Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Crazy Problem In Google Chrome


  • Please log in to reply
10 replies to this topic

#1 dunnage82

dunnage82

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 03 January 2014 - 10:48 AM

So the girlfriend and I pass out watching Dexter last night and when we wake up this morning her tab in google chrome that was previously on www.ratemyprofessor.com was now on a query result from a website www.aliexpress.com with the query being "sex toys". We both swear that neither of us is playing a joke on the other as it is kind of funny... but I'd like to figure out what happened. It wasn't a new tab because I was able to click the back button and return to ratemyprofessor... however when I pull the history this is what confuses me.  It was at 3:54 a.m. and it went straight from ratemyprofessor to the query result page.  It confuses me because there was no traffic to the page itself just the query result.  I'm guessing since she had visited the website before she has a cookie of some sort that likes to search sex toys?  I'm at a loss here.  If anyone has any ideas let me know.  If I need to clarify this a little more let me know that too.  I'll send some screenshots showing you what I mean.  Anyways, thanks for the help!


Edited by hamluis, 03 January 2014 - 02:02 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,364 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:09:55 PM

Posted 03 January 2014 - 02:01 PM

What browser are you using?

 

Please download AdwCleaner and run it.

 
An image like the one below will open, click on Scan.
 
adwcleaner11_zps48314883.png
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  
 
You will receive a message telling you that all programs will be close so that the infections can be removed.  Click on Ok.
 
When cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your next post.

Edited by dc3, 03 January 2014 - 02:07 PM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 Greg62702

Greg62702

  • Banned
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:55 PM

Posted 03 January 2014 - 05:22 PM

Also make sure you go to https://www.google.com/settings/chrome/sync and do a Stop & Clear on all sync'd items from Chrome, if she or you were signed into Chrome.  Just doing ADW alone, if you do not flush the sync'd info from the Google servers, the problem will come back.



#4 dunnage82

dunnage82
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 05 January 2014 - 10:20 AM

I'm using google chrome as a browser...

 

Heres the ADwCleaner report

 

# AdwCleaner v3.016 - Report created 05/01/2014 at 10:10:44
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Wendy - WENDY-VAIO
# Running from : C:\Users\Wendy\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files (x86)\BabylonToolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DVDVideoSoftTB
Folder Deleted : C:\Program Files (x86)\Coupons.com
Folder Deleted : C:\Program Files (x86)\Reganam
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\Wendy\AppData\Local\Babylon
Folder Deleted : C:\Users\Wendy\AppData\Local\Conduit
Folder Deleted : C:\Users\Wendy\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Wendy\AppData\LocalLow\DVDVideoSoftTB
Folder Deleted : C:\Users\Wendy\AppData\LocalLow\Coupons.com
Folder Deleted : C:\Users\Wendy\AppData\LocalLow\Reganam
Folder Deleted : C:\Users\Wendy\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\Wendy\AppData\Roaming\pccustubinstaller
Folder Deleted : C:\Users\Trey\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Trey\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Trey\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Trey\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Trey\AppData\LocalLow\Coupons.com
Folder Deleted : C:\Users\Trey\AppData\LocalLow\Reganam
Folder Deleted : C:\Users\Get up & Get at it\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Get up & Get at it\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Get up & Get at it\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Get up & Get at it\AppData\LocalLow\DVDVideoSoftTB
Folder Deleted : C:\Users\Get up & Get at it\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Get up & Get at it\AppData\LocalLow\Coupons.com
Folder Deleted : C:\Users\Get up & Get at it\AppData\LocalLow\Reganam
Folder Deleted : C:\Users\Wendy\AppData\Roaming\Mozilla\Firefox\Profiles\o69n1tar.default\ConduitCommon
Folder Deleted : C:\Users\Wendy\AppData\Roaming\Mozilla\Firefox\Profiles\o69n1tar.default\CT2269050
Folder Deleted : C:\Users\Wendy\AppData\Roaming\Mozilla\Firefox\Profiles\o69n1tar.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Folder Deleted : C:\Users\Wendy\AppData\Roaming\Mozilla\Firefox\Profiles\o69n1tar.default\Extensions\{37153479-1976-43c3-a1ee-557513977b64}
Folder Deleted : C:\Users\Wendy\AppData\Roaming\Mozilla\Firefox\Profiles\o69n1tar.default\Extensions\{db9d7a78-a76c-4bf2-97c6-258925ee1542}
Folder Deleted : C:\Users\Trey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\Get up & Get at it\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Users\Wendy\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Users\Wendy\AppData\Roaming\Mozilla\Firefox\Profiles\o69n1tar.default\searchplugins\my-web-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Trey\AppData\Roaming\Mozilla\Firefox\Profiles\b2622qhn.default\searchplugins\search.xml
File Deleted : C:\Users\Wendy\AppData\Roaming\Mozilla\Firefox\Profiles\o69n1tar.default\user.js
 
***** [ Shortcuts ] *****
 
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Messenger\View Inbox.lnk
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1601497
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2559647
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37153479-1976-43C3-A1EE-557513977B64}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37AE00AB-70CA-4E98-B1CE-DC138AE847FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB9D7A78-A76C-4BF2-97C6-258925EE1542}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BD7C7D02-6B18-4B3A-A2FB-AA7F13C73230}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A8E5842E-102B-4289-9D57-3B3F5B5E15D3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37153479-1976-43C3-A1EE-557513977B64}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DB9D7A78-A76C-4BF2-97C6-258925EE1542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{37153479-1976-43C3-A1EE-557513977B64}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB9D7A78-A76C-4BF2-97C6-258925EE1542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{37153479-1976-43C3-A1EE-557513977B64}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB9D7A78-A76C-4BF2-97C6-258925EE1542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{37AE00AB-70CA-4E98-B1CE-DC138AE847FA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BD7C7D02-6B18-4B3A-A2FB-AA7F13C73230}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63940000-3647-4467-AB03-63EE9468D8AD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BDBC024C-58ED-4ED6-9BE8-2B319A2703D6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B1F05780-775C-460D-B74C-8C98139C6830}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5130515E-4194-4C61-A6FE-1DFD718A8FF8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08D49976-6B36-4859-96B5-D2A4FC8C40EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98955CE1-A3B3-4B8F-B248-2EB640D7E9CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{37153479-1976-43C3-A1EE-557513977B64}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DB9D7A78-A76C-4BF2-97C6-258925EE1542}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{37153479-1976-43C3-A1EE-557513977B64}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{DB9D7A78-A76C-4BF2-97C6-258925EE1542}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Key Deleted : HKCU\Software\AppDataLow\Software\Coupons.com
Key Deleted : HKCU\Software\AppDataLow\Software\Reganam
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\Software\DVDVideoSoftTB
Key Deleted : HKLM\Software\Coupons.com
Key Deleted : HKLM\Software\Reganam
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupons.com Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reganam Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Mozilla Firefox v25.0.1 (en-US)
 
[ File : C:\Users\Wendy\AppData\Roaming\Mozilla\Firefox\Profiles\o69n1tar.default\prefs.js ]
 
Line Deleted : user_pref("CT2269050..clientLogIsEnabled", true);
Line Deleted : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2269050.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2269050.BrowserCompStateIsOpen_129681780741097243", true);
Line Deleted : user_pref("CT2269050.CTID", "CT2269050");
Line Deleted : user_pref("CT2269050.CurrentServerDate", "8-3-2012");
Line Deleted : user_pref("CT2269050.DSInstall", true);
Line Deleted : user_pref("CT2269050.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2269050.DialogsGetterLastCheckTime", "Tue Mar 06 2012 22:37:24 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2269050.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2269050.EMailNotifierPollDate", "Wed Mar 07 2012 22:23:24 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2269050.FirstServerDate", "7-3-2012");
Line Deleted : user_pref("CT2269050.FirstTime", true);
Line Deleted : user_pref("CT2269050.FirstTimeFF3", true);
Line Deleted : user_pref("CT2269050.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2269050.HPChangedManually", false);
Line Deleted : user_pref("CT2269050.HPInstall", true);
Line Deleted : user_pref("CT2269050.HPProtectChoice", true);
Line Deleted : user_pref("CT2269050.HPProtectCount", 1);
Line Deleted : user_pref("CT2269050.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2269050.HomePageProtectorEnabled", false);
Line Deleted : user_pref("CT2269050.HomepageBeforeUnload", "hxxp://search.conduit.com/?SSPV=FFOB1&ctid=CT2269050&SearchSource=13");
Line Deleted : user_pref("CT2269050.Initialize", true);
Line Deleted : user_pref("CT2269050.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2269050.InstallationType", "UnknownIntegration");
Line Deleted : user_pref("CT2269050.InstalledDate", "Tue Mar 06 2012 22:37:24 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2269050.InvalidateCache", false);
Line Deleted : user_pref("CT2269050.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT2269050.IsGrouping", false);
Line Deleted : user_pref("CT2269050.IsInitSetupIni", true);
Line Deleted : user_pref("CT2269050.IsMulticommunity", false);
Line Deleted : user_pref("CT2269050.IsOpenThankYouPage", false);
Line Deleted : user_pref("CT2269050.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT2269050.IsProtectorsInit", true);
Line Deleted : user_pref("CT2269050.LanguagePackLastCheckTime", "Tue Mar 06 2012 22:37:28 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2269050.LastLogin_3.10.0.250", "Wed Mar 07 2012 20:53:24 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2269050.LatestVersion", "3.10.0.1");
Line Deleted : user_pref("CT2269050.Locale", "en");
Line Deleted : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2269050.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT2269050.OriginalFirstVersion", "3.10.0.250");
Line Deleted : user_pref("CT2269050.RadioIsPodcast", false);
Line Deleted : user_pref("CT2269050.RadioLastCheckTime", "Tue Mar 06 2012 22:37:26 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Line Deleted : user_pref("CT2269050.RadioMediaID", "12473383");
Line Deleted : user_pref("CT2269050.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Line Deleted : user_pref("CT2269050.RadioShrinkedFromSetup", false);
Line Deleted : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Line Deleted : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Line Deleted : user_pref("CT2269050.SavedHomepage", "hxxp://www.google.com/ig");
Line Deleted : user_pref("CT2269050.SearchCaption", "DVDVideoSoftTB Customized Web Search");
Line Deleted : user_pref("CT2269050.SearchEngineBeforeUnload", "DVDVideoSoftTB Customized Web Search");
Line Deleted : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOB1&ctid=CT2269050&SearchSource=2&q=");
Line Deleted : user_pref("CT2269050.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Tue Mar 06 2012 22:37:29 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2269050.SearchProtectorEnabled", true);
Line Deleted : user_pref("CT2269050.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT2269050.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT2269050.ServiceMapLastCheckTime", "Tue Mar 06 2012 22:37:23 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2269050.SettingsLastCheckTime", "Wed Mar 07 2012 20:53:22 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2269050.SettingsLastUpdate", "1330959769");
Line Deleted : user_pref("CT2269050.TBHomePageUrl", "hxxp://search.conduit.com/?SSPV=FFOB1&ctid=CT2269050&SearchSource=13");
Line Deleted : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Tue Mar 06 2012 22:37:23 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1312887586");
Line Deleted : user_pref("CT2269050.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2269050");
Line Deleted : user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT2269050.UserID", "UN11339054243698454");
Line Deleted : user_pref("CT2269050.ValidationData_Toolbar", 1);
Line Deleted : user_pref("CT2269050.WeatherNetwork", "");
Line Deleted : user_pref("CT2269050.WeatherPollDate", "Wed Mar 07 2012 22:23:25 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2269050.WeatherUnit", "C");
Line Deleted : user_pref("CT2269050.alertChannelId", "666138");
Line Deleted : user_pref("CT2269050.autoDisableScopes", -1);
Line Deleted : user_pref("CT2269050.backendstorage.cbfirsttime", "547565204D617220303620323031322032323A33383A303120474D542D3035303020284561737465726E205374616E646172642054696D6529");
Line Deleted : user_pref("CT2269050.backendstorage.shoppingapp.gk.exipres", "53756E204D617220313120323031322032323A33373A353620474D542D3034303020284561737465726E204461796C696768742054696D6529");
Line Deleted : user_pref("CT2269050.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573");
Line Deleted : user_pref("CT2269050.backendstorage.url_history0001", "687474703A2F2F7777772E66616365626F6F6B2E636F6D2F3F736B3D685F636872233A3A3A636C69636B68616E646C65723A3A3A313333313136373039353730332C2C2C687474703[...]
Line Deleted : user_pref("CT2269050.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT2269050.globalFirstTimeInfoLastCheckTime", "Tue Mar 06 2012 22:37:25 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2269050.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2269050.initDone", true);
Line Deleted : user_pref("CT2269050.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT2269050.isFirstRadioInstallation", false);
Line Deleted : user_pref("CT2269050.myStuffEnabled", true);
Line Deleted : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2269050.navigateToUrlOnSearch", false);
Line Deleted : user_pref("CT2269050.revertSettingsEnabled", false);
Line Deleted : user_pref("CT2269050.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT2269050.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2269050.testingCtid", "");
Line Deleted : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Tue Mar 06 2012 22:37:24 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Tue Mar 06 2012 22:37:28 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2269050.usagesFlag", 2);
Line Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?SSPV=FFOB1&ctid=CT2269050&SearchSource=13");
Line Deleted : user_pref("CommunityToolbar.ConduitSearchList", "DVDVideoSoftTB Customized Web Search");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2269050/CT2269050", "\"6c963622372b6e7c7a837b72019f3eff1\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/US", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", "\"1323704474\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wVmmvqqOMqrv5xct1cJIHg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "0uSPYx+Kl2jpu8sJZMeHjw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "Dclc8oo4TTv7+mAkSlUSWg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "cTVrc75U9YwdI74PAhUYFw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"d229fa25f6c9cc1:12e4\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10.0.250", "\"801a319dd78ccc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050", "\"7097bb27983d23fb65dfbd9398fad22c\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"15c6875f0df8cf57859fb5c237274efb\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Wendy\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\o69n1tar.default\\conduitCommon\\modules\\3.10.0.250");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.10.0.250");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2269050");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2269050");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "98a97b6a-f826-43bc-bb0a-6a8d1ad05f89");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Mar 06 2012 22:37:28 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Mar 06 2012 23:37:38 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Mar 06 2012 22:37:23 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "403e448a-a602-4088-85de-8b64d538c507");
Line Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.com/ig");
Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "DVDVideoSoftTB Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOB1&ctid=CT2269050&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=101641");
Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "7a10cf14000000000000a2004ebc253e");
Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "7a10cf14000000000000a2004ebc253e");
Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15363");
Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.171:03:54");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
 
[ File : C:\Users\Trey\AppData\Roaming\Mozilla\Firefox\Profiles\b2622qhn.default\prefs.js ]
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\Wendy\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\Trey\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : urls_to_restore_on_startup
 
[ File : C:\Users\Get up & Get at it\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : homepage
 
*************************
 
AdwCleaner[R0].txt - [31742 octets] - [05/01/2014 10:06:49]
AdwCleaner[S0].txt - [30915 octets] - [05/01/2014 10:10:44]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [30976 octets] ##########
 
 
I also ran malwarebytes... heres that report as well
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.01.03.05
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Wendy :: WENDY-VAIO [administrator]
 
1/3/2014 12:26:55 PM
mbam-log-2014-01-03 (12-26-55).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 546194
Time elapsed: 2 hour(s), 32 minute(s), 27 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 23
HKCR\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\esrv.BabylonESrvc.1 (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\esrv.BabylonESrvc (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\b (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\Typelib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\bbylnApp.appCore.1 (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\bbylnApp.appCore (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\Babylon.dskBnd.1 (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\Babylon.dskBnd (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\BabylonToolbar (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{98889811-442D-49DD-99D7-DC866BE87DBC} (PUP.Optional.BabylonToolBar.A) -> Data: Babylon Toolbar -> Quarantined and deleted successfully.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0F0Q0CtG1LtH2W -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 4
C:\Users\Wendy\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Wendy\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Wendy\AppData\Roaming\OpenCandy\A09948FF054A448580166CD4EDD9F8C9 (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Wendy\AppData\Roaming\OpenCandy\OpenCandy_A09948FF054A448580166CD4EDD9F8C9 (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
 
Files Detected: 13
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\uninstall.exe (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Users\Trey\Downloads\mplayer_tuguu.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Users\Trey\Downloads\musicoasis_d2679793.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Users\Trey\Music\iTunes\iTunes Media\Automatically Add to iTunes\Not Added\2013-01-15 20.03.25\video_downloader (3).exe (PUP.BundleInstaller.VG) -> Quarantined and deleted successfully.
C:\Users\Trey\Music\iTunes\iTunes Media\Automatically Add to iTunes\Not Added\2013-01-15 20.03.25\video_downloader.exe (PUP.BundleInstaller.VG) -> Quarantined and deleted successfully.
C:\Users\Wendy\Downloads\InternationalPrimoPDF.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Wendy\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Wendy\AppData\Roaming\OpenCandy\A09948FF054A448580166CD4EDD9F8C9\nitro_pdf_reader2_x64.msi (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
 
(end)
 


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:55 AM

Posted 05 January 2014 - 10:58 AM

Also run these and let us know how it is after.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.
.
.

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
.
.
.
.
  • Last run ESET.
    • Hold down Control and click on this link to open ESET OnlineScan in a new window.
    • Click the esetonlinebtn.png button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.
    • Under scan settings, check "Scan Archives" and "Remove found threats"
    • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Click the Back button.
    • Click the Finish button.
    • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Bergie2005

Bergie2005

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 05 January 2014 - 11:14 AM

Whoa!  Some pretty elaborate fixes here.  I ran SpyBot and did a system restore and the  problem disappeared.



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:55 AM

Posted 05 January 2014 - 11:29 AM

Glad that worked for you.

mvps.org is no longer recommending Spybot S&D (or Ad-Aware) due to poor testing results. See here - (scroll down and read under Freeware Antispyware Products). Further, most people don't understand how to use Spybot's TeaTimer and that feature can cause more problems than it's worth. TeaTimer monitors changes to certain critical keys in Windows registry but does not indicate if the change is normal or a modification made by a malware infection. The user must have an understanding of the registry and how TeaTimer works in order to make informed decisions to allow or deny the detected changes. If you don't have understanding how a particular security tool works, then you probably should not be using it. Additionally, TeaTimer may conflict with other security tools which do a much better job of protecting your computer and in some cases it will even prevent disinfection of malware by those tools.

Was once a great tool, hoping that it makes a comeback.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 dunnage82

dunnage82
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 05 January 2014 - 01:05 PM

Heres the mini toolbox results

 

MiniToolBox by Farbar  Version: 18-12-2013
Ran by Wendy (administrator) on 05-01-2014 at 13:02:05
Running from "C:\Users\Wendy\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Hardware not present)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global
add address name="Local Area Connection" address=192.168.137.1 mask=255.255.255.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Wendy-VAIO
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : zyxel.com
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 78-84-3C-E2-28-F2
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : zyxel.com
   Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
   Physical Address. . . . . . . . . : 90-00-4E-BC-25-3E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::54e2:6d7d:cb94:7b0f%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.63(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, January 05, 2014 10:14:23 AM
   Lease Expires . . . . . . . . . . : Sunday, January 05, 2014 2:01:25 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 244318286
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-79-3F-73-78-84-3C-E2-28-F2
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:38df:196:cd74:30c(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::38df:196:cd74:30c%15(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.zyxel.com:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : zyxel.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{AA64AA16-7FAE-46E0-ADDB-13D6AFDC46A9}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  NBG-416N
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4000:801::1002
 74.125.227.160
 74.125.227.162
 74.125.227.169
 74.125.227.164
 74.125.227.163
 74.125.227.166
 74.125.227.174
 74.125.227.167
 74.125.227.161
 74.125.227.165
 74.125.227.168
 
 
Pinging google.com [74.125.227.168] with 32 bytes of data:
Reply from 74.125.227.168: bytes=32 time=51ms TTL=54
Reply from 74.125.227.168: bytes=32 time=53ms TTL=54
 
Ping statistics for 74.125.227.168:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 51ms, Maximum = 53ms, Average = 52ms
Server:  NBG-416N
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=99ms TTL=46
Reply from 206.190.36.45: bytes=32 time=102ms TTL=46
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 99ms, Maximum = 102ms, Average = 100ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...78 84 3c e2 28 f2 ......Realtek PCIe GBE Family Controller
 11...90 00 4e bc 25 3e ......Atheros AR9285 Wireless Network Adapter
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.63     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.63    281
     192.168.1.63  255.255.255.255         On-link      192.168.1.63    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.63    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.63    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.63    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 15     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 15     58 2001::/32                On-link
 15    306 2001:0:5ef5:79fd:38df:196:cd74:30c/128
                                    On-link
 11    281 fe80::/64                On-link
 15    306 fe80::/64                On-link
 15    306 fe80::38df:196:cd74:30c/128
                                    On-link
 11    281 fe80::54e2:6d7d:cb94:7b0f/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/05/2014 10:15:51 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/05/2014 09:58:48 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/04/2014 00:09:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3136
 
Error: (01/04/2014 00:09:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3136
 
Error: (01/04/2014 00:09:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/04/2014 00:09:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2122
 
Error: (01/04/2014 00:09:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2122
 
Error: (01/04/2014 00:09:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/04/2014 00:09:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1108
 
Error: (01/04/2014 00:09:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1108
 
 
System errors:
=============
Error: (01/05/2014 10:15:26 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (01/05/2014 10:15:21 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/05/2014 09:58:19 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (01/05/2014 09:58:16 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/05/2014 09:49:32 AM) (Source: ipnathlp) (User: )
Description: 0
 
Error: (01/03/2014 11:27:35 PM) (Source: ipnathlp) (User: )
Description: 0
 
Error: (01/03/2014 03:19:55 PM) (Source: ipnathlp) (User: )
Description: 0
 
Error: (01/03/2014 01:58:31 PM) (Source: ipnathlp) (User: )
Description: 0
 
Error: (01/03/2014 11:16:59 AM) (Source: ipnathlp) (User: )
Description: 0
 
Error: (01/03/2014 11:16:39 AM) (Source: ipnathlp) (User: )
Description: 0
 
 
Microsoft Office Sessions:
=========================
Error: (11/22/2013 09:49:39 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 2123664 seconds with 9120 seconds of active time.  This session ended with a crash.
 
Error: (11/03/2013 05:03:34 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 3372 seconds with 1080 seconds of active time.  This session ended with a crash.
 
Error: (03/06/2012 11:09:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3084 seconds with 1020 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-05-14 09:37:45.254
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-14 09:37:45.191
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
 Update for Microsoft Office 2007 (KB2508958)
3GP Player 2011 (Version: 1.3)
4660_4680_Help (Version: 1.00.0000)
64 Bit HP CIO Components Installer (Version: 7.2.8)
6500_E709_eDocs (Version: 1.00.0000)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Reader X (10.1.8) MUI (Version: 10.1.8)
Alps Pointing-device for VAIO
Amazon Kindle
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Application Manager for VAIO
ArcSoft Magic-i Visual Effects 2 (Version: 2.0.1.142)
ArcSoft WebCam Companion 4 (Version: 4.0.21.485)
Bing Bar (Version: 7.2.241.0)
Bonjour (Version: 3.0.0.10)
bpd_scan (Version: 3.00.0000)
BPDSoftware (Version: 140.0.000.000)
BPDSoftware_Ini (Version: 1.00.0000)
Brother MFL-Pro Suite MFC-9325CW (Version: 2.0.1.0)
BufferChm (Version: 140.0.213.000)
Canon MP250 series MP Drivers
CCleaner (Version: 3.09)
Comcast Desktop Software (v1.2.1) (Version: 24)
Conexant HD Audio (Version: 8.54.0.53)
Coupon Printer for Windows (Version: 5.0.0.1)
D3DX10 (Version: 15.4.2368.0902)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 140.0.213.000)
DocMgr (Version: 140.0.65.000)
DocProc (Version: 140.0.100.000)
DriverBoost (Version: 8)
Fax (Version: 140.0.213.000)
Free YouTube to MP3 Converter version 3.10.17.221 (Version: 3.10.17.221)
Google Chrome (Version: 31.0.1650.63)
Google Desktop (Version: 5.9.1005.12335)
Google Drive (Version: 1.13.5782.599)
Google Earth (Version: 6.2.2.6613)
Google Earth Packages
Google Talk Plugin (Version: 3.9.1.9832)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4805.320)
Google Update Helper (Version: 1.3.22.3)
GPBaseService2 (Version: 140.0.212.000)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Document Manager 2.0 (Version: 2.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Officejet 6500 E709 Series (Version: 14.0)
HP OfficeJet J4600 All-In-One Series (Version: 14.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.003.001.001)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 140.0.213.000)
HPSSupply (Version: 140.0.212.000)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2455)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
iTunes (Version: 11.0.4.4)
J4680 (Version: 140.0.000.000)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 22 (64-bit) (Version: 6.0.220)
Java™ 6 Update 22 (Version: 6.0.220)
Junk Mail filter update (Version: 15.4.3502.0922)
LogMeIn (Version: 4.1.1868)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 140.0.214.000)
McAfee Security Scan Plus (Version: 3.0.318.3)
Media Gallery (Version: 1.5.0.16020)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SkyDrive (Version: 17.0.2015.0811)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Mozilla Firefox 25.0.1 (x86 en-US) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
NaturalReaderFree (Version: 11.5)
Network64 (Version: 140.0.215.000)
Network64 (Version: 140.0.221.000)
Nitro Reader 3 (Version: 3.5.2.10)
Norton PC Checkup (Version: 2.0.17.20)
Norton PC Checkup (Version: 3.0.2.122.0)
Oasis2Service (Version: 1.0.4)
OCR Software by I.R.I.S. 14.0 (Version: 14.0)
OOBE (Version: 11.2.1.10)
PaperPort Image Printer 64-bit (Version: 1.00.0000)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PMB (Version: 5.5.02.12220)
PMB VAIO Edition Plug-in (Version: 1.5.00.02250)
PMB VAIO Edition Plug-in (Version: 1.5.01.04010)
PrimoPDF -- brought to you by Nitro PDF Software (Version: 5)
ProductContext (Version: 140.0.000.000)
QuickBooks (Version: 19.0.4013.705)
QuickBooks (Version: 23.0.4006.2305)
QuickBooks Pro 2007 (Version: )
QuickBooks Pro 2009 (Version: 19.0.4013.705)
QuickBooks Pro 2013 (Version: 23.0.4005.2305)
QuickBooks Product Listing Service (Version: 2.0.126)
Quicken 2011 (Version: 20.1.8.6)
Quicken 2013 (Version: 22.1.12.7)
QuickTime (Version: 7.74.80.86)
Realtek PCIE Card Reader (Version: 6.1.7600.80)
Remote Keyboard (Version: 1.1.1.03020)
Remote Play with PlayStation 3 (Version: 1.1.0.15070)
Scan (Version: 140.0.167.000)
ScanSoft PaperPort 11 (Version: 11.2.0000)
Secure Download Manager (Version: 3.1.20)
Shop for HP Supplies (Version: 14.0)
SmartWebPrinting (Version: 140.0.213.000)
SolutionCenter (Version: 140.0.214.000)
Sony Corporation (Version: 1.0.0)
SSLx64 (Version: 1.0.0)
SSLx86 (Version: 1.0.0)
Status (Version: 140.0.256.000)
SupportSoft Assisted Service (Version: 15)
Tango (Version: 1.6.14117)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.213.000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VAIO - Media Gallery (Version: 1.5.0.16020)
VAIO - PMB VAIO Edition Guide (Version: 1.5.00.02250)
VAIO - PMB VAIO Edition Plug-in (Version: 1.5.01.04060)
VAIO - Remote Keyboard (Version: 1.0.1.03020)
VAIO - Remote Play with PlayStation®3 (Version: 1.1.0.15070)
VAIO Care (Version: 6.4.2.11150)
VAIO Control Center (Version: 4.5.0.03040)
VAIO Data Restore Tool (Version: 1.6.0.13140)
VAIO Easy Connect (Version: 1.1.2.01120)
VAIO Event Service (Version: 5.5.0.03040)
VAIO Gate (Version: 2.4.1.09230)
VAIO Gate Default (Version: 2.4.0.03240)
VAIO Hardware Diagnostics (Version: 4.2.0.14280)
VAIO Help and Support (Version: 14.00.0125)
VAIO Improvement (Version: 1.0.0.14150)
VAIO Manual (Version: 2.0.0.02250)
VAIO Messenger (Version: 2.0.550.0)
VAIO Quick Web Access (Version: 1.4.5.3)
VAIO Sample Contents (Version: 1.4.0.09010)
VAIO Satisfaction Survey. (Version: 3.0)
VAIO Smart Network (Version: 3.5.0.02280)
VAIO Transfer Support (Version: 1.4.0.14230)
VAIO Update (Version: 6.1.1.10250)
VCCx86 (Version: 1.0.0)
VESx64 (Version: 1.0.0)
VESx86 (Version: 1.0.0)
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (Version: 1)
VIx64 (Version: 1.0.0)
VIx86 (Version: 1.0.0)
VSNx64 (Version: 1.0.0)
VU5x64 (Version: 1.1.0)
VU5x86 (Version: 1.0.0)
VU5x86 (Version: 1.1.0)
VWSTx86 (Version: 1.0.0)
WebReg (Version: 140.0.213.017)
Windows Driver Package - Atheros Communications Inc. (athr) Net  (11/13/2010 9.2.0.113) (Version: 11/13/2010 9.2.0.113)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 48%
Total physical RAM: 4043.86 MB
Available physical RAM: 2067.79 MB
Total Pagefile: 8085.9 MB
Available Pagefile: 5282.65 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.45 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:455.34 GB) (Free:333.16 GB) NTFS
2 Drive e: (KNOCKED_UP) (CDROM) (Total:7.69 GB) (Free:0 GB) UDF
 
========================= Users: ========================================
 
User accounts for \\WENDY-VAIO
 
Administrator            ASPNET                   Get up & Get at it       
Guest                    QBDataServiceUser19      QBDataServiceUser23      
Trey                     Wendy                    
 
 
**** End of log ****


#9 dunnage82

dunnage82
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 05 January 2014 - 01:06 PM

Heres the TDSS killer report

 

13:05:32.0051 0x14f0  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
13:05:39.0593 0x14f0  ============================================================
13:05:39.0593 0x14f0  Current date / time: 2014/01/05 13:05:39.0593
13:05:39.0593 0x14f0  SystemInfo:
13:05:39.0593 0x14f0  
13:05:39.0593 0x14f0  OS Version: 6.1.7601 ServicePack: 1.0
13:05:39.0593 0x14f0  Product type: Workstation
13:05:39.0594 0x14f0  ComputerName: WENDY-VAIO
13:05:39.0595 0x14f0  UserName: Wendy
13:05:39.0595 0x14f0  Windows directory: C:\Windows
13:05:39.0595 0x14f0  System windows directory: C:\Windows
13:05:39.0595 0x14f0  Running under WOW64
13:05:39.0596 0x14f0  Processor architecture: Intel x64
13:05:39.0596 0x14f0  Number of processors: 2
13:05:39.0596 0x14f0  Page size: 0x1000
13:05:39.0596 0x14f0  Boot type: Normal boot
13:05:39.0596 0x14f0  ============================================================
13:05:42.0340 0x14f0  KLMD registered as C:\Windows\system32\drivers\02185672.sys
13:05:42.0701 0x14f0  System UUID: {BC8D3F8B-7B22-753C-7495-CB2A903AF772}
13:05:44.0048 0x14f0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:05:44.0054 0x14f0  ============================================================
13:05:44.0054 0x14f0  \Device\Harddisk0\DR0:
13:05:44.0055 0x14f0  MBR partitions:
13:05:44.0055 0x14f0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14A7000, BlocksNum 0x32000
13:05:44.0055 0x14f0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x14D9000, BlocksNum 0x38EAC830
13:05:44.0055 0x14f0  ============================================================
13:05:44.0084 0x14f0  C: <-> \Device\Harddisk0\DR0\Partition2
13:05:44.0084 0x14f0  ============================================================
13:05:44.0084 0x14f0  Initialize success
13:05:44.0084 0x14f0  ============================================================
13:05:49.0438 0x18bc  ============================================================
13:05:49.0439 0x18bc  Scan started
13:05:49.0439 0x18bc  Mode: Manual; 
13:05:49.0439 0x18bc  ============================================================
13:05:49.0439 0x18bc  KSN ping started
13:05:52.0388 0x18bc  KSN ping finished: true
13:05:53.0217 0x18bc  ================ Scan system memory ========================
13:05:53.0217 0x18bc  System memory - ok
13:05:53.0218 0x18bc  ================ Scan services =============================
13:05:53.0443 0x18bc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:05:53.0474 0x18bc  1394ohci - ok
13:05:53.0611 0x18bc  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
13:05:53.0621 0x18bc  ACDaemon - ok
13:05:53.0675 0x18bc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:05:53.0722 0x18bc  ACPI - ok
13:05:53.0763 0x18bc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:05:53.0769 0x18bc  AcpiPmi - ok
13:05:53.0870 0x18bc  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:05:53.0877 0x18bc  AdobeARMservice - ok
13:05:54.0002 0x18bc  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:05:54.0033 0x18bc  AdobeFlashPlayerUpdateSvc - ok
13:05:54.0118 0x18bc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:05:54.0167 0x18bc  adp94xx - ok
13:05:54.0242 0x18bc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:05:54.0276 0x18bc  adpahci - ok
13:05:54.0322 0x18bc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:05:54.0349 0x18bc  adpu320 - ok
13:05:54.0405 0x18bc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:05:54.0412 0x18bc  AeLookupSvc - ok
13:05:54.0524 0x18bc  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
13:05:54.0568 0x18bc  AFD - ok
13:05:54.0605 0x18bc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
13:05:54.0612 0x18bc  agp440 - ok
13:05:54.0641 0x18bc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
13:05:54.0648 0x18bc  ALG - ok
13:05:54.0700 0x18bc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:05:54.0704 0x18bc  aliide - ok
13:05:54.0740 0x18bc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:05:54.0744 0x18bc  amdide - ok
13:05:54.0789 0x18bc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:05:54.0796 0x18bc  AmdK8 - ok
13:05:54.0818 0x18bc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
13:05:54.0825 0x18bc  AmdPPM - ok
13:05:54.0873 0x18bc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:05:54.0883 0x18bc  amdsata - ok
13:05:54.0937 0x18bc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:05:54.0959 0x18bc  amdsbs - ok
13:05:54.0980 0x18bc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:05:54.0982 0x18bc  amdxata - ok
13:05:55.0037 0x18bc  [ 363571BC0C79E394E69300D1F2E3DDAE, 4C9DDB848900081D95C14026B0E7B84419867685506E616E1FDA1B79B1FD224B ] androidusb      C:\Windows\system32\Drivers\androidusb.sys
13:05:55.0042 0x18bc  androidusb - ok
13:05:55.0126 0x18bc  [ 12BFA9EC4B03CC16BB7D19BAA308AEF2, 83EE94308BBDE5FBFC9D863CB0C14AAD487DA0AF34FFA446CF9B4BE0A68254C7 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
13:05:55.0159 0x18bc  ApfiltrService - ok
13:05:55.0210 0x18bc  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
13:05:55.0216 0x18bc  AppID - ok
13:05:55.0262 0x18bc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:05:55.0266 0x18bc  AppIDSvc - ok
13:05:55.0337 0x18bc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
13:05:55.0344 0x18bc  Appinfo - ok
13:05:55.0455 0x18bc  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:05:55.0462 0x18bc  Apple Mobile Device - ok
13:05:55.0505 0x18bc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
13:05:55.0514 0x18bc  arc - ok
13:05:55.0557 0x18bc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:05:55.0566 0x18bc  arcsas - ok
13:05:55.0602 0x18bc  [ C130BC4A51B1382B2BE8E44579EC4C0A, CC1FD33ED7CAD87A504D8678F8482CAECACD18C727BB97FFB86F39255563EEF2 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
13:05:55.0606 0x18bc  ArcSoftKsUFilter - ok
13:05:55.0722 0x18bc  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:05:55.0728 0x18bc  aspnet_state - ok
13:05:55.0761 0x18bc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:05:55.0765 0x18bc  AsyncMac - ok
13:05:55.0851 0x18bc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:05:55.0855 0x18bc  atapi - ok
13:05:56.0200 0x18bc  [ E8E1AE3CAA4C7286D40715336D8A11D4, 5269BB1C8E69787618F75AA5EC64F7B8298B9DB70A88FFB0C2C9411401BD9FFB ] athr            C:\Windows\system32\DRIVERS\athrx.sys
13:05:56.0401 0x18bc  athr - ok
13:05:56.0492 0x18bc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:05:56.0548 0x18bc  AudioEndpointBuilder - ok
13:05:56.0613 0x18bc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:05:56.0655 0x18bc  AudioSrv - ok
13:05:56.0704 0x18bc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:05:56.0716 0x18bc  AxInstSV - ok
13:05:56.0782 0x18bc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:05:56.0828 0x18bc  b06bdrv - ok
13:05:56.0889 0x18bc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:05:56.0922 0x18bc  b57nd60a - ok
13:05:57.0087 0x18bc  [ 369C1928C9BBED65C9E347448BD376B0, FFADEEBD2A24EB2C362958FAE467F7B319D9AE1EE9B5724CDB6B70FBE31E6EE8 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe
13:05:57.0109 0x18bc  BBSvc - ok
13:05:57.0200 0x18bc  [ 54949AFAC5CE6FA2E4D7846D4362BAB3, 1C7025FF250023991BB719C5E03C9F9EB861E08F3B11DFB2AFDC83A81F6A39DD ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
13:05:57.0231 0x18bc  BBUpdate - ok
13:05:57.0262 0x18bc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:05:57.0271 0x18bc  BDESVC - ok
13:05:57.0305 0x18bc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:05:57.0308 0x18bc  Beep - ok
13:05:57.0395 0x18bc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
13:05:57.0462 0x18bc  BFE - ok
13:05:57.0554 0x18bc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
13:05:57.0632 0x18bc  BITS - ok
13:05:57.0679 0x18bc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
13:05:57.0684 0x18bc  blbdrive - ok
13:05:57.0830 0x18bc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:05:57.0875 0x18bc  Bonjour Service - ok
13:05:57.0930 0x18bc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:05:57.0938 0x18bc  bowser - ok
13:05:57.0976 0x18bc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:05:57.0980 0x18bc  BrFiltLo - ok
13:05:58.0011 0x18bc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:05:58.0014 0x18bc  BrFiltUp - ok
13:05:58.0113 0x18bc  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
13:05:58.0123 0x18bc  BridgeMP - ok
13:05:58.0184 0x18bc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
13:05:58.0196 0x18bc  Browser - ok
13:05:58.0246 0x18bc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:05:58.0280 0x18bc  Brserid - ok
13:05:58.0319 0x18bc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:05:58.0326 0x18bc  BrSerWdm - ok
13:05:58.0338 0x18bc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:05:58.0343 0x18bc  BrUsbMdm - ok
13:05:58.0377 0x18bc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:05:58.0381 0x18bc  BrUsbSer - ok
13:05:58.0409 0x18bc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:05:58.0417 0x18bc  BTHMODEM - ok
13:05:58.0486 0x18bc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
13:05:58.0495 0x18bc  bthserv - ok
13:05:58.0527 0x18bc  catchme - ok
13:05:58.0578 0x18bc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:05:58.0588 0x18bc  cdfs - ok
13:05:58.0644 0x18bc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:05:58.0677 0x18bc  cdrom - ok
13:05:58.0736 0x18bc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:05:58.0744 0x18bc  CertPropSvc - ok
13:05:58.0770 0x18bc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:05:58.0775 0x18bc  circlass - ok
13:05:58.0821 0x18bc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
13:05:58.0855 0x18bc  CLFS - ok
13:05:58.0910 0x18bc  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:05:58.0918 0x18bc  clr_optimization_v2.0.50727_32 - ok
13:05:58.0965 0x18bc  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:05:58.0975 0x18bc  clr_optimization_v2.0.50727_64 - ok
13:05:59.0042 0x18bc  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:05:59.0053 0x18bc  clr_optimization_v4.0.30319_32 - ok
13:05:59.0107 0x18bc  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:05:59.0120 0x18bc  clr_optimization_v4.0.30319_64 - ok
13:05:59.0154 0x18bc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
13:05:59.0158 0x18bc  CmBatt - ok
13:05:59.0209 0x18bc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:05:59.0213 0x18bc  cmdide - ok
13:05:59.0279 0x18bc  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
13:05:59.0324 0x18bc  CNG - ok
13:05:59.0496 0x18bc  [ 1F394DF3714ED4280047810790E6DF69, 92AD804E0F0559BF76EA8DAE038B4CDE4EBB4C4BD7A53913B714BF936B03B85E ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
13:05:59.0619 0x18bc  CnxtHdAudService - ok
13:05:59.0670 0x18bc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
13:05:59.0672 0x18bc  Compbatt - ok
13:05:59.0714 0x18bc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
13:05:59.0720 0x18bc  CompositeBus - ok
13:05:59.0740 0x18bc  COMSysApp - ok
13:05:59.0767 0x18bc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:05:59.0771 0x18bc  crcdisk - ok
13:05:59.0842 0x18bc  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:05:59.0864 0x18bc  CryptSvc - ok
13:05:59.0927 0x18bc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:06:00.0006 0x18bc  DcomLaunch - ok
13:06:00.0090 0x18bc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:06:00.0124 0x18bc  defragsvc - ok
13:06:00.0159 0x18bc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:06:00.0168 0x18bc  DfsC - ok
13:06:00.0219 0x18bc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:06:00.0252 0x18bc  Dhcp - ok
13:06:00.0286 0x18bc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
13:06:00.0290 0x18bc  discache - ok
13:06:00.0324 0x18bc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
13:06:00.0332 0x18bc  Disk - ok
13:06:00.0393 0x18bc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:06:00.0415 0x18bc  Dnscache - ok
13:06:00.0475 0x18bc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:06:00.0508 0x18bc  dot3svc - ok
13:06:00.0568 0x18bc  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
13:06:00.0590 0x18bc  Dot4 - ok
13:06:00.0625 0x18bc  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:06:00.0629 0x18bc  Dot4Print - ok
13:06:00.0681 0x18bc  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
13:06:00.0686 0x18bc  dot4usb - ok
13:06:00.0730 0x18bc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
13:06:00.0752 0x18bc  DPS - ok
13:06:00.0812 0x18bc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:06:00.0816 0x18bc  drmkaud - ok
13:06:00.0936 0x18bc  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:06:01.0021 0x18bc  DXGKrnl - ok
13:06:01.0091 0x18bc  [ 50AD8FC1DC800FF36087994C8F7FDFF2, E3DA8DCE76599E0E1F0D80AA1483D6BECFE0F7242147D986A6AF3A4362FC2C80 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
13:06:01.0126 0x18bc  e1yexpress - ok
13:06:01.0183 0x18bc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
13:06:01.0193 0x18bc  EapHost - ok
13:06:01.0482 0x18bc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:06:01.0744 0x18bc  ebdrv - ok
13:06:01.0793 0x18bc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
13:06:01.0800 0x18bc  EFS - ok
13:06:01.0909 0x18bc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:06:01.0964 0x18bc  ehRecvr - ok
13:06:02.0007 0x18bc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
13:06:02.0017 0x18bc  ehSched - ok
13:06:02.0082 0x18bc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:06:02.0125 0x18bc  elxstor - ok
13:06:02.0151 0x18bc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:06:02.0154 0x18bc  ErrDev - ok
13:06:02.0234 0x18bc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
13:06:02.0269 0x18bc  EventSystem - ok
13:06:02.0324 0x18bc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:06:02.0346 0x18bc  exfat - ok
13:06:02.0382 0x18bc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:06:02.0403 0x18bc  fastfat - ok
13:06:02.0482 0x18bc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
13:06:02.0538 0x18bc  Fax - ok
13:06:02.0557 0x18bc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
13:06:02.0562 0x18bc  fdc - ok
13:06:02.0579 0x18bc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
13:06:02.0583 0x18bc  fdPHost - ok
13:06:02.0596 0x18bc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:06:02.0602 0x18bc  FDResPub - ok
13:06:02.0639 0x18bc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:06:02.0646 0x18bc  FileInfo - ok
13:06:02.0659 0x18bc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:06:02.0665 0x18bc  Filetrace - ok
13:06:02.0707 0x18bc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:06:02.0711 0x18bc  flpydisk - ok
13:06:02.0748 0x18bc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:06:02.0782 0x18bc  FltMgr - ok
13:06:02.0925 0x18bc  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
13:06:03.0026 0x18bc  FontCache - ok
13:06:03.0074 0x18bc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:06:03.0078 0x18bc  FontCache3.0.0.0 - ok
13:06:03.0101 0x18bc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:06:03.0108 0x18bc  FsDepends - ok
13:06:03.0170 0x18bc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:06:03.0174 0x18bc  Fs_Rec - ok
13:06:03.0245 0x18bc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:06:03.0283 0x18bc  fvevol - ok
13:06:03.0317 0x18bc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:06:03.0324 0x18bc  gagp30kx - ok
13:06:03.0380 0x18bc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:06:03.0385 0x18bc  GEARAspiWDM - ok
13:06:03.0480 0x18bc  [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F, 6D2B301E77839FFF1C74425B37D02C3F3837CE50E856C21AE4CF7ABABB04ADDC ] GoogleDesktopManager-051210-111108 C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
13:06:03.0485 0x18bc  GoogleDesktopManager-051210-111108 - ok
13:06:03.0583 0x18bc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:06:03.0654 0x18bc  gpsvc - ok
13:06:03.0750 0x18bc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:06:03.0760 0x18bc  gupdate - ok
13:06:03.0803 0x18bc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:06:03.0811 0x18bc  gupdatem - ok
13:06:03.0870 0x18bc  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:06:03.0900 0x18bc  gusvc - ok
13:06:03.0938 0x18bc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:06:03.0944 0x18bc  hcw85cir - ok
13:06:03.0989 0x18bc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:06:04.0023 0x18bc  HdAudAddService - ok
13:06:04.0061 0x18bc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
13:06:04.0072 0x18bc  HDAudBus - ok
13:06:04.0097 0x18bc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:06:04.0102 0x18bc  HidBatt - ok
13:06:04.0122 0x18bc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:06:04.0132 0x18bc  HidBth - ok
13:06:04.0166 0x18bc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:06:04.0171 0x18bc  HidIr - ok
13:06:04.0212 0x18bc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
13:06:04.0219 0x18bc  hidserv - ok
13:06:04.0280 0x18bc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
13:06:04.0285 0x18bc  HidUsb - ok
13:06:04.0313 0x18bc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:06:04.0324 0x18bc  hkmsvc - ok
13:06:04.0362 0x18bc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:06:04.0393 0x18bc  HomeGroupListener - ok
13:06:04.0433 0x18bc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:06:04.0463 0x18bc  HomeGroupProvider - ok
13:06:04.0639 0x18bc  [ 97AAC45A375168C6A2297BEEB9692E31, 9C7285988D0C5DE8E3608F4E9F50A5C9398FFD0DA0F4C965C953859001FC76C8 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:06:04.0674 0x18bc  hpqcxs08 - ok
13:06:04.0711 0x18bc  [ 19A4FB67B1C97EA18EDFF44340973CD9, F1B6A7C1E450FF9A1D10F315F17D42DFE8390E88FF1AED4DE35237C4B81FC81D ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
13:06:04.0723 0x18bc  hpqddsvc - ok
13:06:04.0751 0x18bc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:06:04.0759 0x18bc  HpSAMD - ok
13:06:04.0969 0x18bc  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
13:06:05.0090 0x18bc  HPSLPSVC - ok
13:06:05.0220 0x18bc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:06:05.0294 0x18bc  HTTP - ok
13:06:05.0325 0x18bc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:06:05.0328 0x18bc  hwpolicy - ok
13:06:05.0382 0x18bc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:06:05.0392 0x18bc  i8042prt - ok
13:06:05.0450 0x18bc  [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
13:06:05.0476 0x18bc  iaStor - ok
13:06:05.0572 0x18bc  [ B25F192EA1F84A316EB7C19EFCCCF33D, 00BACE87CCA40722FF3AD7243439201CDCC23D0BA01E25F928BF63DA12816F8F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
13:06:05.0575 0x18bc  IAStorDataMgrSvc - ok
13:06:05.0638 0x18bc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:06:05.0673 0x18bc  iaStorV - ok
13:06:05.0909 0x18bc  [ 3A0FF117B4ADC5ABE4D968E26A337158, 95F4EB09158DD9B4927F71F83BE3A10DDD99C131C28D9683A7CCBB8C30769AB8 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
13:06:06.0102 0x18bc  IconMan_R - ok
13:06:06.0215 0x18bc  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:06:06.0282 0x18bc  idsvc - ok
13:06:06.0306 0x18bc  IEEtwCollectorService - ok
13:06:07.0287 0x18bc  [ 0BD58366C86EF9DDC4F61AFED0CADA99, 2C4ADD577872DF0E9DE7664FA4293B8E335E18055E346B5BF644544840E420EF ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
13:06:08.0257 0x18bc  igfx - ok
13:06:08.0386 0x18bc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:06:08.0392 0x18bc  iirsp - ok
13:06:08.0496 0x18bc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
13:06:08.0572 0x18bc  IKEEXT - ok
13:06:08.0657 0x18bc  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
13:06:08.0689 0x18bc  IntcDAud - ok
13:06:08.0730 0x18bc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:06:08.0734 0x18bc  intelide - ok
13:06:08.0766 0x18bc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
13:06:08.0773 0x18bc  intelppm - ok
13:06:08.0825 0x18bc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:06:08.0861 0x18bc  IPBusEnum - ok
13:06:08.0886 0x18bc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:06:08.0918 0x18bc  IpFilterDriver - ok
13:06:09.0047 0x18bc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:06:09.0114 0x18bc  iphlpsvc - ok
13:06:09.0164 0x18bc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:06:09.0172 0x18bc  IPMIDRV - ok
13:06:09.0203 0x18bc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:06:09.0213 0x18bc  IPNAT - ok
13:06:09.0302 0x18bc  [ 0FF335D687C85097725A53458160E81E, BF8BB3C8AF1822BEB5FF5F8008614B982F277D862B16B6516CA91F73D336E9D4 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:06:09.0358 0x18bc  iPod Service - ok
13:06:09.0400 0x18bc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:06:09.0404 0x18bc  IRENUM - ok
13:06:09.0426 0x18bc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:06:09.0431 0x18bc  isapnp - ok
13:06:09.0485 0x18bc  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:06:09.0519 0x18bc  iScsiPrt - ok
13:06:09.0558 0x18bc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
13:06:09.0564 0x18bc  kbdclass - ok
13:06:09.0584 0x18bc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
13:06:09.0589 0x18bc  kbdhid - ok
13:06:09.0607 0x18bc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
13:06:09.0612 0x18bc  KeyIso - ok
13:06:09.0663 0x18bc  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:06:09.0671 0x18bc  KSecDD - ok
13:06:09.0699 0x18bc  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:06:09.0711 0x18bc  KSecPkg - ok
13:06:09.0748 0x18bc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:06:09.0753 0x18bc  ksthunk - ok
13:06:09.0809 0x18bc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:06:09.0853 0x18bc  KtmRm - ok
13:06:09.0917 0x18bc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
13:06:09.0950 0x18bc  LanmanServer - ok
13:06:09.0992 0x18bc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:06:10.0006 0x18bc  LanmanWorkstation - ok
13:06:10.0044 0x18bc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:06:10.0053 0x18bc  lltdio - ok
13:06:10.0122 0x18bc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:06:10.0167 0x18bc  lltdsvc - ok
13:06:10.0203 0x18bc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:06:10.0209 0x18bc  lmhosts - ok
13:06:10.0382 0x18bc  [ 0D24A12E77A115ED4B807A626EC039BE, A0903D55968994DC38323D4C2FCB849BEC10C718D4499CD79AF2F68838128115 ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
13:06:10.0405 0x18bc  LMIGuardianSvc - ok
13:06:10.0473 0x18bc  [ 0F28935ECF1FBDEC22BAF720A5A94564, A4E8E13FD7FE1882243AD7139D5E0925F09069616920382F952D79586A4936E7 ] LMIInfo         C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
13:06:10.0475 0x18bc  LMIInfo - ok
13:06:10.0527 0x18bc  [ 777C479BBB31FD1F8ED80BAA75F4AEC1, E0711F4705BA593BA357F3403F7239102DC1B55CDCB09CEEA43F21AA69957469 ] LMIMaint        C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
13:06:10.0541 0x18bc  LMIMaint - ok
13:06:10.0599 0x18bc  [ 413ECDCFAD9A82804D3674C8D7EEC24E, C8A65ED0B079D16D1A4449E840B4A9475388FBE61B5A84DFEFC35F4FB3B9A9B1 ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
13:06:10.0603 0x18bc  lmimirr - ok
13:06:10.0636 0x18bc  LMIRfsClientNP - ok
13:06:10.0656 0x18bc  [ C57D3FAA50E6F395759FFB7C709BD944, 7B0B86F0E710934D57801E1F7BB048AD878F871147B2A16BBF81219A4022B499 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
13:06:10.0663 0x18bc  LMIRfsDriver - ok
13:06:10.0725 0x18bc  [ 98B16E756243BEA9410E32025B19C06F, C4F8663FF4C2F1123CC92D88004090AD06ED12FCD07706AE168333A33B269A53 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:06:10.0758 0x18bc  LMS - ok
13:06:10.0840 0x18bc  [ D3760BC17E1755091B7120CF32DBF56B, 2B31CA0CD838BEE0103054520E2FBEA2436A07D99E711B14543B85F3A511478F ] LogMeIn         C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
13:06:10.0865 0x18bc  LogMeIn - ok
13:06:10.0902 0x18bc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:06:10.0913 0x18bc  LSI_FC - ok
13:06:10.0942 0x18bc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:06:10.0952 0x18bc  LSI_SAS - ok
13:06:10.0978 0x18bc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:06:10.0986 0x18bc  LSI_SAS2 - ok
13:06:11.0028 0x18bc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:06:11.0039 0x18bc  LSI_SCSI - ok
13:06:11.0077 0x18bc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:06:11.0087 0x18bc  luafv - ok
13:06:11.0118 0x18bc  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:06:11.0120 0x18bc  MBAMProtector - ok
13:06:11.0192 0x18bc  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:06:11.0235 0x18bc  MBAMScheduler - ok
13:06:11.0331 0x18bc  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:06:11.0409 0x18bc  MBAMService - ok
13:06:11.0503 0x18bc  [ DDCC236009C707761D60E5C76D639176, 7D88944E4DC258C9B7B23E44CAF515BBB2A6E3831CF059AC03DF2CDB3953A04C ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
13:06:11.0533 0x18bc  McComponentHostService - ok
13:06:11.0592 0x18bc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:06:11.0602 0x18bc  Mcx2Svc - ok
13:06:11.0632 0x18bc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:06:11.0639 0x18bc  megasas - ok
13:06:11.0681 0x18bc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:06:11.0715 0x18bc  MegaSR - ok
13:06:11.0758 0x18bc  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
13:06:11.0763 0x18bc  MEIx64 - ok
13:06:11.0804 0x18bc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
13:06:11.0813 0x18bc  MMCSS - ok
13:06:11.0843 0x18bc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
13:06:11.0849 0x18bc  Modem - ok
13:06:11.0892 0x18bc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:06:11.0897 0x18bc  monitor - ok
13:06:11.0925 0x18bc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:06:11.0931 0x18bc  mouclass - ok
13:06:11.0966 0x18bc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:06:11.0971 0x18bc  mouhid - ok
13:06:11.0998 0x18bc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:06:12.0006 0x18bc  mountmgr - ok
13:06:12.0104 0x18bc  [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:06:12.0116 0x18bc  MozillaMaintenance - ok
13:06:12.0178 0x18bc  [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
13:06:12.0210 0x18bc  MpFilter - ok
13:06:12.0250 0x18bc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:06:12.0272 0x18bc  mpio - ok
13:06:12.0316 0x18bc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:06:12.0326 0x18bc  mpsdrv - ok
13:06:12.0411 0x18bc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:06:12.0512 0x18bc  MpsSvc - ok
13:06:12.0557 0x18bc  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:06:12.0570 0x18bc  MRxDAV - ok
13:06:12.0625 0x18bc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:06:12.0637 0x18bc  mrxsmb - ok
13:06:12.0698 0x18bc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:06:12.0729 0x18bc  mrxsmb10 - ok
13:06:12.0758 0x18bc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:06:12.0772 0x18bc  mrxsmb20 - ok
13:06:12.0827 0x18bc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:06:12.0833 0x18bc  msahci - ok
13:06:12.0871 0x18bc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:06:12.0893 0x18bc  msdsm - ok
13:06:12.0929 0x18bc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
13:06:12.0951 0x18bc  MSDTC - ok
13:06:12.0991 0x18bc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:06:12.0993 0x18bc  Msfs - ok
13:06:13.0022 0x18bc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:06:13.0026 0x18bc  mshidkmdf - ok
13:06:13.0039 0x18bc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:06:13.0041 0x18bc  msisadrv - ok
13:06:13.0083 0x18bc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:06:13.0105 0x18bc  MSiSCSI - ok
13:06:13.0113 0x18bc  msiserver - ok
13:06:13.0150 0x18bc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:06:13.0154 0x18bc  MSKSSRV - ok
13:06:13.0227 0x18bc  [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:06:13.0229 0x18bc  MsMpSvc - ok
13:06:13.0257 0x18bc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:06:13.0260 0x18bc  MSPCLOCK - ok
13:06:13.0281 0x18bc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:06:13.0285 0x18bc  MSPQM - ok
13:06:13.0329 0x18bc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:06:13.0371 0x18bc  MsRPC - ok
13:06:13.0411 0x18bc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
13:06:13.0416 0x18bc  mssmbios - ok
13:06:13.0439 0x18bc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:06:13.0443 0x18bc  MSTEE - ok
13:06:13.0467 0x18bc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:06:13.0471 0x18bc  MTConfig - ok
13:06:13.0502 0x18bc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
13:06:13.0508 0x18bc  Mup - ok
13:06:13.0581 0x18bc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
13:06:13.0636 0x18bc  napagent - ok
13:06:13.0694 0x18bc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:06:13.0727 0x18bc  NativeWifiP - ok
13:06:13.0873 0x18bc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:06:13.0973 0x18bc  NDIS - ok
13:06:14.0008 0x18bc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:06:14.0013 0x18bc  NdisCap - ok
13:06:14.0052 0x18bc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:06:14.0057 0x18bc  NdisTapi - ok
13:06:14.0084 0x18bc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:06:14.0091 0x18bc  Ndisuio - ok
13:06:14.0137 0x18bc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:06:14.0159 0x18bc  NdisWan - ok
13:06:14.0182 0x18bc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:06:14.0189 0x18bc  NDProxy - ok
13:06:14.0264 0x18bc  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:06:14.0273 0x18bc  Net Driver HPZ12 - ok
13:06:14.0301 0x18bc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:06:14.0305 0x18bc  NetBIOS - ok
13:06:14.0340 0x18bc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:06:14.0373 0x18bc  NetBT - ok
13:06:14.0394 0x18bc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
13:06:14.0399 0x18bc  Netlogon - ok
13:06:14.0453 0x18bc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
13:06:14.0498 0x18bc  Netman - ok
13:06:14.0559 0x18bc  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:06:14.0571 0x18bc  NetMsmqActivator - ok
13:06:14.0589 0x18bc  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:06:14.0597 0x18bc  NetPipeActivator - ok
13:06:14.0644 0x18bc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
13:06:14.0679 0x18bc  netprofm - ok
13:06:14.0695 0x18bc  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:06:14.0703 0x18bc  NetTcpActivator - ok
13:06:14.0718 0x18bc  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:06:14.0727 0x18bc  NetTcpPortSharing - ok
13:06:14.0770 0x18bc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:06:14.0776 0x18bc  nfrd960 - ok
13:06:14.0831 0x18bc  [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:06:14.0851 0x18bc  NisDrv - ok
13:06:14.0897 0x18bc  [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
13:06:14.0931 0x18bc  NisSrv - ok
13:06:15.0053 0x18bc  [ 9ED6B2F6D9D04FB883F578ABC239EE07, F93F2AFB91AE605D96E83258F2EA20BF08E74FE8C36EEF39650F369071A080AF ] NitroReaderDriverReadSpool3 C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
13:06:15.0083 0x18bc  NitroReaderDriverReadSpool3 - ok
13:06:15.0125 0x18bc  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:06:15.0159 0x18bc  NlaSvc - ok
13:06:15.0235 0x18bc  Norton PC Checkup Application Launcher - ok
13:06:15.0259 0x18bc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:06:15.0262 0x18bc  Npfs - ok
13:06:15.0290 0x18bc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
13:06:15.0297 0x18bc  nsi - ok
13:06:15.0308 0x18bc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:06:15.0311 0x18bc  nsiproxy - ok
13:06:15.0473 0x18bc  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:06:15.0607 0x18bc  Ntfs - ok
13:06:15.0648 0x18bc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
13:06:15.0652 0x18bc  Null - ok
13:06:16.0536 0x18bc  [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:06:17.0452 0x18bc  nvlddmkm - ok
13:06:17.0593 0x18bc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:06:17.0613 0x18bc  nvraid - ok
13:06:17.0646 0x18bc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:06:17.0668 0x18bc  nvstor - ok
13:06:17.0699 0x18bc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:06:17.0710 0x18bc  nv_agp - ok
13:06:17.0815 0x18bc  [ 5B4E5D841B029EDF5FFB71E50C2D2C02, 8D90CAB2CB29F5FCA50A1404B517903AE25317E3ABD2F7DEFF5D8C6DBE9D77E9 ] Oasis2Service   C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
13:06:17.0820 0x18bc  Oasis2Service - ok
13:06:17.0920 0x18bc  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:06:17.0965 0x18bc  odserv - ok
13:06:18.0000 0x18bc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:06:18.0008 0x18bc  ohci1394 - ok
13:06:18.0068 0x18bc  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:06:18.0081 0x18bc  ose - ok
13:06:18.0148 0x18bc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:06:18.0186 0x18bc  p2pimsvc - ok
13:06:18.0238 0x18bc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
13:06:18.0281 0x18bc  p2psvc - ok
13:06:18.0312 0x18bc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
13:06:18.0321 0x18bc  Parport - ok
13:06:18.0369 0x18bc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:06:18.0375 0x18bc  partmgr - ok
13:06:18.0422 0x18bc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:06:18.0451 0x18bc  PcaSvc - ok
13:06:18.0528 0x18bc  [ 2F86BE1818C2D7AC90478E3323EE7FCB, CE721FCFFDC9D24483DEB6BB77DAFEBE79BA143CA2EE68BF28E2A9297AADB2D4 ] PCCUJobMgr      C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
13:06:18.0539 0x18bc  PCCUJobMgr - ok
13:06:18.0589 0x18bc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
13:06:18.0610 0x18bc  pci - ok
13:06:18.0659 0x18bc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:06:18.0663 0x18bc  pciide - ok
13:06:18.0697 0x18bc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:06:18.0729 0x18bc  pcmcia - ok
13:06:18.0757 0x18bc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:06:18.0763 0x18bc  pcw - ok
13:06:18.0819 0x18bc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:06:18.0877 0x18bc  PEAUTH - ok
13:06:18.0973 0x18bc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:06:18.0979 0x18bc  PerfHost - ok
13:06:19.0122 0x18bc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
13:06:19.0245 0x18bc  pla - ok
13:06:19.0332 0x18bc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:06:19.0378 0x18bc  PlugPlay - ok
13:06:19.0487 0x18bc  [ 63694C307273062A2167AE4CE80730EF, 788E762D02A8BE9802143361A5768364A994B20E769A9733FA5827F526432893 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
13:06:19.0534 0x18bc  PMBDeviceInfoProvider - ok
13:06:19.0621 0x18bc  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:06:19.0632 0x18bc  Pml Driver HPZ12 - ok
13:06:19.0652 0x18bc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:06:19.0661 0x18bc  PNRPAutoReg - ok
13:06:19.0713 0x18bc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:06:19.0739 0x18bc  PNRPsvc - ok
13:06:19.0804 0x18bc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:06:19.0850 0x18bc  PolicyAgent - ok
13:06:19.0895 0x18bc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
13:06:19.0917 0x18bc  Power - ok
13:06:19.0962 0x18bc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:06:19.0972 0x18bc  PptpMiniport - ok
13:06:19.0992 0x18bc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
13:06:19.0999 0x18bc  Processor - ok
13:06:20.0062 0x18bc  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:06:20.0094 0x18bc  ProfSvc - ok
13:06:20.0118 0x18bc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:06:20.0122 0x18bc  ProtectedStorage - ok
13:06:20.0165 0x18bc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:06:20.0175 0x18bc  Psched - ok
13:06:20.0283 0x18bc  [ B19D4B4A90D1F1FECEE721ABCD221D61, A5CBA23264B169AB42D009534458C3BD62FCA5B44768D293C56F4DBCD7A29412 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
13:06:20.0287 0x18bc  QBCFMonitorService - ok
13:06:20.0398 0x18bc  [ 6BEE1814470DC12FA20C53DFC3C97EBB, 91E8C22E54A090966E9B96395392B2C03A32DB1AF8DB2289E2EA9460F0A76C0F ] QBFCService     C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
13:06:20.0430 0x18bc  QBFCService - ok
13:06:20.0637 0x18bc  [ 0F1E2C6CD244C833388CE63FCE9BA895, 4ACBAB497DAB92F385F1D70165D27FD662931AE707E5CE64A41DC924BD35D68D ] QBVSS           C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
13:06:20.0750 0x18bc  QBVSS - ok
13:06:20.0922 0x18bc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:06:21.0038 0x18bc  ql2300 - ok
13:06:21.0075 0x18bc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:06:21.0086 0x18bc  ql40xx - ok
13:06:21.0172 0x18bc  QuickBooksDB19 - ok
13:06:21.0246 0x18bc  QuickBooksDB23 - ok
13:06:21.0293 0x18bc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
13:06:21.0327 0x18bc  QWAVE - ok
13:06:21.0359 0x18bc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:06:21.0363 0x18bc  QWAVEdrv - ok
13:06:21.0392 0x18bc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:06:21.0395 0x18bc  RasAcd - ok
13:06:21.0441 0x18bc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:06:21.0447 0x18bc  RasAgileVpn - ok
13:06:21.0467 0x18bc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
13:06:21.0480 0x18bc  RasAuto - ok
13:06:21.0513 0x18bc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:06:21.0524 0x18bc  Rasl2tp - ok
13:06:21.0578 0x18bc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
13:06:21.0621 0x18bc  RasMan - ok
13:06:21.0643 0x18bc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:06:21.0652 0x18bc  RasPppoe - ok
13:06:21.0672 0x18bc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:06:21.0681 0x18bc  RasSstp - ok
13:06:21.0732 0x18bc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:06:21.0765 0x18bc  rdbss - ok
13:06:21.0803 0x18bc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
13:06:21.0809 0x18bc  rdpbus - ok
13:06:21.0844 0x18bc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:06:21.0846 0x18bc  RDPCDD - ok
13:06:21.0874 0x18bc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:06:21.0876 0x18bc  RDPENCDD - ok
13:06:21.0909 0x18bc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:06:21.0911 0x18bc  RDPREFMP - ok
13:06:21.0970 0x18bc  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:06:21.0992 0x18bc  RDPWD - ok
13:06:22.0031 0x18bc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:06:22.0053 0x18bc  rdyboost - ok
13:06:22.0107 0x18bc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:06:22.0119 0x18bc  RemoteAccess - ok
13:06:22.0161 0x18bc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:06:22.0183 0x18bc  RemoteRegistry - ok
13:06:22.0206 0x18bc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:06:22.0216 0x18bc  RpcEptMapper - ok
13:06:22.0254 0x18bc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
13:06:22.0260 0x18bc  RpcLocator - ok
13:06:22.0314 0x18bc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
13:06:22.0348 0x18bc  RpcSs - ok
13:06:22.0412 0x18bc  [ 9D21618E7A3B2C75CF1A2ECBBE723730, BE9BDAA4EC1265A557F25AB368BE05ED72873C4AE45B6CC9111C0D12DB887F59 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
13:06:22.0445 0x18bc  RSPCIESTOR - ok
13:06:22.0487 0x18bc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:06:22.0496 0x18bc  rspndr - ok
13:06:22.0556 0x18bc  [ EA5532868BA76923D75BCB2A1448D810, C1489714C9BC95BB76134E6B8F28C5A3D044E9B2857F01BFEEEE7C8A25C74E7D ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:06:22.0600 0x18bc  RTL8167 - ok
13:06:22.0638 0x18bc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
13:06:22.0643 0x18bc  SamSs - ok
13:06:22.0665 0x18bc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:06:22.0675 0x18bc  sbp2port - ok
13:06:22.0710 0x18bc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:06:22.0740 0x18bc  SCardSvr - ok
13:06:22.0760 0x18bc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:06:22.0765 0x18bc  scfilter - ok
13:06:22.0854 0x18bc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
13:06:22.0945 0x18bc  Schedule - ok
13:06:22.0982 0x18bc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:06:22.0988 0x18bc  SCPolicySvc - ok
13:06:23.0024 0x18bc  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
13:06:23.0034 0x18bc  sdbus - ok
13:06:23.0072 0x18bc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:06:23.0094 0x18bc  SDRSVC - ok
13:06:23.0130 0x18bc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:06:23.0135 0x18bc  secdrv - ok
13:06:23.0150 0x18bc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
13:06:23.0158 0x18bc  seclogon - ok
13:06:23.0178 0x18bc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
13:06:23.0188 0x18bc  SENS - ok
13:06:23.0231 0x18bc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:06:23.0239 0x18bc  SensrSvc - ok
13:06:23.0268 0x18bc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:06:23.0272 0x18bc  Serenum - ok
13:06:23.0313 0x18bc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
13:06:23.0322 0x18bc  Serial - ok
13:06:23.0361 0x18bc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:06:23.0366 0x18bc  sermouse - ok
13:06:23.0407 0x18bc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
13:06:23.0420 0x18bc  SessionEnv - ok
13:06:23.0482 0x18bc  [ 286D3889E6AB5589646FF8A63CB928AE, 98D9D34521328F4F0B0B7C2CAB97BA0EC998B9F3F996B5ED08E17292F1CD9452 ] SFEP            C:\Windows\system32\drivers\SFEP.sys
13:06:23.0486 0x18bc  SFEP - ok
13:06:23.0519 0x18bc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:06:23.0524 0x18bc  sffdisk - ok
13:06:23.0543 0x18bc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:06:23.0547 0x18bc  sffp_mmc - ok
13:06:23.0579 0x18bc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:06:23.0584 0x18bc  sffp_sd - ok
13:06:23.0601 0x18bc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:06:23.0607 0x18bc  sfloppy - ok
13:06:23.0673 0x18bc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:06:23.0714 0x18bc  SharedAccess - ok
13:06:23.0771 0x18bc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:06:23.0813 0x18bc  ShellHWDetection - ok
13:06:23.0859 0x18bc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:06:23.0865 0x18bc  SiSRaid2 - ok
13:06:23.0892 0x18bc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:06:23.0901 0x18bc  SiSRaid4 - ok
13:06:23.0938 0x18bc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:06:23.0948 0x18bc  Smb - ok
13:06:24.0001 0x18bc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:06:24.0009 0x18bc  SNMPTRAP - ok
13:06:24.0091 0x18bc  [ DDF2EC98AF6FC70608A4F9CE4DB52758, A3F18822C9D0EE508CCAA5323937D631950320D9642C46FD93DB764A06A78F0D ] SOHCImp         C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
13:06:24.0238 0x18bc  SOHCImp - ok
13:06:24.0264 0x18bc  [ 5FA03F5EA6EFEF6D17B4A1A48C40A23C, E99AD063DA8E89ECD2993D1B1AAB346A3EB4E48D687E7378C03037DD00600BB8 ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
13:06:24.0369 0x18bc  SOHDs - ok
13:06:24.0490 0x18bc  [ 65E5659E9C2A0762D05657C0E22A7CA2, A6EE72878CFA901A94485C7BEC7675702ED207DB54F5A8ED70835B6A8A8F5754 ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
13:06:24.0581 0x18bc  SpfService - ok
13:06:24.0619 0x18bc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:06:24.0621 0x18bc  spldr - ok
13:06:24.0704 0x18bc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
13:06:24.0760 0x18bc  Spooler - ok
13:06:25.0051 0x18bc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
13:06:25.0319 0x18bc  sppsvc - ok
13:06:25.0349 0x18bc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:06:25.0359 0x18bc  sppuinotify - ok
13:06:25.0431 0x18bc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:06:25.0474 0x18bc  srv - ok
13:06:25.0511 0x18bc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:06:25.0541 0x18bc  srv2 - ok
13:06:25.0572 0x18bc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:06:25.0594 0x18bc  srvnet - ok
13:06:25.0635 0x18bc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:06:25.0666 0x18bc  SSDPSRV - ok
13:06:25.0687 0x18bc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:06:25.0697 0x18bc  SstpSvc - ok
13:06:25.0727 0x18bc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:06:25.0731 0x18bc  stexstor - ok
13:06:25.0778 0x18bc  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
13:06:25.0782 0x18bc  StillCam - ok
13:06:25.0848 0x18bc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
13:06:25.0904 0x18bc  stisvc - ok
13:06:25.0940 0x18bc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
13:06:25.0944 0x18bc  swenum - ok
13:06:26.0000 0x18bc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:06:26.0053 0x18bc  swprv - ok
13:06:26.0208 0x18bc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
13:06:26.0342 0x18bc  SysMain - ok
13:06:26.0372 0x18bc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:06:26.0384 0x18bc  TabletInputService - ok
13:06:26.0416 0x18bc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:06:26.0450 0x18bc  TapiSrv - ok
13:06:26.0476 0x18bc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:06:26.0485 0x18bc  TBS - ok
13:06:26.0675 0x18bc  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:06:26.0820 0x18bc  Tcpip - ok
13:06:26.0993 0x18bc  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:06:27.0105 0x18bc  TCPIP6 - ok
13:06:27.0167 0x18bc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:06:27.0174 0x18bc  tcpipreg - ok
13:06:27.0219 0x18bc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:06:27.0225 0x18bc  TDPIPE - ok
13:06:27.0289 0x18bc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:06:27.0294 0x18bc  TDTCP - ok
13:06:27.0330 0x18bc  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:06:27.0341 0x18bc  tdx - ok
13:06:27.0380 0x18bc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
13:06:27.0387 0x18bc  TermDD - ok
13:06:27.0449 0x18bc  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
13:06:27.0516 0x18bc  TermService - ok
13:06:27.0534 0x18bc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:06:27.0542 0x18bc  Themes - ok
13:06:27.0587 0x18bc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:06:27.0593 0x18bc  THREADORDER - ok
13:06:27.0634 0x18bc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:06:27.0650 0x18bc  TrkWks - ok
13:06:27.0717 0x18bc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:06:27.0740 0x18bc  TrustedInstaller - ok
13:06:27.0774 0x18bc  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:06:27.0780 0x18bc  tssecsrv - ok
13:06:27.0824 0x18bc  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:06:27.0831 0x18bc  TsUsbFlt - ok
13:06:27.0862 0x18bc  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:06:27.0867 0x18bc  TsUsbGD - ok
13:06:27.0907 0x18bc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:06:27.0918 0x18bc  tunnel - ok
13:06:27.0940 0x18bc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:06:27.0947 0x18bc  uagp35 - ok
13:06:28.0007 0x18bc  [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC, 30BD61BA46955BD6A48EC78538FAAB46026DD048347F8280352335EB0ECE16AD ] uCamMonitor     C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
13:06:28.0017 0x18bc  uCamMonitor - ok
13:06:28.0056 0x18bc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:06:28.0089 0x18bc  udfs - ok
13:06:28.0129 0x18bc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:06:28.0139 0x18bc  UI0Detect - ok
13:06:28.0163 0x18bc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:06:28.0170 0x18bc  uliagpkx - ok
13:06:28.0215 0x18bc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:06:28.0221 0x18bc  umbus - ok
13:06:28.0248 0x18bc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:06:28.0251 0x18bc  UmPass - ok
13:06:28.0505 0x18bc  [ 7A78ED1088890114DFDE2C4AB038D6B6, B52357594A90A8BCF5F96FA630F52BB1274A2FE814AF0270D21C892871D076FC ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
13:06:28.0705 0x18bc  UNS - ok
13:06:28.0758 0x18bc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:06:28.0800 0x18bc  upnphost - ok
13:06:28.0830 0x18bc  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:06:28.0837 0x18bc  USBAAPL64 - ok
13:06:28.0893 0x18bc  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:06:28.0903 0x18bc  usbccgp - ok
13:06:28.0948 0x18bc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:06:28.0958 0x18bc  usbcir - ok
13:06:28.0983 0x18bc  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\Windows\system32\drivers\usbehci.sys
13:06:28.0989 0x18bc  usbehci - ok
13:06:29.0044 0x18bc  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:06:29.0077 0x18bc  usbhub - ok
13:06:29.0118 0x18bc  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:06:29.0123 0x18bc  usbohci - ok
13:06:29.0165 0x18bc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:06:29.0170 0x18bc  usbprint - ok
13:06:29.0212 0x18bc  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
13:06:29.0218 0x18bc  usbscan - ok
13:06:29.0268 0x18bc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:06:29.0295 0x18bc  USBSTOR - ok
13:06:29.0325 0x18bc  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:06:29.0331 0x18bc  usbuhci - ok
13:06:29.0376 0x18bc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
13:06:29.0398 0x18bc  usbvideo - ok
13:06:29.0429 0x18bc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:06:29.0437 0x18bc  UxSms - ok
13:06:29.0518 0x18bc  [ DCB1F83AD167D16D263CE57C94E9EEDF, 2389268A1F83F0D354111553FB5F48E77A8FE4C0A1C22376A313A961252ED259 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
13:06:29.0523 0x18bc  VAIO Event Service - ok
13:06:29.0538 0x18bc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
13:06:29.0543 0x18bc  VaultSvc - ok
13:06:29.0657 0x18bc  [ D00058C1FFF3F3DE990444A5734E9639, 450192C5F458888D71328994E29A6CB0E04F387BF63D49E7EABA1E1AECD680F9 ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
13:06:29.0920 0x18bc  VCFw - ok
13:06:30.0059 0x18bc  [ 4B7ED2D6F738219068361BB14D19CBDE, 20A41B2D6F8423839D455A87FEDA646FFBF4CFD95928C2D410E77396CC675373 ] VcmIAlzMgr      C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
13:06:30.0306 0x18bc  VcmIAlzMgr - ok
13:06:30.0402 0x18bc  [ 2F06D134554BA84FE253DBC481DCFE6D, A88780610A1B4FAFF1818CF3D86AC83B27DDDCD9CDB9F1A38C5BBFEE5632CF5E ] VcmINSMgr       C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
13:06:30.0525 0x18bc  VcmINSMgr - ok
13:06:30.0584 0x18bc  [ 32A3735F6874B7783C6209ED5CA36D9D, B6DA3D749A000D99B6F0BF475C47AC0867595B634CC6502C8758B241759F531C ] VcmXmlIfHelper  C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
13:06:30.0690 0x18bc  VcmXmlIfHelper - ok
13:06:30.0747 0x18bc  [ D347D3ABE070AA09C22FC37121555D52, EE62F6A3489AAA54A5E3BD6264C473EF091CF848F9047A8446D2947D79B0A672 ] VCService       C:\Program Files\Sony\VAIO Care\VCService.exe
13:06:30.0751 0x18bc  VCService - ok
13:06:30.0795 0x18bc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:06:30.0800 0x18bc  vdrvroot - ok
13:06:30.0878 0x18bc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
13:06:30.0931 0x18bc  vds - ok
13:06:30.0959 0x18bc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:06:30.0964 0x18bc  vga - ok
13:06:31.0006 0x18bc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:06:31.0010 0x18bc  VgaSave - ok
13:06:31.0050 0x18bc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:06:31.0079 0x18bc  vhdmp - ok
13:06:31.0118 0x18bc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:06:31.0122 0x18bc  viaide - ok
13:06:31.0140 0x18bc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:06:31.0148 0x18bc  volmgr - ok
13:06:31.0193 0x18bc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:06:31.0227 0x18bc  volmgrx - ok
13:06:31.0263 0x18bc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:06:31.0297 0x18bc  volsnap - ok
13:06:31.0346 0x18bc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:06:31.0368 0x18bc  vsmraid - ok
13:06:31.0479 0x18bc  [ 0ED394BFBA3EB4740F063E0BA5EC7104, F8555E976DC72423D760322107A4470A7938CEAC8BE81E4B83EFCD2FA4A21816 ] VSNService      C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
13:06:31.0557 0x18bc  VSNService - ok
13:06:31.0708 0x18bc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
13:06:31.0841 0x18bc  VSS - ok
13:06:32.0021 0x18bc  [ D2D646D4D686C6996BA1FF96E11BE570, BAED2162928F9590597911DCBD92C10CC5516E35BD7ACB26150A879D2ABEC023 ] VUAgent         C:\Program Files\Sony\VAIO Update\VUAgent.exe
13:06:32.0120 0x18bc  VUAgent - ok
13:06:32.0151 0x18bc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:06:32.0155 0x18bc  vwifibus - ok
13:06:32.0190 0x18bc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:06:32.0197 0x18bc  vwififlt - ok
13:06:32.0222 0x18bc  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:06:32.0227 0x18bc  vwifimp - ok
13:06:32.0267 0x18bc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
13:06:32.0312 0x18bc  W32Time - ok
13:06:32.0358 0x18bc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:06:32.0362 0x18bc  WacomPen - ok
13:06:32.0402 0x18bc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:06:32.0411 0x18bc  WANARP - ok
13:06:32.0424 0x18bc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:06:32.0431 0x18bc  Wanarpv6 - ok
13:06:32.0586 0x18bc  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:06:32.0686 0x18bc  WatAdminSvc - ok
13:06:32.0826 0x18bc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
13:06:32.0948 0x18bc  wbengine - ok
13:06:32.0980 0x18bc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:06:33.0013 0x18bc  WbioSrvc - ok
13:06:33.0051 0x18bc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:06:33.0175 0x18bc  wcncsvc - ok
13:06:33.0208 0x18bc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:06:33.0217 0x18bc  WcsPlugInService - ok
13:06:33.0242 0x18bc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
13:06:33.0244 0x18bc  Wd - ok
13:06:33.0367 0x18bc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:06:33.0457 0x18bc  Wdf01000 - ok
13:06:33.0496 0x18bc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:06:33.0508 0x18bc  WdiServiceHost - ok
13:06:33.0532 0x18bc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:06:33.0542 0x18bc  WdiSystemHost - ok
13:06:33.0586 0x18bc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
13:06:33.0619 0x18bc  WebClient - ok
13:06:33.0664 0x18bc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:06:33.0697 0x18bc  Wecsvc - ok
13:06:33.0721 0x18bc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:06:33.0731 0x18bc  wercplsupport - ok
13:06:33.0757 0x18bc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:06:33.0767 0x18bc  WerSvc - ok
13:06:33.0814 0x18bc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:06:33.0817 0x18bc  WfpLwf - ok
13:06:33.0835 0x18bc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:06:33.0840 0x18bc  WIMMount - ok
13:06:33.0869 0x18bc  WinDefend - ok
13:06:33.0895 0x18bc  WinHttpAutoProxySvc - ok
13:06:33.0967 0x18bc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:06:33.0998 0x18bc  Winmgmt - ok
13:06:34.0161 0x18bc  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:06:34.0317 0x18bc  WinRM - ok
13:06:34.0405 0x18bc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:06:34.0411 0x18bc  WinUsb - ok
13:06:34.0518 0x18bc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:06:34.0595 0x18bc  Wlansvc - ok
13:06:34.0654 0x18bc  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:06:34.0661 0x18bc  wlcrasvc - ok
13:06:34.0869 0x18bc  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:06:35.0041 0x18bc  wlidsvc - ok
13:06:35.0092 0x18bc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:06:35.0096 0x18bc  WmiAcpi - ok
13:06:35.0144 0x18bc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:06:35.0166 0x18bc  wmiApSrv - ok
13:06:35.0202 0x18bc  WMPNetworkSvc - ok
13:06:35.0291 0x18bc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:06:35.0298 0x18bc  WPCSvc - ok
13:06:35.0346 0x18bc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:06:35.0368 0x18bc  WPDBusEnum - ok
13:06:35.0404 0x18bc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:06:35.0409 0x18bc  ws2ifsl - ok
13:06:35.0446 0x18bc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
13:06:35.0459 0x18bc  wscsvc - ok
13:06:35.0506 0x18bc  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
13:06:35.0512 0x18bc  WSDPrintDevice - ok
13:06:35.0565 0x18bc  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\drivers\WSDScan.sys
13:06:35.0570 0x18bc  WSDScan - ok
13:06:35.0585 0x18bc  WSearch - ok
13:06:35.0810 0x18bc  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:06:36.0039 0x18bc  wuauserv - ok
13:06:36.0072 0x18bc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:06:36.0082 0x18bc  WudfPf - ok
13:06:36.0118 0x18bc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:06:36.0141 0x18bc  WUDFRd - ok
13:06:36.0167 0x18bc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:06:36.0178 0x18bc  wudfsvc - ok
13:06:36.0238 0x18bc  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:06:36.0271 0x18bc  WwanSvc - ok
13:06:36.0314 0x18bc  ================ Scan global ===============================
13:06:36.0347 0x18bc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:06:36.0407 0x18bc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:06:36.0472 0x18bc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:06:36.0515 0x18bc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:06:36.0570 0x18bc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:06:36.0609 0x18bc  [ Global ] - ok
13:06:36.0610 0x18bc  ================ Scan MBR ==================================
13:06:36.0625 0x18bc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:06:36.0920 0x18bc  \Device\Harddisk0\DR0 - ok
13:06:36.0923 0x18bc  ================ Scan VBR ==================================
13:06:36.0928 0x18bc  [ C88AB694D167AC0EBA117A62B5633A1F ] \Device\Harddisk0\DR0\Partition1
13:06:36.0931 0x18bc  \Device\Harddisk0\DR0\Partition1 - ok
13:06:36.0940 0x18bc  [ E748FBAF90E2D0FB28E086D9DB4BB4CC ] \Device\Harddisk0\DR0\Partition2
13:06:36.0944 0x18bc  \Device\Harddisk0\DR0\Partition2 - ok
13:06:36.0950 0x18bc  Waiting for KSN requests completion. In queue: 117
13:06:37.0950 0x18bc  Waiting for KSN requests completion. In queue: 117
13:06:38.0950 0x18bc  Waiting for KSN requests completion. In queue: 117
13:06:39.0984 0x18bc  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
13:06:40.0057 0x18bc  Win FW state via NFP2: enabled
13:06:42.0667 0x18bc  ============================================================
13:06:42.0667 0x18bc  Scan finished
13:06:42.0668 0x18bc  ============================================================
13:06:42.0689 0x051c  Detected object count: 0
13:06:42.0689 0x051c  Actual detected object count: 0


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:55 AM

Posted 05 January 2014 - 01:21 PM

Did you run ComboFix to try to fix this or was it run at an earlier time.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 dunnage82

dunnage82
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 05 January 2014 - 01:25 PM

Here's the JRT log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x64
Ran by Wendy on Sun 01/05/2014 at 13:10:49.57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npmozcouponprinter.dll"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{0198A1A9-83D2-4B14-8221-D1E88DBC596F}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{03A16845-B6BA-492A-ACAE-56EAD27B245E}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{03EC5CE9-1E84-4226-B472-90754CED29D4}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{04566C38-A792-4B1D-B026-907B721DC859}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{04E6C946-1535-4259-951E-4991A28B6F7A}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{0D749F40-6CE3-41E1-82BC-0D23333E5175}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{0E220609-39AA-4DFF-A371-2BE1822ABE68}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{10DA8FAB-5BD7-4BC8-8CDE-384A7774B81F}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{1483AA53-B525-4D71-AF6E-6F0AD629D4B4}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{18C4A1C6-747D-45EA-AF49-4E37D32B5DEB}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{19198244-D3D6-453D-B447-9A842147A02B}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{19563E46-9332-481C-9315-25F674A1C35A}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{1B16E5A2-1587-4BA2-BC2B-C78CDAE8E5D3}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{1D8585D1-4F8F-4FC3-88AC-319FC3E66CA2}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{1DD22989-AB49-4F4F-B2E5-E82B4C06463F}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{25AB9407-7D8F-4231-AEC5-C5D01D8C71B8}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{274DDEBB-2D19-414C-9814-A82E0F88F5BC}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{279870EA-3F65-4022-9240-2B0A3D70A418}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{2CD61E9B-97FC-4962-B5E7-0D7402363011}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{2D375DD3-3564-4E2E-BB4F-88D565436BEE}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{2D38CE71-852A-4F1C-B8D1-661E87B5B2BD}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{2E8EE8E3-F23E-4F28-8975-F568356706B8}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{2EC7DBB1-B179-4A3E-81D9-6BC97CC075B1}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{2F4A2779-97D3-4E0B-8287-593C9D659583}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{2F9F5D5C-7C43-477A-8176-D79EA02F9D9D}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{309D8554-73EA-4897-8ED6-506EF47356A5}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{3175A84A-3CDD-473A-95D8-8DCB39AB8987}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{341FEF15-BF36-4F33-B3CC-566D75471345}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{34C246BC-6812-475F-B7C7-842297F61937}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{3B3268D9-AEC7-46DD-9FD1-2537370EC29B}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{3BEFA1AB-F04B-452E-A84A-B68CEE39769B}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{3FDF7900-653F-4C00-B551-B59D548EFD5B}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{4340EF0D-2A30-4D79-9363-21EA59B35871}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{43FB636B-06DF-41F5-9718-EDC83CF82BCD}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{4434FF95-9775-4DF5-B5E5-4E0EB10CC446}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{49BD0631-E433-45DA-9597-1AAE5CF40247}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{49D0A834-39A4-4D2E-9F6B-2F394CB2E9B7}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{543A738F-97F3-4750-8A0A-A17BC4DB4D34}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{5748BD72-627E-401D-A79A-5EFE460C5612}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{581AE52A-97B3-48F4-80CC-99D4AD925CC4}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{58594197-CB09-4379-B0D9-737CC2871715}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{595F7B1C-CD2F-45BB-93E9-2C4B6AAF6821}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{5A653880-1063-4A47-9AA2-C55227F98B57}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{5D8F4DD6-9392-47B4-B269-ABFAD82BD513}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{6011DD1F-6C2D-4007-9232-8974D1121BE1}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{6435D85F-E769-4A38-9E30-46E05CABB90A}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{65861BF1-901B-49BE-8762-8971BC6E82CC}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{65DCAA2A-BFFE-41FD-B42D-5C328A38A8B6}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{66E892D2-1EBA-4498-A90B-908E445575AD}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{66EAE0DF-5C22-4D81-8E5E-6A4CE5AAA00E}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{6850EFA8-56D9-43D9-AA36-063BC7879AFD}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{6F83C9D7-419B-4707-B2FD-A11C943D7049}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{711B032D-5083-4DCF-9793-F6793EEDBA4E}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{723C0433-366D-40E0-9FD2-E65A4B7A6217}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{72FC080D-77E8-4A1F-BB19-EFFA00854C16}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{759CA84C-916B-488A-81E5-A2D7B95D1B0B}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{781AE6D9-96BC-4396-BBE7-86B8C0869A4E}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{7966EF1E-9E05-45D2-802A-C8B87940EB9A}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{7BAD48F1-8248-4389-A5FD-F11184326AEA}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{7C43E791-D67D-4BA2-A81C-31E5D67765EF}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{7FFCA1A8-BB0D-4CBC-A1C8-559E0F2AB6F3}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{80906A25-5B04-4F47-9A70-A4D538D45CB1}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{80940872-025A-46E9-B45E-A9985765094A}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{868D7CC3-2776-422B-AFC0-5328A81E7AEA}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{8734098F-62FA-4825-BCDC-8999B4BC4A42}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{8CF6C78E-DB6C-41AC-B9A3-0E09B87DC60B}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{906B198D-805B-4C0A-B603-3DFE89893F3C}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{90F02F7F-68CF-424A-BD60-66943BE22EDB}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{92016A82-F4AB-4BBF-9130-66A94EAD96A8}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{9256848F-0A55-4E96-9780-AC09A3AE8C9A}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{92B4AC00-F786-4ED0-B65E-7C369B80ADC8}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{93A2D371-DF5D-4D76-9BBC-10C41DE1DED5}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{93E530F7-475C-453A-BFD2-66639E6818FF}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{97EF6241-E68D-4D3D-8984-5AB47B9819D6}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{98B0A705-265D-4CE7-8A6B-DE7A47C03605}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{9A305F77-DB29-40AC-ADF9-C76A4D7028C1}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{9ED3FDD5-30BB-4CFF-BB4D-D2127AED11C6}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{9F053F8B-6D48-4A2C-A09E-A6ABFBF85B9F}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{A24F9128-A692-416E-8F3A-005FEF8EBFDE}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{A3D67A54-687E-4B82-A947-3FD7AACF26B1}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{A9387411-8C2A-4165-99CD-8570CBB17F61}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{B306B089-D0D5-4192-AE06-E82EBBFC149F}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{B580F94F-1E75-433C-9756-A54ADBE9C869}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{B7A48C8B-AC8B-4DC6-946A-B99E06999086}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{B89A9321-BCBA-49DA-B491-B3B16650D09A}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{BA7FAE86-1C2E-47F3-A38C-77A0D87B752E}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{BCFD8E5E-EFCD-4799-AE07-81B19E22327F}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{C0C77AEF-6017-4EB8-9418-845B618ACDD6}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{C4963835-4906-4D6E-965F-DE76A7F04530}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{C65344DD-B34C-429A-BF86-7864616D43FB}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{CFF6A96A-E3BE-43C6-89EA-01D2DE00CBCD}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{D1CFEFCE-0C6F-466D-88B8-5EB332F1C921}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{D594B685-3D70-4FD8-B903-03F69572CCA2}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{DB5987F9-C621-4479-ABE9-82A8FE7D4F1E}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{DBE3B6D8-74C5-4C54-BEEB-CDFF6DC7EB28}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{E289FE5F-E70A-45B7-9E7B-CA95C7AD39BE}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{E3490554-1EF7-42A4-9B30-5EF3A4A2C2D5}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{E51382AB-E98B-4CE1-8690-56A848E0B3C1}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{EB3521CD-EED7-4608-8611-6D1BC28DD497}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{EB7F211A-D352-4137-8207-AC18D214BB9C}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{EBC5D2DA-C400-4FBD-8636-9954C56B6D3E}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{EC1A8D36-D92D-4B09-913B-3BF07C4A1643}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{ECB57013-3816-4B46-BB26-2FE8055DD6A5}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{F03E706E-F6D1-4CE4-8035-BC809BA34901}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{F18230AE-D1ED-4F5F-933F-0EF51497428C}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{F1C7CD2D-9B40-4826-8D57-C63DA8916511}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{F5E385B3-EAA6-45A8-BCBB-6F2A81F0585C}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{F8FCA92B-7C29-4573-9857-29E96094A1C4}
Successfully deleted: [Empty Folder] C:\Users\Wendy\appdata\local\{F9A89E3F-7AFD-4DD5-A2A2-A078B726AC1C}
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\Wendy\AppData\Roaming\mozilla\firefox\profiles\o69n1tar.default\minidumps [17 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 01/05/2014 at 13:24:46.00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users