Plugin
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spring Smart
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\y4ntnwf6.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
Line Deleted : user_pref("extensions.crossrider.bic", "13cb54cd5f0ddbe93abe2d0c0b76a673");

[ File : C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\y279df04.default\prefs.js ]

Line Deleted : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3317458&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SPEC0388DA-D006-40E7-8D77-79F1D1517034");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3317458&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPEC0388DA-D006-40E7-8D77-79F1D1517034&SSPV=");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
Line Deleted : user_pref("extensions.crossrider.bic", "13cdb33cac703ceea0bb42679c9c956c");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.InstallationTime", 1360887270);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.active", true);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.addressbar", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.addressbarenhanced", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.backgroundjs", "\n\n//\n");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.backgroundver", 32);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.can_run_bg_code", true);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.certdomaininstaller", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.changeprevious", false);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.InstallationTime.value", "1360887270");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_aoi.value", "1360887270");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_arbitrary_code.expiration", "Sat Mar 09 2013 20:10:39 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_arbitrary_code.value", "%22%28function%28%29%7B_GPL_PLUGIN.st%3D%7B%5C%22141539%26pid%3D1382%5C%22%3A%7Bs%3A%5B%5C%22153837%26pid%3D1463%5C%2[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_blocklist.expiration", "Sat Mar 09 2013 20:10:39 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_blocklist.value", "%22nonexistantdomain.com%22");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_country_code.expiration", "Sat Mar 16 2013 19:55:07 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_country_code.value", "%22US%22");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_crr.value", "1362873311");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_currenttime.value", "%221362693963%22");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_hotfix20111102645.value", "%221%22");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%22100086%22%2C%22sub_id%22%3A%22default%22%2C%22uzid%22%3A%22100086%26subid%3D%26pid%3D1322%2[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_installtime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_installtime.value", "%221360862192%22");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_parent_zoneid.value", "%22100086%22");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_pc_20120828.value", "1360887322118");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_product_id.value", "%221322%22");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_zoneid.value", "%22143656%22");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.dbtest.value", "1360887290183");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.description", "Coupon Companion");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.domain", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.enablesearch", false);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.fbremoteurl", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.group", 0);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.homepage", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.iframe", false);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_appVer.value", "46");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_lastVersion.value", "1");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_meta.value", "%7B%7D");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_nextCheck.expiration", "Sun Mar 10 2013 00:55:11 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_nextCheck.value", "true");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_queue.value", "%7B%7D");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.started||_GPL_PLUGIN.prepare({pid:1175,baseCDN:\"couponcp-a.akamaihd.net[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.manifesturl", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.name", "Coupon Companion Plugin");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.newtab", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.opensearch", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return appAPI.appInfo.id;}else{return appAPI.appID;}}};$jquery.ex[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1.name", "base");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1.ver", 4);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=function(B){if(void 0===this||null===this)throw new TypeError;var c=Obje[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000014.ver", 15);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000015.code", "var a=appAPI.db.getList(),cf_ran=!1,_GPL_BG={vars:{},rules:{},started:!1,allowed:!1,log:function(f){console.log(f)},factor[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000015.name", "GPL Background (BG)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000015.ver", 34);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSelection){return window.getSelection()}else{if(document.ge[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_13.name", "CrossriderAppUtils");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_13.ver", 2);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={};}var CR__bIsIEWindow=false;if(typeof window!==\"undefined\"&&typeof window.navigat[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_14.name", "CrossriderUtils");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_14.ver", 2);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!=true)&&(typeof _firefoxVersion!==\"undefined\"&&_firefoxVersion>14)&&typ[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_16.name", "FFAppAPIWrapper");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_16.ver", 5);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * hxxp://jquery.com/\n *\n * Copyright 2010, Joh[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_17.name", "jQuery");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_17.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.appID(),url:appAPI._cr_config.debug_app};return h.Class.[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_21.name", "debug");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_21.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(B){this.queue.push(B);}};appAPI.ready=function(c,B){a.when.apply(n[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_22.name", "resources");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_22.ver", 2);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_config.appID()},b,g=new e.Deferred(),f;return e.Class.exte[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_28.name", "initializer");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_28.ver", 2);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_4.code", "var jQuery = $jquery_171 = $jquery = null;\n\nif (document && typeof document.getElementById !== \"undefined\") {\n\n/*! jQuery [...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_4.name", "jquery_1_7_1");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_4.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());var CrossRiderResourcesManager=(function(){var C={appId[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_47.name", "resources_background");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_47.ver", 1);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPTY_CHANNEL__\";var d=function(j){return(typeof j===\"object\"&&j!==null);};var b=function(j){return[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_64.name", "appApiMessage");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_64.ver", 1);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var k={};var f=appAPI.appInfo.name;var l=function(r,q,s){var p=\"[[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_72.name", "appApiValidation");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_72.ver", 1);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof navigator!==\"undefined\"&&typeof navigator.userAgent!==\"undefined\"){(func[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_78.name", "CrossriderInfo");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_78.ver", 2);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins_lists.plugins_0", "4,14,78,16,64,47,72,1000015");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,72,1000014,28");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.pluginsurl", "hxxp://app-static.crossrider.com/plugin/apps/21804/plugins/087/ff/plugins.json");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.pluginsversion", 43);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.publisher", "215 Apps");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.searchstatus", 0);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.setnewtab", false);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.settingsurl", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.thankyou", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.updateinterval", 360);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.ver", 46);
Line Deleted : user_pref("extensions.crossriderapp21804.adsOldValue", -1);
Line Deleted : user_pref("extensions.crossriderapp21804.apps", "21804");
Line Deleted : user_pref("extensions.crossriderapp21804.bic", "13cdb33cac703ceea0bb42679c9c956c");
Line Deleted : user_pref("extensions.crossriderapp21804.cid", 21804);
Line Deleted : user_pref("extensions.crossriderapp21804.firstrun", false);
Line Deleted : user_pref("extensions.crossriderapp21804.hadappinstalled", true);
Line Deleted : user_pref("extensions.crossriderapp21804.installationdate", 1360887270);
Line Deleted : user_pref("extensions.crossriderapp21804.lastcheck", 22714555);
Line Deleted : user_pref("extensions.crossriderapp21804.lastcheckitem", 22714626);
Line Deleted : user_pref("extensions.crossriderapp21804.modetype", "production");
Line Deleted : user_pref("extensions.crossriderapp21804.reportInstall", true);

[ File : C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\e7w8yn6b.default\prefs.js ]

Line Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|mysearch\\.avg\\.com");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
Line Deleted : user_pref("extensions.crossrider.bic", "13cdb2e4ad4088cad01083abcfc4861b");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.InstallationTime", 1360886910);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.InstallationTime.value", "1360886910");
Line Deleted : user_pref("extensions.crossriderapp21804.adsOldValue", -1);
Line Deleted : user_pref("extensions.crossriderapp21804.bic", "13cdb2e4ad4088cad01083abcfc4861b");
Line Deleted : user_pref("extensions.crossriderapp21804.firstrun", false);
Line Deleted : user_pref("extensions.crossriderapp21804.installationdate", 1360886910);
Line Deleted : user_pref("extensions.crossriderapp21804.lastcheck", 23131832);
Line Deleted : user_pref("extensions.crossriderapp21804.lastcheckitem", 23131834);
Line Deleted : user_pref("extensions.crossriderapp21804.reportInstall", true);

[ File : C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\2lmygdyl.default\prefs.js ]

Line Deleted : user_pref("extensions.crossriderapp21804.adsOldValue", -1);
Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");

*************************

AdwCleaner[R0].txt - [34746 octets] - [02/01/2014 19:21:32]
AdwCleaner[S0].txt - [33797 octets] - [02/01/2014 19:25:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [33858 octets] ##########
 



#9 xingxang

xingxang
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 02 January 2014 - 07:55 PM

JRT.txt log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x64
Ran by Christopher on Thu 01/02/2014 at 19:41:51.79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{00638670-E796-4C65-804B-15A747BBB590}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{00A7AE14-3450-48E5-B52E-5325114ED92F}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{036FFB29-DF93-4A80-A915-595F3B8B0A92}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{0480006D-390D-44AF-90D0-482CD8B49A0C}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{078C96A1-332F-4F24-AA62-426A8B77376A}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{0B77CF36-3A6A-452A-8E03-A544553D499B}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{11E0EFBE-6E7B-4679-BAC8-348DABBB82EE}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{1465DCA2-F96C-4800-88D5-A99D9271E233}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{150E97BB-3A05-4772-83C9-54E9416B1D9D}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{15622B93-64CB-4356-9348-6F0C551E580B}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{161B388C-82A7-4742-845D-8ECB4E00E152}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{1CB420A7-FD51-4E03-840B-570AB86FD459}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{1E0A5BB2-126A-4AC8-A2B0-351B70EBFB8F}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{1FA38E22-7E7F-470D-935E-D4CDABF1E204}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{26AFC45B-373E-4528-88C9-5D4ED13CBB2F}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{270FA301-4E9E-4B77-9FB5-04D59596FAFB}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{2BE74826-AD0A-40C4-83BF-A9037A4E7CA1}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{2FE1BE89-766E-4062-BAD9-72DE328C5AE1}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{3200B50D-8319-4E10-8E16-A9D17A403A8D}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{32DD6397-95C6-4EB9-BCF5-8110C1AB55DC}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{38E91112-569F-46AC-9C23-E0726F2FDD87}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{39DBCFCC-2DE1-4F08-87E9-40ECAE789657}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{3A593727-1A20-4C93-BDAF-19C4DDB9790A}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{3A96B717-8131-4C09-A1AC-D9CE2F7C12AE}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{3AFEC8ED-D889-4290-B133-F85B84CC044D}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{3B796867-D819-40AB-B434-330D6CDD2538}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{3C956150-FE96-4D7C-A6A2-D56EEDDA12AF}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{42C21789-35CC-42B6-A7F2-34AF2DCFD96D}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{45F9F8DB-6A93-43A3-B289-0A619F340AAA}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{49E71BB8-AC68-4CE2-9F67-25BACE4F73CB}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{4BFE736A-2368-4726-B6A4-D48D480B3EC1}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{509D96C5-C620-4907-B3A0-E8F78D06B5A8}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{50FC57AD-5613-4A92-97D4-9C65C2D54421}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{539958FD-EAC6-471B-9874-50554A7980FC}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{540D7FE4-EE46-4550-9C03-67E42D6461E2}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{56D1586E-9D5B-496D-A0F6-C64BB4EC373E}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{57E2B019-57E8-4948-B403-511A51AC7943}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{5A547981-316F-4853-AEEC-F75F95E7177C}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{5D5685FA-7CF0-4627-937D-1F1303563103}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{5FF9A5FB-89A9-4A2A-A0D1-1E1578CE20A1}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{609D0498-B145-43A2-ABFE-B8674507FA43}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{63487565-674D-42CD-86D9-D5A935C1957D}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{656D0EEB-7718-4A24-8F30-151201C236BB}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{66F718B1-E6B9-401C-882B-A43CAC901961}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{6760905B-015D-4C58-AA6C-8D5AF6C51C0B}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{69AA6301-5946-4D35-AD51-D2B60B3F7F83}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{6B6F38E9-63EB-4FA2-8D67-83F0602BF658}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{6C2F862A-4013-4714-9799-D3CACCFE9DE2}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{72A08681-799E-47CD-8EA4-596CB6038B0A}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{75B09917-BDC0-40F0-952F-E2AC8C5932CD}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{77B00B8E-2544-44A9-A1A3-DC5ED126E568}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{78443331-530C-4ADA-BE42-6301F2DB8E78}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{78E01DD0-5170-4B2B-AB23-858E72533777}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{793F71E2-5274-442B-A815-8593F900824F}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{7F97F3F7-0741-4121-8DC9-22C127F01543}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{82305B7A-861C-44F9-AA7E-09F2E55B84F7}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{83F26722-7503-493B-8011-51500161C5B3}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{85A3CC1D-94E0-4627-98C8-44993338509A}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{8629EAFF-150D-4D69-B259-B864BE75F843}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{871D4F0F-4729-426F-AA23-20CF5C658259}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{89371120-C8AA-4333-B7EF-674D34DF12ED}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{8A36FB7C-F5C6-48A2-B32D-709E4500E944}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{8DB3636B-D647-4B18-BE49-3195140D88EB}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{90A8DAE9-2C5E-42F6-839E-FEC778697A27}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{92241DAD-42AE-4C09-B6E3-A52547164AAB}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{93E52170-A789-4C6C-8FC9-E9750003AD61}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{94A4BF3B-5088-4EF1-8F5F-9FE635F3C5AF}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{98424651-1D89-4407-A62F-3A264C0E2CFB}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{9C34835C-E24B-4A84-AF00-9E334E174C44}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{9F40009A-E58C-4F6E-B3B3-E553F44309E6}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{9FA64D4E-4F65-4921-973B-0DBA70D9B0C5}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{A287F428-B38B-4791-9063-6A26E34E707B}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{A2CC4049-7197-4EE2-B737-1FB96050E622}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{A309E111-BF7B-4B77-B94B-5EA36E950ED5}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{A647D03C-AAD8-4FE6-9F91-A170BA7B456E}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{A7BA958C-EEC8-4264-A308-28E2A6DDA824}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{A81BEFB0-99BD-44E7-9EDB-1027B56B5012}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{AA701DE3-72E6-4ECB-B14D-91675740833E}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{AC7FD875-B8F2-4DEE-B2CA-43CA5252E8BA}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{B4445AEA-470F-4260-AE61-E7BC24A2B2E2}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{B56E652B-9753-4F43-B22D-819A7C6C8856}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{B5827E62-8B3D-402F-A0DD-9D286570F48F}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{B81E1E49-3B8F-426E-9F7A-0D2CF1468F7C}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{B837337C-2136-490D-9855-88B6E82D7693}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{BE654F32-4FB7-42C6-911F-4AA184676E70}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{BF6050AC-EFFD-4C33-995B-0C79BEC083AC}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{C1D7C661-BC4B-4C38-9CA4-1AE8C68C1520}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{C381D516-33DD-44D9-9286-E833CBAC4046}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{C3C4F83F-39ED-46CA-B83C-C37C98A379FB}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{C68B5876-AB48-4E56-9684-13D88C63C5B3}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{D074280A-07B7-4511-BFFA-B310AB1DE1D8}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{D098659F-CC0A-4094-B667-C0E2E683C8EB}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{D1F75E2C-B896-4778-81C5-041E290595B6}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{D40D9F46-FD4F-4497-80AF-3C2E5A9F3BDD}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{D6302051-1840-4955-B2A4-58EFFF46DBCB}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{DC442B87-841C-48A5-A11D-4FB26B18DFE6}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{DC75BE85-19E5-41D4-B2B4-63DA9D837DBA}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{DD5DB557-D045-4D49-823F-03BDD799BC3E}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{DD7591FF-A79B-4391-821D-DCC8B1B36F02}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{DE353136-7839-412C-BADD-453B9196C566}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{DFA3AB0A-F4A1-4419-80B9-FD07721C0A93}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{E0348968-94D0-483B-BDF3-7B90AA39D137}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{E26E93F3-12DE-4527-9175-FFCC67E41483}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{E4551751-C6A8-40BB-9B5E-585DB17DC669}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{E63BA0F0-9B69-405B-BA98-A5B9B50CDB76}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{E7B3E201-AF86-4C56-B970-B6DA662D4BCB}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{EC8BF123-34BB-42F0-9856-EF9ADE71A2F8}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{ED80B02A-4BF3-4FB1-B2AF-DADEE1FC06E9}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{EE8418DB-DC4D-4E1C-8BCB-6BA723EA4600}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{EE96D54F-20FC-4618-B373-DF700FE63B05}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{F246C8C9-F9A0-46DE-A79B-BDB190AFD6CB}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{F4D0AF37-7724-4CAB-B09B-31A2EA59F121}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{F9C0F372-D334-4420-A837-47B3693EDB3F}
Successfully deleted: [Empty Folder] C:\Users\Christopher\appdata\local\{FC610C9E-CBC2-4F5F-B7B6-F00A81A2C0FF}



~~~ FireFox

Successfully deleted the following from C:\Users\Christopher\AppData\Roaming\mozilla\firefox\profiles\y4ntnwf6.default\prefs.js

user_pref("google.toolbar.button_option.cached.gtbSearchBlogs", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchBlogs\" t
user_pref("google.toolbar.button_option.cached.gtbSearchPhotos", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchPhotos\"
user_pref("google.toolbar.button_option.cached.gtbSearchScholar", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchScholar
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_CTK0Y7F4MTG6NKYH03WT-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.search-icon", "data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7PT7/3zF6/9Ptu//RbHx/
Emptied folder: C:\Users\Christopher\AppData\Roaming\mozilla\firefox\profiles\y4ntnwf6.default\minidumps [38 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Christopher\appdata\local\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 01/02/2014 at 19:53:19.14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:55 PM

Posted 02 January 2014 - 09:51 PM

Hello -

This is the result listed by Microsoft support .. and it may match the link to quietman7

 

You can try these steps, or keep with boopme

 

This is the FULL uninstall script that is provided as-is

 

Sendori posted this on June 10, 2013 18:11

If when trying to uninstall the Sendori app you are receiving a message: "There was a problem in uninstalling Sendori. Please contact support at support@sendori.com", then please download the attached file and follow these simple steps to remove the application.

 

1. Download the attached file (Uninstall.zip). It's a new uninstaller. Uninstall.zip
2. Unzip the file and place the uninstaller.exe in the Sendori folder - If asked to REPLACE current file, say YES!
    Windows XP/Vista: C:\Program Files\Sendori
    Windows 7: C:\Program Files (x86)\Sendori
3. Go to Control Panel -> Add/Remove Programs (Windows 7: Uninstall a program)
4. Find the Sendori app and click on Uninstall
5. After the uninstaller process finishes, make sure to reboot your computer

If you issue is not resolved by this FAQ, please refer to additional troubleshooting steps at: http://support.sendori.com/forums/22177046-F-A-Q

 

 

Thank You -



#11 xingxang

xingxang
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 03 January 2014 - 08:45 PM

Hello Noknojon,

Thank you, I think I should finish whatever boopme prescribes to cure my pc since I think sendori is now gone or disabled, and it seems the other scans/tools found some other nasties that were installed on my machine at some time.  Thanks for the link, I'm sure it will come in handy for others as well.



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:55 AM

Posted 03 January 2014 - 08:59 PM

Hello again..
I would like to run 2 more first is quick second may want an hour or a few.

but just to make sure we get everything.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


>>>>>>>>>>>


Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 xingxang

xingxang
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 04 January 2014 - 10:46 AM

MiniToolbox log:

 

MiniToolBox by Farbar  Version: 18-12-2013
Ran by Christopher (administrator) on 04-01-2014 at 10:38:57
Running from "C:\Users\Christopher\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled mldversion=version2
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.2.3 metric=1 publish=Yes


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : LenovoY550
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 00-26-C6-4E-D9-39
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 2C-81-58-BE-F1-30
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
   Physical Address. . . . . . . . . : 70-5A-B6-53-06-20
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
   Physical Address. . . . . . . . . : 00-26-C6-4E-D9-38
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d4dd:a0bf:f3ce:f507%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, January 04, 2014 9:35:48 AM
   Lease Expires . . . . . . . . . . : Sunday, January 05, 2014 9:35:52 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 234890950
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-E7-B1-2D-00-26-C6-4E-D9-38
   DNS Servers . . . . . . . . . . . : 75.126.206.18
                                       184.173.169.186
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{C8024043-46DB-4A4E-9DED-D7194DA84736}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:18b3:c4e:bd56:a4bf(Preferred)
   Link-local IPv6 Address . . . . . : fe80::18b3:c4e:bd56:a4bf%19(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  75.126.206.18-static.reverse.softlayer.com
Address:  75.126.206.18

DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Addresses:  74.125.194.100
      74.125.194.113
      74.125.194.139
      74.125.194.101
      74.125.194.138
      74.125.194.102


Pinging google.com [74.125.194.101] with 32 bytes of data:
Reply from 74.125.194.101: bytes=32 time=49ms TTL=41
Reply from 74.125.194.101: bytes=32 time=49ms TTL=41

Ping statistics for 74.125.194.101:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 49ms, Maximum = 49ms, Average = 49ms
Server:  75.126.206.18-static.reverse.softlayer.com
Address:  75.126.206.18

Name:    yahoo.com
Addresses:  98.139.183.24
      98.138.253.109
      206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=104ms TTL=42
Reply from 206.190.36.45: bytes=32 time=106ms TTL=42

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 104ms, Maximum = 106ms, Average = 105ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=10ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 4ms, Maximum = 10ms, Average = 7ms
===========================================================================
Interface List
 16...00 26 c6 4e d9 39 ......Microsoft Virtual WiFi Miniport Adapter
 14...2c 81 58 be f1 30 ......Bluetooth Device (Personal Area Network)
 11...70 5a b6 53 06 20 ......Broadcom NetLink ™ Gigabit Ethernet
 10...00 26 c6 4e d9 38 ......Intel® WiFi Link 5100 AGN
  1...........................Software Loopback Interface 1
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0         On-link       192.168.1.2    311
  169.254.255.255  255.255.255.255         On-link       192.168.1.2    281
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    281
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    281
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
      169.254.0.0      255.255.0.0      192.168.2.3       1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 19     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 19     58 2001::/32                On-link
 19    306 2001:0:5ef5:79fd:18b3:c4e:bd56:a4bf/128
                                    On-link
 10    281 fe80::/64                On-link
 19    306 fe80::/64                On-link
 19    306 fe80::18b3:c4e:bd56:a4bf/128
                                    On-link
 10    281 fe80::d4dd:a0bf:f3ce:f507/128
                                    On-link
  1    306 ff00::/8                 On-link
 19    306 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 09 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/04/2014 09:37:21 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 2.1.168.192.in-addr.arpa. PTR LenovoY550.local.

Error: (01/04/2014 09:37:21 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.2:5353   20 2.1.168.192.in-addr.arpa. PTR LenovoY550-2.local.

Error: (01/03/2014 09:42:10 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9423

Error: (01/03/2014 09:42:10 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9423

Error: (01/03/2014 09:42:10 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/03/2014 09:42:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6568

Error: (01/03/2014 09:42:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6568

Error: (01/03/2014 09:42:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/03/2014 09:42:06 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5507

Error: (01/03/2014 09:42:06 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5507


System errors:
=============
Error: (01/04/2014 09:35:51 AM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater17.2.0 service failed to start due to the following error:
%%2

Error: (01/04/2014 09:35:49 AM) (Source: Service Control Manager) (User: )
Description: The ReadyComm.DirectRouter service failed to start due to the following error:
%%2

Error: (01/04/2014 07:15:33 AM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater17.2.0 service failed to start due to the following error:
%%2

Error: (01/04/2014 07:15:32 AM) (Source: Service Control Manager) (User: )
Description: The ReadyComm.DirectRouter service failed to start due to the following error:
%%2

Error: (01/03/2014 08:50:08 PM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater17.2.0 service failed to start due to the following error:
%%2

Error: (01/03/2014 08:50:07 PM) (Source: Service Control Manager) (User: )
Description: The ReadyComm.DirectRouter service failed to start due to the following error:
%%2

Error: (01/03/2014 08:48:30 PM) (Source: Service Control Manager) (User: )
Description: The Service Sendori service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/03/2014 08:45:05 PM) (Source: Service Control Manager) (User: )
Description: The sndappv2 service failed to start due to the following error:
%%1053

Error: (01/03/2014 08:45:05 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the sndappv2 service to connect.

Error: (01/03/2014 08:40:05 PM) (Source: Service Control Manager) (User: )
Description: The sndappv2 service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 2.0.4)
2007 Microsoft Office system (Version: 12.0.6612.1000)
Acrobat.com (Version: 1.1.377)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
Adobe Shockwave Player 11.5 (Version: 11.5.6.606)
Alive Idea Desktop (Version: 1.0.2.1009)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
AVG 2014 (Version: 14.0.3658)
AVG 2014 (Version: 14.0.4259)
AVG 2014 (Version: 2014.0.4259)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit NetLink Controller (Version: 12.26.01)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1)
Canon Easy-WebPrint EX
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP Navigator EX 3.0
Canon MP560 series MP Drivers
Canon MP560 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
CDBurnerXP (Version: 4.3.8.2474)
CutePDF Writer 2.8
D3DX10 (Version: 15.4.2368.0902)
DIBS (Version: 1.7.0)
Dolby Control Center (Version: 2.2.1)
EasyCapture (Version: V4.0.09.1015)
ENE CIR Receiver Driver (Version: 2.7.4.0)
Energy Management (Version: 4.4.1.3)
FreeMeter
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 31.0.1650.63)
Google Drive (Version: 1.13.5782.599)
Google Earth Plug-in (Version: 7.1.2.2041)
Google Talk (remove only)
Google Update Helper (Version: 1.3.22.3)
iCloud (Version: 3.0.2.163)
InFlac 1.1.1 (Version: 1.1.1)
Intel® Matrix Storage Manager
IrfanView (remove only) (Version: 4.27)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Lenovo Bluetooth with Enhanced Data Rate Software (Version: 6.2.0.9600)
Lenovo EasyCamera
Lenovo EasyCamera (Version: 5.4.1.9)
Lenovo First Boot (Version: 1.7.2.2)
Lenovo Idea Central (Version: 1.7.2.3)
Lenovo Idea Notes (Version: 1.5.1)
Lenovo OneKey Recovery (Version: 7.0.0723)
Lenovo ReadyComm 5 (Version: 5.1.1.20)
Lenovo ReadyComm 5.0 Service (Version: 5.0.0.1)
Lenovo SlideNav (Version: 1.50.1023.0001)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MediaShow (Version: 4.1.3117.14639)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0)
Microsoft Office 2003 Web Components (Version: 11.0.8173.0)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Standard 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0)
Mozilla Maintenance Service (Version: 26.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
NETGEAR Genie (Version: 2.2.28.24.exe )
NVIDIA Drivers (Version: 1.9)
Onekey Theater (Version: 0.0.0.13C)
Picasa 3 (Version: 3.9)
Power2Go (Version: 5.6.0.4809d4)
QuickTime (Version: 7.74.80.86)
RealDownloader (Version: 1.3.3)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.3)
Realtek High Definition Audio Driver (Version: 6.0.1.6002)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30106)
RealUpgrade 1.1 (Version: 1.1.0)
Skype™ 6.3 (Version: 6.3.107)
SlideBar Driver (Version: 1.0.0.12C)
Social Privacy DNS
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spotify (Version: 0.8.5.1333.g822e0de8)
Synaptics Pointing Device Driver (Version: 13.2.7.3)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Utility Common Driver (Version: 1.0.50.26C)
VeriFace (Version: 3.6.0.0921)
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
Winamp (Version: 5.601 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Driver Package - Lenovo (ACPIVPC) System  (05/19/2009 4.4.0.1) (Version: 05/19/2009 4.4.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 4090.6 MB
Available physical RAM: 2432.04 MB
Total Pagefile: 8179.38 MB
Available Pagefile: 6177.15 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.89 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:420.56 GB) (Free:324.67 GB) NTFS
2 Drive d: (Lenovo) (Fixed) (Total:30.25 GB) (Free:29.18 GB) NTFS

========================= Users: ========================================

User accounts for \\LENOVOY550

Administrator            Christopher              Guest                    
Jack                     Sarah                    Thomas                   


**** End of log ****
 



#14 xingxang

xingxang
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 04 January 2014 - 02:05 PM

Eset log:

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Coupon Companion Plugin\ButtonUtil.dll.vir    a variant of Win32/Toolbar.CrossRider.G application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Coupon Companion Plugin\Coupon Companion Plugin-bg.exe.vir    a variant of Win32/Toolbar.CrossRider.E application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Coupon Companion Plugin\Coupon Companion Plugin.exe.vir    a variant of Win32/Toolbar.CrossRider.E application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Coupon Companion Plugin\Coupon Companion PluginGui.exe.vir    a variant of Win32/Toolbar.CrossRider.F application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Coupon Companion Plugin\Uninstall.exe.vir    multiple threats    cleaned by deleting - quarantined
C:\Users\Christopher\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T2YPNXN2\updater[1].exe    Win32/Packed.ScrambleWrapper.E application    cleaned by deleting - quarantined
C:\Users\Christopher\AppData\Local\Temp\21804_updater.exe    Win32/Packed.ScrambleWrapper.E application    cleaned by deleting - quarantined
C:\Users\Christopher\Downloads\cbsidlm-tr1_10a-FreeMeter-BP-10073311.exe    Win32/DownloadAdmin.G application    cleaned by deleting - quarantined
C:\Users\Christopher\Downloads\cdbxp_setup_4.3.8.2474.exe    Win32/OpenCandy application    cleaned by deleting - quarantined
C:\Users\Christopher\Downloads\CuteWriter.exe    multiple threats    cleaned by deleting - quarantined
 



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:55 AM

Posted 05 January 2014 - 11:09 AM

If you are still hijacked.

In FireFox it may be the Add ons/Plugins. First look for Sendori and if there disable. Or
Try disabling them one at a time and see which one was at fault.

How to disable extensions and plugins

Keeping your third-party plugins up to date
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users