Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible keylogger virus


  • Please log in to reply
20 replies to this topic

#1 Slow Mo

Slow Mo

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 06 January 2014 - 06:44 PM

I am having a problem that I am trying to clear up before it causes real damage. I believe the problem started with a Facebook game (Slotomania) and it appears to be isolated to this, but after researching a little I see that these types of viruses can allow a hacker to access personal banking info as well so it has me a little nervous as I had used my laptop for banking transactions as well.

 

What is happening is that when I sign into my FB account to play certain slot machine games, it looks like someone else is actually playing on my account. At times, it almost looks like Timbuktu, when you can actually see the reels being pressed, but I haven't pressed anything. Most times, I will play the game and leave credits there while I go to bed, and the next day (after I haven't played at all), someone has played all the credits.

 

I have emailed their customer support, and they are saying I probably have a virus on my laptop and suggested that I try a anti-virus remover that can get rid of a keylogger virus.

 

My laptop is a Toshiba Satellite A505, running Windows 7.

 

I have changed my Facebook password, and changed the security settings to require a code from my phone to sign into my account. I have changed my email password as well. All of these changes were made on my I pad (as I don't believe the virus stems from there). I have also changed my passwords to other sensitive (CC, banking) accounts from a different computer.

 

I have scanned with Malware Bytes,and Spu Bot Search and Destroy. I previously had the McAfee Anti-Virus software (from AT&T Uverse) installed, but switched to Microsoft Security Essentials on the recommendation of a friend. I also have run a full system scan with MSE that found no errors. When running scans, I get the usual registry errors, etc, but nothing that actually said I had a virus. I have run the scans several times over the past 10 days, and they are saying they have found nothing. As recently as today, the issue is still occurring with the credits disappearing from my games.

 

 



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:30 PM

Posted 09 January 2014 - 02:02 PM

Remove spybot search and destroy from your machine and see below.

 

 

Step 1

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.

Step 2

 

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 3.

 

 

Please download HitmanPro. to your desktop.

  • Launch the program by double clicking on HitmanPro.exe. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).
  • Click on the next button. You must agree with the terms of EULA.
  • Check the box beside "No, I only want to perform a one-time scan to check this computer".
  • Click on the next button.
  • The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.
  • Click on the next button and choose the option activate free license
  • Click on the next button and the infections where will be deleted.
  • Click now on the Save Log option and save this log to your desktop.
  • Click on the next button and restart the computer.
  • Copy the information of HitmanPro_20130116_1239.log in your next reply

Step 4.

 

Please download MINITOOLBOX and run it.

Checkmark following boxes:



Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.



#3 Slow Mo

Slow Mo
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 10 January 2014 - 01:22 AM

ADW cleaner:

 

# AdwCleaner v3.016 - Report created 10/01/2014 at 00:43:36
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Teresa - TERESA-LAPTOP
# Running from : C:\Users\Teresa\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : BackupStack
Service Deleted : CltMngSvc

***** [ Files / Folders ] *****

Folder Deleted : C:\Searchprotect
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Searchprotect
Folder Deleted : C:\Program Files (x86)\sweetpacks bundle uninstaller
Folder Deleted : C:\windows\SysWOW64\Searchprotect
Folder Deleted : C:\Users\Teresa\AppData\Local\Searchprotect
Folder Deleted : C:\Users\Teresa\AppData\Local\Surf_Canyon
Folder Deleted : C:\Users\Teresa\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Teresa\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Teresa\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Teresa\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Teresa\Documents\PC Speed Maximizer
File Deleted : C:\windows\System32\roboot64.exe
File Deleted : C:\Users\Teresa\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Program Files (x86)\Mozilla Firefox\nsprotector.js
File Deleted : C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\.bdc
Key Deleted : HKLM\SOFTWARE\Classes\.bgl
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Updater]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Surf Canyon
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Surf Canyon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\prefs.js ]

Line Deleted : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SPD8846E6F-449C-4456-A740-F52723E36E48");
Line Deleted : user_pref("extensions.crossrider.bic", "1434b9127f903376ce9a19b58633df7b");

*************************

AdwCleaner[R0].txt - [4722 octets] - [10/01/2014 00:42:23]
AdwCleaner[S0].txt - [4338 octets] - [10/01/2014 00:43:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4398 octets] ##########

 

Junkware Removal Tool:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Teresa on Fri 01/10/2014 at  0:51:11.35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\dynconie
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E200777F-B47C-4B7B-9D58-F8AB0E6CB489}



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\fighters"
Failed to delete: [Folder] "C:\ProgramData\strongvault online backup"
Successfully deleted: [Folder] "C:\Users\Teresa\appdata\locallow\surfcanyon"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetpacks"
Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Folder] "C:\windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Teresa\appdata\local\{68FD2FAC-D51D-4841-BE61-C35B54B369E7}
Successfully deleted: [Empty Folder] C:\Users\Teresa\appdata\local\{CC05E48D-15A8-4E51-B933-62C430B87DDE}



~~~ FireFox

Emptied folder: C:\Users\Teresa\AppData\Roaming\mozilla\firefox\profiles\u89nc3bp.default-1385951061197\minidumps [8 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 01/10/2014 at  1:01:46.18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hitman Pro:

 

HitmanPro 3.7.8.208
www.hitmanpro.com

   Computer name . . . . : TERESA-LAPTOP
   Windows . . . . . . . : 6.1.1.7601.X64/2
   User name . . . . . . : Teresa-laptop\Teresa
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (30 days left)

   Scan date . . . . . . : 2014-01-10 01:05:13
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 4m 57s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 2
   Traces  . . . . . . . : 42

   Objects scanned . . . : 1,619,425
   Files scanned . . . . : 25,008
   Remnants scanned  . . : 417,005 files / 1,177,412 keys

Malware _____________________________________________________________________

   C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\DynamicOffer2\Setup (8).exe -> Quarantined
      Size . . . . . . . : 4,044,976 bytes
      Age  . . . . . . . : 0.0 days (2014-01-10 00:25:59)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 59FD048A16B9A05EB15AB61524F425EFD71089C94DE74B19E290A5AAE6C727E7
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Bitdefender  . . . : Adware.Agent.NVF
      Fuzzy  . . . . . . : 109.0
      Forensic Cluster
         -57.4s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\
         -57.4s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\System.dll
         -56.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{58840CEC-712B-40A1-8D3C-432CDE4D5028}
         -56.7s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\webapphost.dll
         -49.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\DM_loader.gif
         -49.8s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\DownloadACC.dll
         -49.7s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\Failed.htm
         -49.6s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\icon.png
         -49.6s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\OCSetupHlp.dll
         -49.3s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\BunndleOfferManager.dll
         -49.2s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\ProxyInstallerDir\
         -49.2s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\ProxyInstallerDir\ProxyInstaller.exe
         -43.6s C:\Users\Teresa\AppData\Local\Temp\~DF4A23B2249C15262F.TMP
         -43.0s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\client_xml.xml
         -41.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\offer.xml
         -41.2s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9K0N2FRD\846620[1].htm
         -41.1s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9K0N2FRD\846620[2].htm
         -40.2s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9K0N2FRD\X[1].png
         -40.1s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUAJDLT7\-[1].png
         -39.8s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U49WRZEG\video_c_s[1].jpg
         -39.7s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U49WRZEG\video_c_l[1].jpg
         -39.5s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6A8QKB6U\button[1].png
         -39.3s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9K0N2FRD\CancelBGGoogleDialog[1].png
         -39.3s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9K0N2FRD\NextButton_Sprite%20wide[1].png
         -39.2s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUAJDLT7\CancelBG[1].png
         -39.1s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6A8QKB6U\BoxBgNew[1].png
         -39.1s C:\Users\Teresa\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014011020140111\
         -39.1s C:\Users\Teresa\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014011020140111\container.dat
         -39.0s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUAJDLT7\InstallationSuccessful[1].png
         -38.7s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\xml.dll
         -38.1s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\nsArray.dll
         -36.6s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\wajam_validate.exe
         -36.6s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\wajam_validate.exe
         -35.0s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\Uninstaller.exe
         -34.6s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U49WRZEG\911976[1].htm
         -34.3s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\GenericUninstall.exe
         -34.1s C:\AdwCleaner\Quarantine\C\Program Files (x86)\sweetpacks bundle uninstaller\uninstaller.exe.vir
         -34.0s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6A8QKB6U\X[1].png
         -33.9s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUAJDLT7\-[2].png
         -33.9s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U49WRZEG\BoxBgNew[1].png
         -33.8s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6A8QKB6U\CancelBGGoogleDialog[1].png
         -33.8s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6A8QKB6U\NextButton_Sprite-wide-grey[1].png
         -33.3s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9K0N2FRD\NextButton_Sprite%20wide[2].png
         -33.3s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9K0N2FRD\GoogleAdWordsCheckbox[1].htm
         -33.3s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9K0N2FRD\button[1].png
         -33.3s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUAJDLT7\CancelBG[2].png
         -24.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\heartbeat\130338051354916627
         -22.0s C:\Users\Teresa\AppData\Local\Temp\CT3323737\
         -22.0s C:\Users\Teresa\AppData\Local\Temp\CT3323737\ddt.csf
         -21.7s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U49WRZEG\825467[1].htm
         -21.4s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U49WRZEG\1b388b5c-3a9b-4d1f-913f-34b14c9269b5[1].png
         -21.2s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUAJDLT7\NextButton_Sprite-wide-dark[1].png
         -20.0s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6A8QKB6U\923109[1].htm
         -18.8s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUAJDLT7\PC_Fix_Speed_offer[1].htm
         -18.5s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U49WRZEG\PC_Fix_Speed_offer[1].jpg
         -18.0s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6A8QKB6U\nr-100[1].js
         -15.0s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9K0N2FRD\919447[1].htm
         -14.4s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUAJDLT7\7e2cfa0e-839e-43f9-a3c9-340364110ed3[1].png
         -10.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_AC2ECB4F6C4584FD21471BFBD9E27ABF
         -10.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_AC2ECB4F6C4584FD21471BFBD9E27ABF
         -10.0s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\DynamicOffer1\
         -10.0s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\ProxyInstallerDir\SecondOffer1.exe.ini
         -9.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\DynamicOffer2\
         -9.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\ProxyInstallerDir\SecondOffer2.exe.ini
         -9.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\DynamicOffer3\
         -9.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\ProxyInstallerDir\SecondOffer3.exe.ini
         -9.8s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\
         -9.8s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\ProxyInstallerDir\MainOffer.exe.ini
         -9.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{3FD0CADF-1988-4912-8CD9-A3FA7BEC82DA}
         -8.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{E5BB6452-FC26-412C-A8D8-7250ED465ABD}
         -8.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{E5BB6452-FC26-412C-A8D8-7250ED465ABD}
         -8.6s C:\Users\Teresa\AppData\Local\Temp\nszFDEF.tmp\
         -8.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{EDD2E51D-6A2C-458A-9DD5-1A2E977BCC0B}
         -8.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{4E05E359-7FAD-4A05-8C18-96E0D78DFF51}
         -8.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{3D2E2DB8-3C6C-4386-A38B-8F677E86BA14}
         -8.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{3D2E2DB8-3C6C-4386-A38B-8F677E86BA14}
         -8.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{3D2E2DB8-3C6C-4386-A38B-8F677E86BA14}
         -7.8s C:\Users\Teresa\AppData\Local\Temp\nszFDEF.tmp\System.dll
         -7.8s C:\Users\Teresa\AppData\Local\Temp\nszFDEF.tmp\System.dll
         -7.8s C:\Users\Teresa\AppData\Local\Temp\nszFDEF.tmp\System.dll
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.9s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\MainOffer\VideoConverterSetup.exe
         -3.8s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\DynamicOffer1\sp-downloader.exe
         -3.8s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\DynamicOffer1\sp-downloader.exe
         -3.8s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\DynamicOffer1\sp-downloader.exe
         -3.8s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\DynamicOffer1\sp-downloader.exe
         -0.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{7C23329A-BEB1-4C9B-BEC3-C46496CBA35D}
          0.0s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\DynamicOffer2\Setup (8).exe
          4.3s C:\Users\Teresa\AppData\Local\Temp\nsz3036.tmp
          8.7s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U49WRZEG\spstub[1].exe
         10.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{E1E721CC-D552-4676-AEAF-BF57B07B29F5}
         10.9s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{88739CD1-72AB-4896-8D90-CB7F03430921}
         10.9s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{88739CD1-72AB-4896-8D90-CB7F03430921}
         10.9s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{88739CD1-72AB-4896-8D90-CB7F03430921}
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         15.8s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPacks\
         18.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{36CE8DA0-BE4C-418B-B1E0-E7348DF2DC97}
         18.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{36CE8DA0-BE4C-418B-B1E0-E7348DF2DC97}
         18.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{36CE8DA0-BE4C-418B-B1E0-E7348DF2DC97}
         18.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{36CE8DA0-BE4C-418B-B1E0-E7348DF2DC97}
         18.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{36CE8DA0-BE4C-418B-B1E0-E7348DF2DC97}
         27.9s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{FF33FA50-9872-4695-9BD0-B78F38E9B57C}
         32.1s C:\Users\Teresa\AppData\Local\Temp\nsf9CCE.tmp
         34.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_1813C2B134B4B5FA7FD621F5FF2C9DB2
         34.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_1813C2B134B4B5FA7FD621F5FF2C9DB2
         34.3s C:\Program Files (x86)\Emsisoft Anti-Malware\Quarantine\54942ec9-f83d-4911-86a1-f2a3e02c138f.EQF
         34.3s C:\Program Files (x86)\Emsisoft Anti-Malware\Quarantine\54942ec9-f83d-4911-86a1-f2a3e02c138f.EQF
         34.3s C:\Program Files (x86)\Emsisoft Anti-Malware\Quarantine\54942ec9-f83d-4911-86a1-f2a3e02c138f.EQF
         34.3s C:\Program Files (x86)\Emsisoft Anti-Malware\Quarantine\54942ec9-f83d-4911-86a1-f2a3e02c138f.EQF
         34.3s C:\Program Files (x86)\Emsisoft Anti-Malware\Quarantine\54942ec9-f83d-4911-86a1-f2a3e02c138f.EQF
         34.3s C:\Program Files (x86)\Emsisoft Anti-Malware\Quarantine\54942ec9-f83d-4911-86a1-f2a3e02c138f.EQF
         34.3s C:\Program Files (x86)\Emsisoft Anti-Malware\Quarantine\54942ec9-f83d-4911-86a1-f2a3e02c138f.EQF
         34.3s C:\Program Files (x86)\Emsisoft Anti-Malware\Quarantine\54942ec9-f83d-4911-86a1-f2a3e02c138f.EQF
         34.3s C:\Program Files (x86)\Emsisoft Anti-Malware\Quarantine\54942ec9-f83d-4911-86a1-f2a3e02c138f.EQF
         37.2s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUAJDLT7\SPSetup[1].exe
         37.2s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUAJDLT7\SPSetup[1].exe
         37.2s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUAJDLT7\SPSetup[1].exe
         37.2s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUAJDLT7\SPSetup[1].exe
         37.2s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUAJDLT7\SPSetup[1].exe
         37.2s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUAJDLT7\SPSetup[1].exe
         37.2s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUAJDLT7\SPSetup[1].exe
         37.2s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUAJDLT7\SPSetup[1].exe
         37.2s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUAJDLT7\SPSetup[1].exe
         40.4s C:\ProgramData\Updater\
         43.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{50493D95-11EC-489D-9C40-8C999CAE0D9C}
         44.1s C:\ProgramData\RHelpers\
         44.1s C:\ProgramData\RHelpers\
         44.1s C:\ProgramData\RHelpers\ChromeHelper\
         44.1s C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
         46.1s C:\Program Files (x86)\Emsisoft Anti-Malware\Quarantine\2834b748-91a4-44c0-bd2f-2a986ef4225b.EQF
         46.8s C:\ProgramData\RHelpers\FirefoxHelper\
         46.8s C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe
         48.8s C:\ProgramData\RHelpers\IeHelper\
         48.8s C:\ProgramData\RHelpers\IeHelper\IeHelper.exe
         50.8s C:\ProgramData\Updater\Uninstall.exe
         52.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\mpasdlta.vdm
         52.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{27B4E34B-FE4C-4A50-9EE1-7AC4DF21148E}
         52.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{27B4E34B-FE4C-4A50-9EE1-7AC4DF21148E}
         53.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{09E243B2-4463-484E-B393-121D12665C4E}
         53.9s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{CD0EF665-1A8B-4D4F-B9A5-82816067B26E}
         56.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{68CF9A63-2A89-4F77-AAAB-1B30540DD1A2}
         59.2s C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\rep\SystemRepository.dat.vir
         59.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\mpavdlta.vdm
         59.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\mpavdlta.vdm
         59.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\mpavdlta.vdm
         59.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\mpavdlta.vdm
         59.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\mpavdlta.vdm
         59.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\mpavdlta.vdm
         59.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\mpavdlta.vdm
         59.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\mpavdlta.vdm
         59.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\mpavdlta.vdm
         65.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\
         65.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\
         65.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\
         65.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\mpengine.dll
         65.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\mpengine.dll
         65.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\mpengine.dll
         65.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\mpengine.dll
         65.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\mpengine.dll
         65.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\mpengine.dll
         65.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B6F0227-0A44-4F44-9E64-58FA2A6632BF}\mpengine.dll
         76.8s C:\Users\Teresa\AppData\Local\Temp\nsk4B83.tmp
         82.9s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U49WRZEG\2.9.8[1].json
         82.9s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U49WRZEG\2.9.8[1].json
         82.9s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U49WRZEG\2.9.8[1].json
         95.3s C:\Users\Teresa\AppData\Local\Temp\nsf939B.tmp
         95.3s C:\Users\Teresa\AppData\Local\Temp\nsf939B.exe
         96.4s C:\Users\Teresa\AppData\Local\Temp\nsv983E.tmp
         96.4s C:\Users\Teresa\AppData\Local\Temp\nsv983E.tmp
         96.4s C:\Users\Teresa\AppData\Local\Temp\nsv983E.tmp
         96.4s C:\Users\Teresa\AppData\Local\Temp\nsv983E.exe
         97.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{574E1B4E-7F1A-4279-88D6-739663EA6172}
         98.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56F8648-8234-44A1-B283-2ACAB47B53E9}
         98.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56F8648-8234-44A1-B283-2ACAB47B53E9}
         98.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56F8648-8234-44A1-B283-2ACAB47B53E9}
         98.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56F8648-8234-44A1-B283-2ACAB47B53E9}
         100.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_21B0B75C4EFB1E4DC408C2B97717A9A4
         100.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_21B0B75C4EFB1E4DC408C2B97717A9A4
         100.1s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_21B0B75C4EFB1E4DC408C2B97717A9A4
         109.3s C:\AdwCleaner\Quarantine\C\Users\Teresa\AppData\Local\Searchprotect\SearchProtect\rep\UserRepository.dat.vir
         110.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{19E89282-BF45-45C5-9884-9461EC525621}
         111.9s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{FC9B24E8-2270-494B-B06B-8C82A387B47F}
         112.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{BB8A9694-3920-4610-9924-8406D20B6C4F}
         115.3s C:\AdwCleaner\Quarantine\C\Users\Teresa\AppData\Local\Searchprotect\UI\rep\UIRepository.dat.vir
         117.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin
         122.6s C:\AdwCleaner\Quarantine\C\Users\Teresa\AppData\Local\Searchprotect\SearchProtect\rep\UserSettings.dat.vir
         123.5s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_FirefoxHelper.ex_478c848b28df34ffa75e14eb1c7fb7d5310365_0f5a01b5\
         123.5s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_FirefoxHelper.ex_478c848b28df34ffa75e14eb1c7fb7d5310365_0f5a01b5\Report.wer
         123.7s C:\Users\Teresa\AppData\Local\CrashDumps\FirefoxHelper.exe.2612.dmp
         128.1s C:\ProgramData\Spybot - Search & Destroy\Configuration.ini
         129.8s C:\Users\Teresa\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\04AFA8793E5CDC4A81C6CD4554A30707
         129.8s C:\Users\Teresa\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\04AFA8793E5CDC4A81C6CD4554A30707
         130.8s C:\Users\Teresa\AppData\Local\Temp\nsa1E20.tmp
         130.8s C:\Users\Teresa\AppData\Local\Temp\nsa1E20.exe
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.2s C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-c5dbe61d-10b5-4901-a0d0-ef8ed2140110.txt
         132.8s C:\Users\Teresa\AppData\Local\Temp\nsq261D.tmp
         132.8s C:\Users\Teresa\AppData\Local\Temp\nsq261D.exe
         132.8s C:\Users\Teresa\AppData\Local\Temp\nsq261D.exe
         132.8s C:\Users\Teresa\AppData\Local\Temp\nsq261D.exe
         132.8s C:\Users\Teresa\AppData\Local\Temp\nsq261D.exe
         134.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{73606CC4-68A7-4AAD-A5E3-33F430456ECD}
         134.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{67948FAF-1755-4B4F-A788-E139355297E3}
         135.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{F2CCB90E-E7C1-429F-93EB-47F5A2BE69FB}
         135.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{F2CCB90E-E7C1-429F-93EB-47F5A2BE69FB}
         135.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{F2CCB90E-E7C1-429F-93EB-47F5A2BE69FB}
         135.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{F2CCB90E-E7C1-429F-93EB-47F5A2BE69FB}
         138.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.67
         153.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.VE0
         153.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.VE0
         170.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{F594A03E-4EE6-46AA-BCA2-35593937199B}
         170.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{F594A03E-4EE6-46AA-BCA2-35593937199B}
         170.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{F594A03E-4EE6-46AA-BCA2-35593937199B}
         170.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{F594A03E-4EE6-46AA-BCA2-35593937199B}
         170.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{F594A03E-4EE6-46AA-BCA2-35593937199B}
         170.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{F594A03E-4EE6-46AA-BCA2-35593937199B}
         170.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{F594A03E-4EE6-46AA-BCA2-35593937199B}
         173.7s C:\Users\Teresa\AppData\Local\Temp\tmp00003650\
         173.7s C:\Users\Teresa\AppData\Local\Temp\tmp00003650\tmp00000000
         177.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.VE1
         177.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.VE1
         177.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.VE1
         177.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.VE1
         177.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.VE1
         177.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.VE1
         177.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.VE1
         177.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.VE1
         177.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.VE1
         177.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.7E
         177.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.7E
         177.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.7E
         177.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.7E
         177.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.7E
         177.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.7E
         177.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.7E
         177.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.7E
         177.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.7E
         177.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.7E
         177.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.80
         177.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.80
         177.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.80
         178.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.87
         179.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.A0
         179.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.A0
         179.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.VF
         179.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.CB
         179.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.CB
         179.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-83BD57769E056A8E2D0AAE9217DDB5A914400FB2.bin.CC
         196.4s C:\ProgramData\Updater\updater.exe
         196.4s C:\ProgramData\Updater\updater.exe
         196.4s C:\ProgramData\Updater\updater.exe
         199.9s C:\ProgramData\Updater\_updater.exe
         203.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{CCDF3955-2EA6-4860-98AA-F8284BDD58A6}
         203.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{CCDF3955-2EA6-4860-98AA-F8284BDD58A6}
         203.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{CCDF3955-2EA6-4860-98AA-F8284BDD58A6}
         205.7s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6A8QKB6U\Check[1].xml
         210.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{A0615AFF-D691-4D6D-BC99-E5284970779F}
         211.2s C:\Users\Teresa\AppData\Local\Temp\s5f0\
         212.5s C:\Users\Teresa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U49WRZEG\Setup[1].exe
         212.7s C:\Users\Teresa\AppData\Local\Temp\s5f0\Setup.exe
         212.7s C:\Users\Teresa\AppData\Local\Temp\s5f0\Setup.exe
         212.7s C:\Users\Teresa\AppData\Local\Temp\s5f0\Setup.exe
         212.7s C:\Users\Teresa\AppData\Local\Temp\s5f0\Setup.exe
         212.7s C:\Users\Teresa\AppData\Local\Temp\s5f0\Setup.exe
         212.7s C:\Users\Teresa\AppData\Local\Temp\s5f0\Setup.exe
         226.3s C:\Users\Teresa\AppData\Local\Temp\nsb93A8.tmp\
         226.3s C:\Users\Teresa\AppData\Local\Temp\nsb93A8.tmp\System.dll
         226.4s C:\Users\Teresa\AppData\Local\Temp\nsb93A8.tmp\Helper.dll
         226.6s C:\Users\Teresa\AppData\Local\Temp\nsb93A8.tmp\version.dll
         226.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{37FA85BC-B050-4D03-9412-3A0B17B9AEE2}
         230.9s C:\ProgramData\InternetUpdater\
         230.9s C:\ProgramData\InternetUpdater\InternetUpdater.ico
         231.0s C:\ProgramData\InternetUpdater\Uninstall.exe
         231.4s C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
         231.8s C:\ProgramData\InternetUpdater\InternetUpdaterService.exe.config
         231.9s C:\Users\Teresa\AppData\Local\Temp\nsb93A8.tmp\nsExec.dll
         236.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{AA70BB40-32CE-4F02-B71D-371CEC70CB27}
         236.9s C:\ProgramData\InternetUpdater\app.dat
         237.3s C:\ProgramData\InternetUpdater\data.dat
         237.3s C:\ProgramData\InternetUpdater\data.dat-journal
         239.2s C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\StdUtils.dll

   C:\Users\Teresa\Downloads\mozilla firefox setup.exe -> Quarantined
      Size . . . . . . . : 606,104 bytes
      Age  . . . . . . . : 3.1 days (2014-01-06 21:47:37)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 29DE3645819D442C569E0C7BDD0C268327FEF4151ECE41099DD802C17354EA8C
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.Agent.beao
      Fuzzy  . . . . . . : 109.0


Cookies _____________________________________________________________________

   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:2o7.net
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:ad.mlnadvertising.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:adlegend.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:ads.mlive.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:ads.pointroll.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:ads.pubmatic.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:ads.undertone.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:ads.yahoo.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:adtech.de
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:adtechus.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:advertising.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:at.atwola.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:atdmt.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:bmwmoter.122.2o7.net
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:burstnet.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:casalemedia.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:collective-media.net
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:doubleclick.net
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:gntbcstglobal.112.2o7.net
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:interclick.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:invitemedia.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:kontera.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:media6degrees.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:mediaplex.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:network.realmedia.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:oasn04.247realmedia.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:overture.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:pointroll.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:questionmarket.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:realmedia.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:revsci.net
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:ru4.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:smartadserver.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:statse.webtrendslive.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:tacoda.at.atwola.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:tribalfusion.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:ww251.smartadserver.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:www.googleadservices.com
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:yieldmanager.net
   C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\u89nc3bp.default-1385951061197\cookies.sqlite:zedo.com
 

Mini Toolbox:

 

MiniToolBox by Farbar  Version: 18-12-2013
Ran by Teresa (administrator) on 10-01-2014 at 01:14:56
Running from "C:\Users\Teresa\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
PdaNet Broadband Adapter = Local Area Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Teresa-laptop
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gateway.2wire.net

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 00-26-B6-1F-11-B8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : PdaNet Broadband Adapter
   Physical Address. . . . . . . . . : 00-26-37-BD-39-42
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : 00-26-B6-1F-11-B8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f0c9:935c:c65:56d5%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.69(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, January 10, 2014 12:45:01 AM
   Lease Expires . . . . . . . . . . : Saturday, January 11, 2014 12:45:04 AM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 301999798
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-43-FA-67-00-1E-33-F5-83-37
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 00-1E-33-F5-83-37
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 18:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:283d:23ed:9c93:28c1(Preferred)
   Link-local IPv6 Address . . . . . : fe80::283d:23ed:9c93:28c1%28(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  homeportal
Address:  192.168.1.254

Name:    google.com
Addresses:  2607:f8b0:4009:800::1006
      74.125.225.40
      74.125.225.39
      74.125.225.35
      74.125.225.34
      74.125.225.36
      74.125.225.37
      74.125.225.41
      74.125.225.33
      74.125.225.32
      74.125.225.38
      74.125.225.46


Pinging google.com [74.125.225.32] with 32 bytes of data:
Reply from 74.125.225.32: bytes=32 time=36ms TTL=53
Reply from 74.125.225.32: bytes=32 time=36ms TTL=53

Ping statistics for 74.125.225.32:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 36ms, Maximum = 36ms, Average = 36ms
Server:  homeportal
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=111ms TTL=47
Reply from 98.139.183.24: bytes=32 time=90ms TTL=47

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 90ms, Maximum = 111ms, Average = 100ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=13ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 4ms, Maximum = 13ms, Average = 8ms
===========================================================================
Interface List
 15...00 26 b6 1f 11 b8 ......Microsoft Virtual WiFi Miniport Adapter
 12...00 26 37 bd 39 42 ......PdaNet Broadband Adapter
 11...00 26 b6 1f 11 b8 ......Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
 10...00 1e 33 f5 83 37 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 28...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
 27...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 31...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.69     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.69    281
     192.168.1.69  255.255.255.255         On-link      192.168.1.69    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.69    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.69    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.69    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 28     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 28     58 2001::/32                On-link
 28    306 2001:0:9d38:6abd:283d:23ed:9c93:28c1/128
                                    On-link
 11    281 fe80::/64                On-link
 28    306 fe80::/64                On-link
 28    306 fe80::283d:23ed:9c93:28c1/128
                                    On-link
 11    281 fe80::f0c9:935c:c65:56d5/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
 28    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 09 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Adobe AIR (Version: 3.9.0.1380)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Reader XI (11.0.05) (Version: 11.0.05)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
AT&T Troubleshoot & Resolve Tool
ATT Management Agent (Version: 8.2.1.6)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 4.09)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Direct DiscRecorder (Version: 1.00.0000)
Dolby Control Center (Version: 2.2.1)
DVD MovieFactory for TOSHIBA (Version: 7.0.0)
File Association Manager (Version: 0.5)
Google Drive (Version: 1.13.5782.599)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4805.320)
Google Update Helper (Version: 1.3.22.3)
HL-2270DW (Version: 1.0.7.0)
iCloud (Version: 3.1.0.40)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1883)
Intel® Matrix Storage Manager
Internet Updater (Version: 2.6.52)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Junk Mail filter update (Version: 15.4.3502.0922)
Logitech Desktop Messenger (Version: 2.52.18)
Logitech Harmony Remote Software 7 (Version: 7.4.0.5)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0)
Mozilla Maintenance Service (Version: 26.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MyToshiba (Version: 2.2.0.3)
NetZero Launcher (Version: 2.01)
Node.js (Version: 0.10.24)
PdaNet for Android 2.45
PlayReady PC Runtime amd64 (Version: 1.3.0)
Quickbooks Financial Center (Version: 2.02)
QuickTime (Version: 7.74.80.86)
Realtek Ethernet Controller  Driver (Version: 1.00.0008)
Realtek High Definition Audio Driver (Version: 6.0.1.5904)
Realtek WLAN Driver (Version: 2.00.0006)
Remote Control USB Driver (Version: 2.3.2.317)
RICOH R5U230 Media Driver ver.2.06.03.02 (Version: 2.06.03.02)
Safari (Version: 5.34.57.2)
Secunia PSI (3.0.0.9016) (Version: 3.0.0.9016)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shared C Run-time for x64 (Version: 10.0.0)
Skype Launcher (Version: 2.01)
Synaptics Pointing Device Driver (Version: 13.2.6.1)
TBRAC-2006 R2 (Version: 3.51.2.5572)
Toshiba Application Installer (Version: 9.0.0.9)
TOSHIBA Assist (Version: 3.00.09)
TOSHIBA ConfigFree (Version: 8.0.21)
TOSHIBA Disc Creator (Version: 2.1.0.1 for x64)
TOSHIBA DVD PLAYER (Version: 3.01.0.07-A)
TOSHIBA eco Utility (Version: 1.1.7.64)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: )
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Face Recognition (Version: 3.1.0.64)
TOSHIBA Hardware Setup (Version: 2.00.11)
TOSHIBA HDD Protection (Version: 2.2.0.0)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.2)
Toshiba Online Backup (Version: 1.2.0.35)
TOSHIBA PC Health Monitor (Version: 1.4.1.64)
Toshiba Quality Application (Version: 1.001.0000)
TOSHIBA Recovery Media Creator (Version: 2.1.0.2 for x64)
TOSHIBA Service Station (Version: 2.2.9)
TOSHIBA Speech System Applications (Version: 1.00.2518)
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 2.00.09)
TOSHIBA USB Sleep and Charge Utility (Version: 1.2.3.0)
TOSHIBA Value Added Package (Version: 1.2.25.64)
TOSHIBA Web Camera Application (Version: 1.1.1.4)
ToshibaRegistration (Version: 1.0.3)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Updater (Version: 2.6.53)
WildTangent Games (Version: 1.0.0.71)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 3963.98 MB
Available physical RAM: 2531.97 MB
Total Pagefile: 7926.15 MB
Available Pagefile: 6423.05 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.88 MB

========================= Partitions: =====================================

1 Drive c: (TI102782W0E) (Fixed) (Total:453.62 GB) (Free:390.9 GB) NTFS

========================= Users: ========================================

User accounts for \\TERESA-LAPTOP

Administrator            Guest                    Teresa                   


**** End of log ****
 



#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:30 PM

Posted 10 January 2014 - 07:08 AM

Download Security Check by screen317 from here.


  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

 

 

 

Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Post the log here,

 

 

Run a scan with Eset. You will need to disable your antivirus during this scan.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.



#5 Slow Mo

Slow Mo
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 10 January 2014 - 07:24 PM

Security check:

 

 Results of screen317's Security Check version 0.99.78  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Secunia PSI (3.0.0.9016)   
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 45  
 Adobe Flash Player 11.9.900.170  
 Adobe Reader XI  
 Mozilla Firefox (26.0)
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 5%
````````````````````End of Log``````````````````````
 

MalwareBytes:

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.10.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Teresa :: TERESA-LAPTOP [administrator]

Protection: Enabled

1/10/2014 8:29:14 AM
MBAM-log-2014-01-10 (08-39-36).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 216136
Time elapsed: 9 minute(s), 1 second(s)

Memory Processes Detected: 5
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe (PUP.Optional.InternetUpdater.A) -> 1160 -> No action taken.
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe (PUP.Optional.SearchDonkey.A) -> 4772 -> No action taken.
C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe (PUP.Optional.SearchDonkey.A) -> 2036 -> No action taken.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.SearchDonkey.A) -> 4804 -> No action taken.
C:\ProgramData\Updater\updater.exe (Trojan.Agent) -> 4704 -> No action taken.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKLM\SYSTEM\CurrentControlSet\Services\InternetUpdater (PUP.Optional.InternetUpdater.A) -> No action taken.
HKCR\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C} (PUP.Optional.WebSteroids.A) -> No action taken.
HKCR\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} (PUP.Optional.DynConIE.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InternetUpdater (PUP.Optional.InternetUpdater.A) -> No action taken.

Registry Values Detected: 3
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Updater (Trojan.Agent) -> Data: C:\ProgramData\Updater\updater.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Updater (Trojan.Agent) -> Data: C:\ProgramData\Updater\Updater.exe -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\InternetUpdater|ImagePath (PUP.Optional.InternetUpdater.A) -> Data: "C:\ProgramData\InternetUpdater\InternetUpdaterService.exe" -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 5
C:\ProgramData\InternetUpdater (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\Users\Teresa\AppData\Local\Temp\CT3323737 (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\RHelpers\ChromeHelper (PUP.Optional.Searchagent) -> No action taken.
C:\ProgramData\RHelpers\FirefoxHelper (PUP.Optional.Searchagent) -> No action taken.
C:\ProgramData\RHelpers\IeHelper (PUP.Optional.Searchagent) -> No action taken.

Files Detected: 31
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe (PUP.Optional.SearchDonkey.A) -> No action taken.
C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe (PUP.Optional.SearchDonkey.A) -> No action taken.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.SearchDonkey.A) -> No action taken.
C:\Users\Teresa\AppData\Local\Temp\BetterBrowseSetup.exe (PUP.Optional.BetterBrowse.A) -> No action taken.
C:\Users\Teresa\AppData\Local\Temp\nsa1E20.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Teresa\AppData\Local\Temp\nsf939B.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Teresa\AppData\Local\Temp\nsh11E.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Teresa\AppData\Local\Temp\nsn6AF9.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Teresa\AppData\Local\Temp\nsq261D.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Teresa\AppData\Local\Temp\nss721B.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Teresa\AppData\Local\Temp\nssFAA8.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Teresa\AppData\Local\Temp\nsv983E.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Teresa\AppData\Local\Temp\sp_downloader.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\DynamicOffer1\sp-downloader.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Teresa\AppData\Local\Temp\s5f0\Setup.exe (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\Users\Teresa\Downloads\7zip_bimo.exe (PUP.Optional.InstallIQ) -> No action taken.
C:\Users\Teresa\Downloads\Video_Converter_TSV115B3H.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Teresa\Local Settings\Temporary Internet Files\Content.IE5\6A8QKB6U\Setup[1].exe (PUP.Optional.BetterBrowse.A) -> No action taken.
C:\Users\Teresa\Local Settings\Temporary Internet Files\Content.IE5\QUAJDLT7\SPSetup[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Teresa\Local Settings\Temporary Internet Files\Content.IE5\U49WRZEG\Setup[1].exe (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\Users\Teresa\Local Settings\Temporary Internet Files\Content.IE5\U49WRZEG\spstub[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\InternetUpdater\InternetUpdater.ico (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\ProgramData\InternetUpdater\app.dat (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\ProgramData\InternetUpdater\data.dat (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\ProgramData\InternetUpdater\data.dat-journal (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe.config (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\ProgramData\InternetUpdater\Uninstall.exe (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\ProgramData\Updater\updater.exe (Trojan.Agent) -> No action taken.
C:\Users\Teresa\AppData\Local\Temp\CT3323737\ddt.csf (PUP.Optional.Conduit.A) -> No action taken.

(end)
 

Eset:

 

No log popped up, but it stated No threats found



#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:30 PM

Posted 10 January 2014 - 07:43 PM

You need to re-run malwarebytes this tick all items for removal post the new log that shows the items are removed.

 

Please download TDSSKiller.exe to your desktop.. Vista/Windows 7 users right-click and select Run As Administrator.

  • Click on Change Parameters and click Detect TDLFS File System.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A TDSSKiller text file would be saved in Local Disk C.
  • Copy and paste the contents of that file in your next reply.


#7 Slow Mo

Slow Mo
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 10 January 2014 - 08:10 PM

Can you clarify for me, on Malware Bytes you want the original log run AND the one run AFTER items are removed? In my post I showed the log after items were removed. I guess I wasn't sure if you wanted the first log (of what was found when I ran the scan). Also should the new Malware Bytes scan be a Quick Scan? Thanks for your patience, I am new to this.

#8 Slow Mo

Slow Mo
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 10 January 2014 - 08:17 PM

This is the original Malware Bytes log, the 2nd one I posted was AFTER I removed the items:

 

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.10.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Teresa :: TERESA-LAPTOP [administrator]

Protection: Enabled

1/10/2014 8:29:14 AM
mbam-log-2014-01-10 (08-29-14).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 216136
Time elapsed: 9 minute(s), 1 second(s)

Memory Processes Detected: 5
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe (PUP.Optional.InternetUpdater.A) -> 1160 -> Delete on reboot.
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe (PUP.Optional.SearchDonkey.A) -> 4772 -> Delete on reboot.
C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe (PUP.Optional.SearchDonkey.A) -> 2036 -> Delete on reboot.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.SearchDonkey.A) -> 4804 -> Delete on reboot.
C:\ProgramData\Updater\updater.exe (Trojan.Agent) -> 4704 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKLM\SYSTEM\CurrentControlSet\Services\InternetUpdater (PUP.Optional.InternetUpdater.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C} (PUP.Optional.WebSteroids.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} (PUP.Optional.DynConIE.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InternetUpdater (PUP.Optional.InternetUpdater.A) -> Quarantined and deleted successfully.

Registry Values Detected: 3
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Updater (Trojan.Agent) -> Data: C:\ProgramData\Updater\updater.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Updater (Trojan.Agent) -> Data: C:\ProgramData\Updater\Updater.exe -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\InternetUpdater|ImagePath (PUP.Optional.InternetUpdater.A) -> Data: "C:\ProgramData\InternetUpdater\InternetUpdaterService.exe" -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 5
C:\ProgramData\InternetUpdater (PUP.Optional.InternetUpdater.A) -> Delete on reboot.
C:\Users\Teresa\AppData\Local\Temp\CT3323737 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\RHelpers\ChromeHelper (PUP.Optional.Searchagent) -> Delete on reboot.
C:\ProgramData\RHelpers\FirefoxHelper (PUP.Optional.Searchagent) -> Delete on reboot.
C:\ProgramData\RHelpers\IeHelper (PUP.Optional.Searchagent) -> Delete on reboot.

Files Detected: 31
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe (PUP.Optional.InternetUpdater.A) -> Delete on reboot.
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe (PUP.Optional.SearchDonkey.A) -> Delete on reboot.
C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe (PUP.Optional.SearchDonkey.A) -> Delete on reboot.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.SearchDonkey.A) -> Delete on reboot.
C:\Users\Teresa\AppData\Local\Temp\BetterBrowseSetup.exe (PUP.Optional.BetterBrowse.A) -> Quarantined and deleted successfully.
C:\Users\Teresa\AppData\Local\Temp\nsa1E20.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Teresa\AppData\Local\Temp\nsf939B.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Teresa\AppData\Local\Temp\nsh11E.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Teresa\AppData\Local\Temp\nsn6AF9.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Teresa\AppData\Local\Temp\nsq261D.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Teresa\AppData\Local\Temp\nss721B.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Teresa\AppData\Local\Temp\nssFAA8.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Teresa\AppData\Local\Temp\nsv983E.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Teresa\AppData\Local\Temp\sp_downloader.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Teresa\AppData\Local\Temp\nsj3F23.tmp\DynamicOffer1\sp-downloader.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Teresa\AppData\Local\Temp\s5f0\Setup.exe (PUP.Optional.InternetUpdater.A) -> Quarantined and deleted successfully.
C:\Users\Teresa\Downloads\7zip_bimo.exe (PUP.Optional.InstallIQ) -> Quarantined and deleted successfully.
C:\Users\Teresa\Downloads\Video_Converter_TSV115B3H.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Teresa\Local Settings\Temporary Internet Files\Content.IE5\6A8QKB6U\Setup[1].exe (PUP.Optional.BetterBrowse.A) -> Quarantined and deleted successfully.
C:\Users\Teresa\Local Settings\Temporary Internet Files\Content.IE5\QUAJDLT7\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Teresa\Local Settings\Temporary Internet Files\Content.IE5\U49WRZEG\Setup[1].exe (PUP.Optional.InternetUpdater.A) -> Quarantined and deleted successfully.
C:\Users\Teresa\Local Settings\Temporary Internet Files\Content.IE5\U49WRZEG\spstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\InternetUpdater\InternetUpdater.ico (PUP.Optional.InternetUpdater.A) -> Quarantined and deleted successfully.
C:\ProgramData\InternetUpdater\app.dat (PUP.Optional.InternetUpdater.A) -> Quarantined and deleted successfully.
C:\ProgramData\InternetUpdater\data.dat (PUP.Optional.InternetUpdater.A) -> Quarantined and deleted successfully.
C:\ProgramData\InternetUpdater\data.dat-journal (PUP.Optional.InternetUpdater.A) -> Quarantined and deleted successfully.
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe.config (PUP.Optional.InternetUpdater.A) -> Quarantined and deleted successfully.
C:\ProgramData\InternetUpdater\Uninstall.exe (PUP.Optional.InternetUpdater.A) -> Quarantined and deleted successfully.
C:\ProgramData\Updater\updater.exe (Trojan.Agent) -> Delete on reboot.
C:\Users\Teresa\AppData\Local\Temp\CT3323737\ddt.csf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

(end)



#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:30 PM

Posted 10 January 2014 - 08:38 PM

That last log is what I wanted to see can I now see the tdss killer log.



#10 Slow Mo

Slow Mo
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 10 January 2014 - 08:52 PM

I will do it as soon as I get home (approx 2 hrs) and will post it. Thanks!

#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:30 PM

Posted 10 January 2014 - 09:01 PM

:)



#12 Slow Mo

Slow Mo
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 11 January 2014 - 01:18 AM

TDSS killer log (no threats found):

 

01:11:45.0191 0x0ccc  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
01:11:59.0996 0x0ccc  ============================================================
01:11:59.0996 0x0ccc  Current date / time: 2014/01/11 01:11:59.0996
01:11:59.0996 0x0ccc  SystemInfo:
01:11:59.0996 0x0ccc  
01:11:59.0996 0x0ccc  OS Version: 6.1.7601 ServicePack: 1.0
01:11:59.0996 0x0ccc  Product type: Workstation
01:11:59.0996 0x0ccc  ComputerName: TERESA-LAPTOP
01:11:59.0996 0x0ccc  UserName: Teresa
01:11:59.0996 0x0ccc  Windows directory: C:\windows
01:11:59.0996 0x0ccc  System windows directory: C:\windows
01:11:59.0996 0x0ccc  Running under WOW64
01:11:59.0997 0x0ccc  Processor architecture: Intel x64
01:11:59.0997 0x0ccc  Number of processors: 2
01:11:59.0997 0x0ccc  Page size: 0x1000
01:11:59.0997 0x0ccc  Boot type: Normal boot
01:11:59.0997 0x0ccc  ============================================================
01:12:03.0696 0x0ccc  KLMD registered as C:\windows\system32\drivers\19701022.sys
01:12:04.0057 0x0ccc  System UUID: {5C3FFEC7-C308-BA12-2F33-39A5AE13A920}
01:12:04.0702 0x0ccc  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:12:04.0709 0x0ccc  ============================================================
01:12:04.0709 0x0ccc  \Device\Harddisk0\DR0:
01:12:04.0709 0x0ccc  MBR partitions:
01:12:04.0709 0x0ccc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38B3B800
01:12:04.0709 0x0ccc  ============================================================
01:12:04.0736 0x0ccc  C: <-> \Device\Harddisk0\DR0\Partition1
01:12:04.0736 0x0ccc  ============================================================
01:12:04.0736 0x0ccc  Initialize success
01:12:04.0736 0x0ccc  ============================================================
01:12:26.0208 0x11b8  ============================================================
01:12:26.0208 0x11b8  Scan started
01:12:26.0208 0x11b8  Mode: Manual; TDLFS;
01:12:26.0208 0x11b8  ============================================================
01:12:26.0208 0x11b8  KSN ping started
01:12:28.0971 0x11b8  KSN ping finished: true
01:12:29.0105 0x11b8  ================ Scan system memory ========================
01:12:29.0105 0x11b8  System memory - ok
01:12:29.0107 0x11b8  ================ Scan services =============================
01:12:29.0778 0x11b8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
01:12:29.0790 0x11b8  1394ohci - ok
01:12:29.0850 0x11b8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
01:12:29.0858 0x11b8  ACPI - ok
01:12:29.0901 0x11b8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
01:12:29.0902 0x11b8  AcpiPmi - ok
01:12:30.0042 0x11b8  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:12:30.0045 0x11b8  AdobeARMservice - ok
01:12:30.0163 0x11b8  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:12:30.0174 0x11b8  AdobeFlashPlayerUpdateSvc - ok
01:12:30.0254 0x11b8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
01:12:30.0275 0x11b8  adp94xx - ok
01:12:30.0328 0x11b8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
01:12:30.0337 0x11b8  adpahci - ok
01:12:30.0352 0x11b8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
01:12:30.0357 0x11b8  adpu320 - ok
01:12:30.0386 0x11b8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
01:12:30.0400 0x11b8  AeLookupSvc - ok
01:12:30.0458 0x11b8  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\windows\system32\drivers\afd.sys
01:12:30.0472 0x11b8  AFD - ok
01:12:30.0559 0x11b8  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\windows\system32\DRIVERS\agrsm64.sys
01:12:30.0589 0x11b8  AgereSoftModem - ok
01:12:30.0631 0x11b8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
01:12:30.0633 0x11b8  agp440 - ok
01:12:30.0670 0x11b8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
01:12:30.0673 0x11b8  ALG - ok
01:12:30.0721 0x11b8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
01:12:30.0722 0x11b8  aliide - ok
01:12:30.0763 0x11b8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
01:12:30.0765 0x11b8  amdide - ok
01:12:30.0807 0x11b8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
01:12:30.0810 0x11b8  AmdK8 - ok
01:12:30.0831 0x11b8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
01:12:30.0833 0x11b8  AmdPPM - ok
01:12:30.0869 0x11b8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
01:12:30.0873 0x11b8  amdsata - ok
01:12:30.0912 0x11b8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
01:12:30.0919 0x11b8  amdsbs - ok
01:12:30.0955 0x11b8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
01:12:30.0956 0x11b8  amdxata - ok
01:12:30.0999 0x11b8  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\windows\system32\drivers\appid.sys
01:12:31.0001 0x11b8  AppID - ok
01:12:31.0040 0x11b8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\windows\System32\appidsvc.dll
01:12:31.0042 0x11b8  AppIDSvc - ok
01:12:31.0077 0x11b8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll
01:12:31.0080 0x11b8  Appinfo - ok
01:12:31.0344 0x11b8  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:12:31.0384 0x11b8  Apple Mobile Device - ok
01:12:31.0441 0x11b8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\DRIVERS\arc.sys
01:12:31.0454 0x11b8  arc - ok
01:12:31.0483 0x11b8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
01:12:31.0489 0x11b8  arcsas - ok
01:12:31.0516 0x11b8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
01:12:31.0530 0x11b8  AsyncMac - ok
01:12:31.0580 0x11b8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
01:12:31.0581 0x11b8  atapi - ok
01:12:31.0677 0x11b8  [ E857EEE6B92AAA473EBB3465ADD8F7E7, 1C7E4737E649A025B3C4974A4F7D1353EAB85561FC8ED54E5C22A777E1A189B3 ] athr            C:\windows\system32\DRIVERS\athrx.sys
01:12:31.0731 0x11b8  athr - ok
01:12:31.0926 0x11b8  [ 93E6F56D9FD244B76B973CEDFB427765, B45884B916A40FF420D788AE154C8BF35FD9FC0FA6C897D63F776307C8C2B049 ] ATT MAHostService C:\Program Files (x86)\ATT\8.2.1.6\ma\bin\MAHostService.exe
01:12:31.0942 0x11b8  ATT MAHostService - ok
01:12:32.0004 0x11b8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
01:12:32.0020 0x11b8  AudioEndpointBuilder - ok
01:12:32.0051 0x11b8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\windows\System32\Audiosrv.dll
01:12:32.0067 0x11b8  AudioSrv - ok
01:12:32.0114 0x11b8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
01:12:32.0129 0x11b8  AxInstSV - ok
01:12:32.0192 0x11b8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\DRIVERS\bxvbda.sys
01:12:32.0207 0x11b8  b06bdrv - ok
01:12:32.0238 0x11b8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
01:12:32.0238 0x11b8  b57nd60a - ok
01:12:32.0301 0x11b8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
01:12:32.0316 0x11b8  BDESVC - ok
01:12:32.0332 0x11b8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
01:12:32.0332 0x11b8  Beep - ok
01:12:32.0394 0x11b8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
01:12:32.0426 0x11b8  BFE - ok
01:12:32.0504 0x11b8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
01:12:32.0519 0x11b8  BITS - ok
01:12:32.0566 0x11b8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
01:12:32.0582 0x11b8  blbdrive - ok
01:12:32.0675 0x11b8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
01:12:32.0706 0x11b8  Bonjour Service - ok
01:12:32.0753 0x11b8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
01:12:32.0753 0x11b8  bowser - ok
01:12:32.0816 0x11b8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
01:12:32.0816 0x11b8  BrFiltLo - ok
01:12:32.0831 0x11b8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
01:12:32.0831 0x11b8  BrFiltUp - ok
01:12:32.0862 0x11b8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
01:12:32.0878 0x11b8  Browser - ok
01:12:32.0909 0x11b8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
01:12:32.0925 0x11b8  Brserid - ok
01:12:32.0940 0x11b8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
01:12:32.0940 0x11b8  BrSerWdm - ok
01:12:32.0972 0x11b8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
01:12:32.0972 0x11b8  BrUsbMdm - ok
01:12:33.0003 0x11b8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
01:12:33.0003 0x11b8  BrUsbSer - ok
01:12:33.0159 0x11b8  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
01:12:33.0174 0x11b8  BrYNSvc - ok
01:12:33.0221 0x11b8  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
01:12:33.0221 0x11b8  BthEnum - ok
01:12:33.0268 0x11b8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
01:12:33.0268 0x11b8  BTHMODEM - ok
01:12:33.0299 0x11b8  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
01:12:33.0299 0x11b8  BthPan - ok
01:12:33.0362 0x11b8  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
01:12:33.0393 0x11b8  BTHPORT - ok
01:12:33.0424 0x11b8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
01:12:33.0424 0x11b8  bthserv - ok
01:12:33.0455 0x11b8  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
01:12:33.0455 0x11b8  BTHUSB - ok
01:12:33.0486 0x11b8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
01:12:33.0486 0x11b8  cdfs - ok
01:12:33.0549 0x11b8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
01:12:33.0564 0x11b8  cdrom - ok
01:12:33.0611 0x11b8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
01:12:33.0611 0x11b8  CertPropSvc - ok
01:12:33.0689 0x11b8  [ 837FF2D497880198C918E6954DBD170C, 249CEEAD3CF864A50BB144B5E376D427BBF985DA9E2FEF02410101248951BBAD ] cfWiMAXService  C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
01:12:33.0705 0x11b8  cfWiMAXService - ok
01:12:33.0736 0x11b8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
01:12:33.0736 0x11b8  circlass - ok
01:12:33.0830 0x11b8  cleanhlp - ok
01:12:33.0876 0x11b8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys
01:12:33.0876 0x11b8  CLFS - ok
01:12:34.0126 0x11b8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:12:34.0126 0x11b8  clr_optimization_v2.0.50727_32 - ok
01:12:34.0235 0x11b8  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:12:34.0235 0x11b8  clr_optimization_v2.0.50727_64 - ok
01:12:34.0313 0x11b8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:12:34.0422 0x11b8  clr_optimization_v4.0.30319_32 - ok
01:12:34.0500 0x11b8  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:12:34.0500 0x11b8  clr_optimization_v4.0.30319_64 - ok
01:12:34.0547 0x11b8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
01:12:34.0547 0x11b8  CmBatt - ok
01:12:34.0578 0x11b8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
01:12:34.0578 0x11b8  cmdide - ok
01:12:34.0656 0x11b8  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\windows\system32\Drivers\cng.sys
01:12:34.0672 0x11b8  CNG - ok
01:12:34.0703 0x11b8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
01:12:34.0703 0x11b8  Compbatt - ok
01:12:34.0750 0x11b8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
01:12:34.0750 0x11b8  CompositeBus - ok
01:12:34.0766 0x11b8  COMSysApp - ok
01:12:34.0797 0x11b8  [ D252C53BCDFC199BBA55EEB10CDB266E, 758E4FE0B20C0F7179BC45CBA50AF11380330DC7597141B00D914450EAC022DF ] ConfigFree Gadget Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
01:12:34.0797 0x11b8  ConfigFree Gadget Service - ok
01:12:34.0828 0x11b8  [ CAB0EEAF5295FC96DDD3E19DCE27E131, 87BCAC18D920153322D325AA5B93BB0B447577D67261FDCC01C5B60643CEA792 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
01:12:34.0828 0x11b8  ConfigFree Service - ok
01:12:34.0859 0x11b8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
01:12:34.0859 0x11b8  crcdisk - ok
01:12:34.0922 0x11b8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\windows\system32\cryptsvc.dll
01:12:34.0937 0x11b8  CryptSvc - ok
01:12:35.0015 0x11b8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
01:12:35.0031 0x11b8  DcomLaunch - ok
01:12:35.0078 0x11b8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
01:12:35.0093 0x11b8  defragsvc - ok
01:12:35.0140 0x11b8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
01:12:35.0140 0x11b8  DfsC - ok
01:12:35.0187 0x11b8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
01:12:35.0202 0x11b8  Dhcp - ok
01:12:35.0234 0x11b8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
01:12:35.0234 0x11b8  discache - ok
01:12:35.0280 0x11b8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\DRIVERS\disk.sys
01:12:35.0280 0x11b8  Disk - ok
01:12:35.0327 0x11b8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
01:12:35.0327 0x11b8  Dnscache - ok
01:12:35.0374 0x11b8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
01:12:35.0390 0x11b8  dot3svc - ok
01:12:35.0452 0x11b8  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] dot4            C:\windows\system32\DRIVERS\Dot4.sys
01:12:35.0452 0x11b8  dot4 - ok
01:12:35.0483 0x11b8  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\windows\system32\DRIVERS\Dot4Prt.sys
01:12:35.0483 0x11b8  Dot4Print - ok
01:12:35.0499 0x11b8  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\windows\system32\DRIVERS\dot4usb.sys
01:12:35.0514 0x11b8  dot4usb - ok
01:12:35.0561 0x11b8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
01:12:35.0561 0x11b8  DPS - ok
01:12:35.0624 0x11b8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
01:12:35.0624 0x11b8  drmkaud - ok
01:12:35.0733 0x11b8  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
01:12:35.0748 0x11b8  DXGKrnl - ok
01:12:35.0920 0x11b8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
01:12:35.0920 0x11b8  EapHost - ok
01:12:36.0123 0x11b8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\DRIVERS\evbda.sys
01:12:36.0310 0x11b8  ebdrv - ok
01:12:36.0388 0x11b8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\windows\System32\lsass.exe
01:12:36.0404 0x11b8  EFS - ok
01:12:36.0560 0x11b8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
01:12:36.0638 0x11b8  ehRecvr - ok
01:12:36.0669 0x11b8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
01:12:36.0669 0x11b8  ehSched - ok
01:12:36.0747 0x11b8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
01:12:36.0762 0x11b8  elxstor - ok
01:12:36.0794 0x11b8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
01:12:36.0794 0x11b8  ErrDev - ok
01:12:36.0856 0x11b8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
01:12:36.0856 0x11b8  EventSystem - ok
01:12:36.0903 0x11b8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
01:12:36.0903 0x11b8  exfat - ok
01:12:36.0918 0x11b8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
01:12:36.0918 0x11b8  fastfat - ok
01:12:36.0996 0x11b8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
01:12:37.0012 0x11b8  Fax - ok
01:12:37.0043 0x11b8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\DRIVERS\fdc.sys
01:12:37.0059 0x11b8  fdc - ok
01:12:37.0090 0x11b8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
01:12:37.0090 0x11b8  fdPHost - ok
01:12:37.0106 0x11b8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
01:12:37.0106 0x11b8  FDResPub - ok
01:12:37.0121 0x11b8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
01:12:37.0121 0x11b8  FileInfo - ok
01:12:37.0137 0x11b8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
01:12:37.0137 0x11b8  Filetrace - ok
01:12:37.0168 0x11b8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
01:12:37.0168 0x11b8  flpydisk - ok
01:12:37.0215 0x11b8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
01:12:37.0230 0x11b8  FltMgr - ok
01:12:37.0324 0x11b8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\windows\system32\FntCache.dll
01:12:37.0355 0x11b8  FontCache - ok
01:12:37.0418 0x11b8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:12:37.0418 0x11b8  FontCache3.0.0.0 - ok
01:12:37.0449 0x11b8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
01:12:37.0449 0x11b8  FsDepends - ok
01:12:37.0480 0x11b8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
01:12:37.0480 0x11b8  Fs_Rec - ok
01:12:37.0542 0x11b8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
01:12:37.0558 0x11b8  fvevol - ok
01:12:37.0636 0x11b8  [ 60ACB128E64C35C2B4E4AAB1B0A5C293, 7B476AB5E95529A894F95397C753662F4C58D1FE89F4648271251DA77C5A3FA9 ] FwLnk           C:\windows\system32\DRIVERS\FwLnk.sys
01:12:37.0636 0x11b8  FwLnk - ok
01:12:37.0667 0x11b8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
01:12:37.0667 0x11b8  gagp30kx - ok
01:12:37.0761 0x11b8  [ C44D560E441F091EA3B72F778EC60DE2, 1F90BA0E98C436B98BF6B0BC93146B52C081DF374424E2DCA270316D508A59B2 ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
01:12:37.0776 0x11b8  GameConsoleService - ok
01:12:37.0823 0x11b8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
01:12:37.0823 0x11b8  GEARAspiWDM - ok
01:12:37.0901 0x11b8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
01:12:37.0917 0x11b8  gpsvc - ok
01:12:38.0010 0x11b8  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:12:38.0010 0x11b8  gupdate - ok
01:12:38.0042 0x11b8  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:12:38.0042 0x11b8  gupdatem - ok
01:12:38.0088 0x11b8  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
01:12:38.0104 0x11b8  gusvc - ok
01:12:38.0120 0x11b8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
01:12:38.0135 0x11b8  hcw85cir - ok
01:12:38.0198 0x11b8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
01:12:38.0198 0x11b8  HdAudAddService - ok
01:12:38.0244 0x11b8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
01:12:38.0244 0x11b8  HDAudBus - ok
01:12:38.0276 0x11b8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
01:12:38.0276 0x11b8  HidBatt - ok
01:12:38.0291 0x11b8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
01:12:38.0291 0x11b8  HidBth - ok
01:12:38.0322 0x11b8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
01:12:38.0322 0x11b8  HidIr - ok
01:12:38.0354 0x11b8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
01:12:38.0354 0x11b8  hidserv - ok
01:12:38.0416 0x11b8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
01:12:38.0416 0x11b8  HidUsb - ok
01:12:38.0447 0x11b8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
01:12:38.0478 0x11b8  hkmsvc - ok
01:12:38.0510 0x11b8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
01:12:38.0525 0x11b8  HomeGroupListener - ok
01:12:38.0556 0x11b8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
01:12:38.0572 0x11b8  HomeGroupProvider - ok
01:12:38.0619 0x11b8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
01:12:38.0619 0x11b8  HpSAMD - ok
01:12:38.0697 0x11b8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys
01:12:38.0712 0x11b8  HTTP - ok
01:12:38.0759 0x11b8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
01:12:38.0759 0x11b8  hwpolicy - ok
01:12:38.0806 0x11b8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
01:12:38.0806 0x11b8  i8042prt - ok
01:12:38.0868 0x11b8  [ BBB3B6DF1ABB0FE35802EDE85CC1C011, 6E1FA8519A7D417969244E807D2863B39656169A925966045036A989A5EB611D ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
01:12:38.0884 0x11b8  iaStor - ok
01:12:38.0931 0x11b8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
01:12:38.0946 0x11b8  iaStorV - ok
01:12:39.0009 0x11b8  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:12:39.0024 0x11b8  idsvc - ok
01:12:39.0056 0x11b8  IEEtwCollectorService - ok
01:12:39.0368 0x11b8  [ 3C3F27002ABC69C5AFE29CBE6CF7ADDF, 1543345ED76F0FEF907A32E0838F8B01F0FB361565B13ADD34F552FF48D38DD6 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
01:12:39.0617 0x11b8  igfx - ok
01:12:39.0648 0x11b8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
01:12:39.0648 0x11b8  iirsp - ok
01:12:39.0726 0x11b8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
01:12:39.0742 0x11b8  IKEEXT - ok
01:12:39.0867 0x11b8  [ 0C3CF4B3BAE28E121A1689E3538F8712, 1599785D54E8306872A1DDD8546D316C9B193A85C5AEB37CF956B8C4077B8792 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
01:12:39.0898 0x11b8  IntcAzAudAddService - ok
01:12:39.0960 0x11b8  [ 88A20FA54C73DED4E8DAC764E9130AE9, BBD9C8D12063F0A464FE0C48C6913A772EF5A5DCB8A00EBD37E494DCB752A5FF ] IntcHdmiAddService C:\windows\system32\drivers\IntcHdmi.sys
01:12:39.0960 0x11b8  IntcHdmiAddService - ok
01:12:39.0976 0x11b8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
01:12:39.0992 0x11b8  intelide - ok
01:12:40.0023 0x11b8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
01:12:40.0023 0x11b8  intelppm - ok
01:12:40.0070 0x11b8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
01:12:40.0070 0x11b8  IPBusEnum - ok
01:12:40.0116 0x11b8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
01:12:40.0116 0x11b8  IpFilterDriver - ok
01:12:40.0163 0x11b8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
01:12:40.0179 0x11b8  iphlpsvc - ok
01:12:40.0210 0x11b8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
01:12:40.0210 0x11b8  IPMIDRV - ok
01:12:40.0241 0x11b8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
01:12:40.0272 0x11b8  IPNAT - ok
01:12:40.0584 0x11b8  [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
01:12:40.0600 0x11b8  iPod Service - ok
01:12:40.0709 0x11b8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
01:12:40.0709 0x11b8  IRENUM - ok
01:12:40.0756 0x11b8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
01:12:40.0756 0x11b8  isapnp - ok
01:12:40.0803 0x11b8  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
01:12:40.0818 0x11b8  iScsiPrt - ok
01:12:40.0865 0x11b8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
01:12:40.0865 0x11b8  kbdclass - ok
01:12:40.0912 0x11b8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
01:12:40.0912 0x11b8  kbdhid - ok
01:12:40.0943 0x11b8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\windows\system32\lsass.exe
01:12:40.0943 0x11b8  KeyIso - ok
01:12:40.0959 0x11b8  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
01:12:40.0974 0x11b8  KSecDD - ok
01:12:40.0990 0x11b8  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
01:12:40.0990 0x11b8  KSecPkg - ok
01:12:41.0021 0x11b8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
01:12:41.0021 0x11b8  ksthunk - ok
01:12:41.0068 0x11b8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
01:12:41.0068 0x11b8  KtmRm - ok
01:12:41.0146 0x11b8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
01:12:41.0162 0x11b8  LanmanServer - ok
01:12:41.0193 0x11b8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
01:12:41.0193 0x11b8  LanmanWorkstation - ok
01:12:41.0255 0x11b8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
01:12:41.0255 0x11b8  lltdio - ok
01:12:41.0333 0x11b8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
01:12:41.0333 0x11b8  lltdsvc - ok
01:12:41.0364 0x11b8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
01:12:41.0364 0x11b8  lmhosts - ok
01:12:41.0427 0x11b8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
01:12:41.0427 0x11b8  LSI_FC - ok
01:12:41.0474 0x11b8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
01:12:41.0520 0x11b8  LSI_SAS - ok
01:12:41.0567 0x11b8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
01:12:41.0567 0x11b8  LSI_SAS2 - ok
01:12:41.0614 0x11b8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
01:12:41.0630 0x11b8  LSI_SCSI - ok
01:12:41.0676 0x11b8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
01:12:41.0676 0x11b8  luafv - ok
01:12:41.0770 0x11b8  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
01:12:41.0770 0x11b8  MBAMProtector - ok
01:12:41.0895 0x11b8  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
01:12:41.0910 0x11b8  MBAMScheduler - ok
01:12:41.0988 0x11b8  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
01:12:42.0020 0x11b8  MBAMService - ok
01:12:42.0051 0x11b8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
01:12:42.0051 0x11b8  Mcx2Svc - ok
01:12:42.0098 0x11b8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
01:12:42.0113 0x11b8  megasas - ok
01:12:42.0129 0x11b8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
01:12:42.0144 0x11b8  MegaSR - ok
01:12:42.0254 0x11b8  Microsoft SharePoint Workspace Audit Service - ok
01:12:42.0316 0x11b8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
01:12:42.0316 0x11b8  MMCSS - ok
01:12:42.0347 0x11b8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
01:12:42.0347 0x11b8  Modem - ok
01:12:42.0363 0x11b8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
01:12:42.0363 0x11b8  monitor - ok
01:12:42.0394 0x11b8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
01:12:42.0394 0x11b8  mouclass - ok
01:12:42.0410 0x11b8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
01:12:42.0410 0x11b8  mouhid - ok
01:12:42.0441 0x11b8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
01:12:42.0472 0x11b8  mountmgr - ok
01:12:42.0581 0x11b8  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:12:42.0597 0x11b8  MozillaMaintenance - ok
01:12:42.0690 0x11b8  [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter        C:\windows\system32\DRIVERS\MpFilter.sys
01:12:42.0706 0x11b8  MpFilter - ok
01:12:42.0753 0x11b8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
01:12:42.0753 0x11b8  mpio - ok
01:12:42.0800 0x11b8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
01:12:42.0800 0x11b8  mpsdrv - ok
01:12:42.0878 0x11b8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
01:12:42.0909 0x11b8  MpsSvc - ok
01:12:43.0049 0x11b8  [ 9BD4DCB5412921864A7AACDEDFBD1923, 46DEE9B9414D26203B62F0D6CAEBF37A3CEFD118556129547B2C5FC7B6FDBA05 ] MREMP50         C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
01:12:43.0065 0x11b8  MREMP50 - ok
01:12:43.0143 0x11b8  [ C2758DF79C83A0D12A5599A040CA1818, 236641D2AD596CDC53AE8407F7A7AA02719764CCC7E6D5C547F41FE7C1D67BB5 ] MREMP50a64      C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS
01:12:43.0174 0x11b8  MREMP50a64 - ok
01:12:43.0174 0x11b8  MREMPR5 - ok
01:12:43.0174 0x11b8  MRENDIS5 - ok
01:12:43.0236 0x11b8  [ 07C02C892E8E1A72D6BF35004F0E9C5E, 09ECD59AADF08E2AA0C1BAF5D3D7CBB0948153E531E1F82ECACD43F14F88106B ] MRESP50         C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
01:12:43.0236 0x11b8  MRESP50 - ok
01:12:43.0268 0x11b8  [ 38BD5B32E0722752BE8465D2A6DA43D9, EE009F141D77A858C84B4294F4FF51ECA400D48B3AD735FAC99EEF4E3E00E9EE ] MRESP50a64      C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS
01:12:43.0268 0x11b8  MRESP50a64 - ok
01:12:43.0314 0x11b8  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
01:12:43.0346 0x11b8  MRxDAV - ok
01:12:43.0392 0x11b8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
01:12:43.0392 0x11b8  mrxsmb - ok
01:12:43.0470 0x11b8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
01:12:43.0486 0x11b8  mrxsmb10 - ok
01:12:43.0517 0x11b8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
01:12:43.0533 0x11b8  mrxsmb20 - ok
01:12:43.0580 0x11b8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
01:12:43.0580 0x11b8  msahci - ok
01:12:43.0595 0x11b8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
01:12:43.0611 0x11b8  msdsm - ok
01:12:43.0642 0x11b8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
01:12:43.0642 0x11b8  MSDTC - ok
01:12:43.0673 0x11b8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
01:12:43.0673 0x11b8  Msfs - ok
01:12:43.0689 0x11b8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
01:12:43.0689 0x11b8  mshidkmdf - ok
01:12:43.0720 0x11b8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
01:12:43.0720 0x11b8  msisadrv - ok
01:12:43.0767 0x11b8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
01:12:43.0782 0x11b8  MSiSCSI - ok
01:12:43.0798 0x11b8  msiserver - ok
01:12:43.0845 0x11b8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
01:12:43.0845 0x11b8  MSKSSRV - ok
01:12:43.0907 0x11b8  [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
01:12:43.0907 0x11b8  MsMpSvc - ok
01:12:43.0954 0x11b8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
01:12:43.0954 0x11b8  MSPCLOCK - ok
01:12:43.0985 0x11b8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
01:12:44.0001 0x11b8  MSPQM - ok
01:12:44.0048 0x11b8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
01:12:44.0079 0x11b8  MsRPC - ok
01:12:44.0110 0x11b8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
01:12:44.0126 0x11b8  mssmbios - ok
01:12:44.0172 0x11b8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
01:12:44.0172 0x11b8  MSTEE - ok
01:12:44.0188 0x11b8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
01:12:44.0188 0x11b8  MTConfig - ok
01:12:44.0219 0x11b8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
01:12:44.0219 0x11b8  Mup - ok
01:12:44.0282 0x11b8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
01:12:44.0313 0x11b8  napagent - ok
01:12:44.0360 0x11b8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
01:12:44.0360 0x11b8  NativeWifiP - ok
01:12:44.0438 0x11b8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
01:12:44.0469 0x11b8  NDIS - ok
01:12:44.0500 0x11b8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
01:12:44.0500 0x11b8  NdisCap - ok
01:12:44.0547 0x11b8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
01:12:44.0547 0x11b8  NdisTapi - ok
01:12:44.0578 0x11b8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
01:12:44.0594 0x11b8  Ndisuio - ok
01:12:44.0640 0x11b8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
01:12:44.0640 0x11b8  NdisWan - ok
01:12:44.0672 0x11b8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
01:12:44.0687 0x11b8  NDProxy - ok
01:12:44.0718 0x11b8  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\windows\system32\DRIVERS\netaapl64.sys
01:12:44.0718 0x11b8  Netaapl - ok
01:12:44.0781 0x11b8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
01:12:44.0781 0x11b8  NetBIOS - ok
01:12:44.0828 0x11b8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
01:12:44.0843 0x11b8  NetBT - ok
01:12:44.0859 0x11b8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\windows\system32\lsass.exe
01:12:44.0859 0x11b8  Netlogon - ok
01:12:44.0890 0x11b8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
01:12:44.0906 0x11b8  Netman - ok
01:12:44.0937 0x11b8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
01:12:44.0952 0x11b8  netprofm - ok
01:12:44.0984 0x11b8  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:12:44.0999 0x11b8  NetTcpPortSharing - ok
01:12:45.0030 0x11b8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
01:12:45.0030 0x11b8  nfrd960 - ok
01:12:45.0108 0x11b8  [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv          C:\windows\system32\DRIVERS\NisDrvWFP.sys
01:12:45.0124 0x11b8  NisDrv - ok
01:12:45.0171 0x11b8  [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
01:12:45.0186 0x11b8  NisSrv - ok
01:12:45.0264 0x11b8  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\windows\System32\nlasvc.dll
01:12:45.0280 0x11b8  NlaSvc - ok
01:12:45.0296 0x11b8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
01:12:45.0311 0x11b8  Npfs - ok
01:12:45.0342 0x11b8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
01:12:45.0342 0x11b8  nsi - ok
01:12:45.0374 0x11b8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
01:12:45.0374 0x11b8  nsiproxy - ok
01:12:45.0498 0x11b8  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
01:12:45.0530 0x11b8  Ntfs - ok
01:12:45.0576 0x11b8  [ D4012918D3A3847B44B888D56BC095D6, BE78F54CA01E8C37FD9129AA2869CCFE84BA8F5ED015486019305C7F40AE3B1B ] NuidFltr        C:\windows\system32\DRIVERS\NuidFltr.sys
01:12:45.0576 0x11b8  NuidFltr - ok
01:12:45.0608 0x11b8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
01:12:45.0608 0x11b8  Null - ok
01:12:45.0654 0x11b8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
01:12:45.0654 0x11b8  nvraid - ok
01:12:45.0686 0x11b8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
01:12:45.0686 0x11b8  nvstor - ok
01:12:45.0732 0x11b8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
01:12:45.0732 0x11b8  nv_agp - ok
01:12:45.0764 0x11b8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
01:12:45.0764 0x11b8  ohci1394 - ok
01:12:45.0857 0x11b8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:12:45.0857 0x11b8  ose - ok
01:12:46.0122 0x11b8  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:12:50.0054 0x11b8  osppsvc - ok
01:12:50.0132 0x11b8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
01:12:50.0147 0x11b8  p2pimsvc - ok
01:12:50.0178 0x11b8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
01:12:50.0178 0x11b8  p2psvc - ok
01:12:50.0210 0x11b8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\DRIVERS\parport.sys
01:12:50.0225 0x11b8  Parport - ok
01:12:50.0256 0x11b8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
01:12:50.0256 0x11b8  partmgr - ok
01:12:50.0288 0x11b8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\windows\System32\pcasvc.dll
01:12:50.0288 0x11b8  PcaSvc - ok
01:12:50.0350 0x11b8  [ ACFF877F5C17B9360919919F10DD6072, C85CAC263038DBCAF86E5709378D92FDD122A33025DA2FDE4016409D2BF758B0 ] pcCMService     C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
01:12:50.0350 0x11b8  pcCMService - ok
01:12:50.0412 0x11b8  [ 05E746C123B7E6BB61AEFDE166E23FDF, 3C0F27A1E76FBE95D36364C8926D863D4E2A337295A1FEC488FC43FEBF2B7D46 ] pcCMService64   C:\Program Files\Common Files\Motive\pcCMService.exe
01:12:50.0444 0x11b8  pcCMService64 - ok
01:12:50.0475 0x11b8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
01:12:50.0490 0x11b8  pci - ok
01:12:50.0553 0x11b8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
01:12:50.0553 0x11b8  pciide - ok
01:12:50.0600 0x11b8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
01:12:50.0600 0x11b8  pcmcia - ok
01:12:50.0678 0x11b8  [ EE491577E84C33F69571D9A9BE99BB48, 1C03676493703A3ABD01AA09A2F0C9A3F8A66753F827C5C4C900149C46BC6064 ] pcServiceHost   C:\Program Files (x86)\Common Files\Motive\pcServiceHost.exe
01:12:50.0678 0x11b8  pcServiceHost - ok
01:12:50.0709 0x11b8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
01:12:50.0724 0x11b8  pcw - ok
01:12:50.0802 0x11b8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
01:12:50.0834 0x11b8  PEAUTH - ok
01:12:51.0629 0x11b8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
01:12:51.0629 0x11b8  PerfHost - ok
01:12:51.0676 0x11b8  [ 663962900E7FEA522126BA287715BB4A, 95CE12CA11E705C293BE4E18845581037D819A7EC812349BCAF4EABC8E7087B1 ] PGEffect        C:\windows\system32\DRIVERS\pgeffect.sys
01:12:51.0676 0x11b8  PGEffect - ok
01:12:51.0754 0x11b8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
01:12:51.0801 0x11b8  pla - ok
01:12:51.0863 0x11b8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
01:12:51.0879 0x11b8  PlugPlay - ok
01:12:51.0926 0x11b8  [ 64CA1485214340CACC315FFDFDED73EF, 3FFF06E313622D3633B4235C1E1B8857DBA8DFA19A6A1E5C3D6D88AE6C6DDCC5 ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll
01:12:51.0941 0x11b8  Pml Driver HPZ12 - ok
01:12:51.0972 0x11b8  [ FE74BA87CDAA80AC9261F49167F0608A, 5AE799DF285F09DA5E23FE608A50A534D75717C7BBA3F1661C0883C8300E6132 ] pneteth         C:\windows\system32\DRIVERS\pneteth.sys
01:12:51.0972 0x11b8  pneteth - ok
01:12:52.0019 0x11b8  [ 06841F5CD8410B6BDC0B5A631B8F8787, 95CA940AAE0C713C7161899D7DD7109FC985B60A1B3817C4243ED9870DA5FDE0 ] pnetmdm         C:\windows\system32\DRIVERS\pnetmdm64.sys
01:12:52.0035 0x11b8  pnetmdm - ok
01:12:52.0050 0x11b8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
01:12:52.0050 0x11b8  PNRPAutoReg - ok
01:12:52.0082 0x11b8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
01:12:52.0097 0x11b8  PNRPsvc - ok
01:12:52.0160 0x11b8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
01:12:52.0175 0x11b8  PolicyAgent - ok
01:12:52.0238 0x11b8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
01:12:52.0253 0x11b8  Power - ok
01:12:52.0300 0x11b8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
01:12:52.0300 0x11b8  PptpMiniport - ok
01:12:52.0347 0x11b8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\DRIVERS\processr.sys
01:12:52.0347 0x11b8  Processor - ok
01:12:52.0394 0x11b8  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\windows\system32\profsvc.dll
01:12:52.0394 0x11b8  ProfSvc - ok
01:12:52.0425 0x11b8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\windows\system32\lsass.exe
01:12:52.0425 0x11b8  ProtectedStorage - ok
01:12:52.0472 0x11b8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
01:12:52.0487 0x11b8  Psched - ok
01:12:52.0534 0x11b8  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI             C:\windows\system32\DRIVERS\psi_mf_amd64.sys
01:12:52.0534 0x11b8  PSI - ok
01:12:52.0674 0x11b8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
01:12:52.0706 0x11b8  ql2300 - ok
01:12:52.0752 0x11b8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
01:12:52.0752 0x11b8  ql40xx - ok
01:12:52.0799 0x11b8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
01:12:52.0799 0x11b8  QWAVE - ok
01:12:52.0815 0x11b8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
01:12:52.0815 0x11b8  QWAVEdrv - ok
01:12:52.0846 0x11b8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
01:12:52.0846 0x11b8  RasAcd - ok
01:12:52.0877 0x11b8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
01:12:52.0877 0x11b8  RasAgileVpn - ok
01:12:52.0908 0x11b8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
01:12:52.0908 0x11b8  RasAuto - ok
01:12:52.0955 0x11b8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
01:12:52.0955 0x11b8  Rasl2tp - ok
01:12:53.0018 0x11b8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
01:12:53.0033 0x11b8  RasMan - ok
01:12:53.0080 0x11b8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
01:12:53.0127 0x11b8  RasPppoe - ok
01:12:53.0174 0x11b8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
01:12:53.0174 0x11b8  RasSstp - ok
01:12:53.0220 0x11b8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
01:12:53.0220 0x11b8  rdbss - ok
01:12:53.0267 0x11b8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
01:12:53.0408 0x11b8  rdpbus - ok
01:12:53.0439 0x11b8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
01:12:53.0439 0x11b8  RDPCDD - ok
01:12:53.0470 0x11b8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
01:12:53.0470 0x11b8  RDPENCDD - ok
01:12:53.0501 0x11b8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
01:12:53.0501 0x11b8  RDPREFMP - ok
01:12:53.0610 0x11b8  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
01:12:53.0626 0x11b8  RDPWD - ok
01:12:53.0688 0x11b8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
01:12:53.0688 0x11b8  rdyboost - ok
01:12:53.0720 0x11b8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
01:12:53.0720 0x11b8  RemoteAccess - ok
01:12:53.0751 0x11b8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
01:12:53.0766 0x11b8  RemoteRegistry - ok
01:12:53.0813 0x11b8  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
01:12:53.0813 0x11b8  RFCOMM - ok
01:12:53.0844 0x11b8  [ E20B1907FC72A3664ECE21E3C20FC63D, 7BB9CD6A90BDBF8AD3B22CBB1E29A240C9302EDEE104283DA2D153E9539104E5 ] rimspci         C:\windows\system32\DRIVERS\rimspe64.sys
01:12:53.0844 0x11b8  rimspci - ok
01:12:53.0876 0x11b8  [ 7DDA2E5CF452DAD24B1BE704225C18EE, 90B18DC32A0687BFF0F615CA75EDCBAA036ABC1043494EBA30802998D156D765 ] risdpcie        C:\windows\system32\DRIVERS\risdpe64.sys
01:12:53.0876 0x11b8  risdpcie - ok
01:12:53.0922 0x11b8  [ 6A1CD4674505E6791390A1AB71DA1FBE, EC095BFBAA44258975E1538767BB6BFFAA85C63C7F63CB314501F113C8D16208 ] rixdpcie        C:\windows\system32\DRIVERS\rixdpe64.sys
01:12:53.0922 0x11b8  rixdpcie - ok
01:12:53.0969 0x11b8  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\windows\system32\Drivers\RootMdm.sys
01:12:53.0969 0x11b8  ROOTMODEM - ok
01:12:54.0000 0x11b8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
01:12:54.0000 0x11b8  RpcEptMapper - ok
01:12:54.0032 0x11b8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
01:12:54.0032 0x11b8  RpcLocator - ok
01:12:54.0094 0x11b8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
01:12:54.0110 0x11b8  RpcSs - ok
01:12:54.0141 0x11b8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
01:12:54.0141 0x11b8  rspndr - ok
01:12:54.0188 0x11b8  [ F65F171165FBB613F7AA3CC78E8CAB42, 9F1503372D2D1225DD057FA0C442B76DAC17007556D8C8AF70ED9BA0B4F45556 ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
01:12:54.0188 0x11b8  RTL8167 - ok
01:12:54.0281 0x11b8  [ A8ED9726734D403217A4861A6788B144, 8982F6A5C6567D7D765B2093617C943B30327037BC7DB6CB1BABE7BB0739F9FA ] rtl8192se       C:\windows\system32\DRIVERS\rtl8192se.sys
01:12:54.0297 0x11b8  rtl8192se - ok
01:12:54.0328 0x11b8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\windows\system32\lsass.exe
01:12:54.0328 0x11b8  SamSs - ok
01:12:54.0359 0x11b8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
01:12:54.0375 0x11b8  sbp2port - ok
01:12:54.0422 0x11b8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
01:12:54.0437 0x11b8  SCardSvr - ok
01:12:54.0484 0x11b8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
01:12:54.0484 0x11b8  scfilter - ok
01:12:54.0609 0x11b8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
01:12:54.0640 0x11b8  Schedule - ok
01:12:54.0671 0x11b8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
01:12:54.0671 0x11b8  SCPolicySvc - ok
01:12:54.0734 0x11b8  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\windows\system32\drivers\sdbus.sys
01:12:54.0734 0x11b8  sdbus - ok
01:12:54.0765 0x11b8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
01:12:54.0780 0x11b8  SDRSVC - ok
01:12:54.0812 0x11b8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
01:12:54.0827 0x11b8  secdrv - ok
01:12:54.0858 0x11b8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
01:12:54.0858 0x11b8  seclogon - ok
01:12:55.0046 0x11b8  [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
01:12:55.0077 0x11b8  Secunia PSI Agent - ok
01:12:55.0186 0x11b8  [ 8C2D3A80FC90A860F0F24DEB67471481, CE4D17B63149C44B4CD5CB7776FD4705DC675F6D2D077D53BE15578294EBC9D4 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
01:12:55.0202 0x11b8  Secunia Update Agent - ok
01:12:55.0233 0x11b8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
01:12:55.0248 0x11b8  SENS - ok
01:12:55.0264 0x11b8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
01:12:55.0264 0x11b8  SensrSvc - ok
01:12:55.0280 0x11b8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
01:12:55.0295 0x11b8  Serenum - ok
01:12:55.0451 0x11b8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\DRIVERS\serial.sys
01:12:55.0482 0x11b8  Serial - ok
01:12:55.0514 0x11b8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
01:12:55.0514 0x11b8  sermouse - ok
01:12:55.0576 0x11b8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
01:12:55.0607 0x11b8  SessionEnv - ok
01:12:55.0638 0x11b8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
01:12:55.0638 0x11b8  sffdisk - ok
01:12:55.0654 0x11b8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
01:12:55.0670 0x11b8  sffp_mmc - ok
01:12:55.0685 0x11b8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
01:12:55.0685 0x11b8  sffp_sd - ok
01:12:55.0732 0x11b8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
01:12:55.0732 0x11b8  sfloppy - ok
01:12:55.0810 0x11b8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
01:12:55.0826 0x11b8  SharedAccess - ok
01:12:55.0872 0x11b8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
01:12:55.0888 0x11b8  ShellHWDetection - ok
01:12:55.0919 0x11b8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
01:12:55.0935 0x11b8  SiSRaid2 - ok
01:12:55.0966 0x11b8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
01:12:55.0966 0x11b8  SiSRaid4 - ok
01:12:55.0997 0x11b8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
01:12:56.0013 0x11b8  Smb - ok
01:12:56.0044 0x11b8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
01:12:56.0044 0x11b8  SNMPTRAP - ok
01:12:56.0060 0x11b8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
01:12:56.0060 0x11b8  spldr - ok
01:12:56.0122 0x11b8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
01:12:56.0138 0x11b8  Spooler - ok
01:12:56.0325 0x11b8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
01:12:56.0465 0x11b8  sppsvc - ok
01:12:56.0512 0x11b8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
01:12:56.0512 0x11b8  sppuinotify - ok
01:12:56.0543 0x11b8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
01:12:56.0559 0x11b8  srv - ok
01:12:56.0590 0x11b8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
01:12:56.0606 0x11b8  srv2 - ok
01:12:56.0621 0x11b8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
01:12:56.0621 0x11b8  srvnet - ok
01:12:56.0668 0x11b8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
01:12:56.0684 0x11b8  SSDPSRV - ok
01:12:56.0699 0x11b8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
01:12:56.0715 0x11b8  SstpSvc - ok
01:12:56.0746 0x11b8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
01:12:56.0746 0x11b8  stexstor - ok
01:12:56.0824 0x11b8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
01:12:56.0855 0x11b8  stisvc - ok
01:12:56.0886 0x11b8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\drivers\swenum.sys
01:12:56.0886 0x11b8  swenum - ok
01:12:56.0980 0x11b8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
01:12:57.0011 0x11b8  swprv - ok
01:12:57.0074 0x11b8  [ BE7311DA9D6833FA69ED04B744A1C8F8, 19DD5E5DCB7F6B1584B5EEDDA8F7D05D1AB97E40E1B7C1AA29AA79B44EBCA964 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
01:12:57.0089 0x11b8  SynTP - ok
01:12:57.0183 0x11b8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
01:12:57.0230 0x11b8  SysMain - ok
01:12:57.0276 0x11b8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
01:12:57.0276 0x11b8  TabletInputService - ok
01:12:57.0308 0x11b8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
01:12:57.0308 0x11b8  TapiSrv - ok
01:12:57.0339 0x11b8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
01:12:57.0339 0x11b8  TBS - ok
01:12:57.0464 0x11b8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\windows\system32\drivers\tcpip.sys
01:12:57.0510 0x11b8  Tcpip - ok
01:12:57.0573 0x11b8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
01:12:57.0604 0x11b8  TCPIP6 - ok
01:12:57.0651 0x11b8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
01:12:57.0651 0x11b8  tcpipreg - ok
01:12:57.0791 0x11b8  [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst        C:\windows\system32\DRIVERS\tdcmdpst.sys
01:12:57.0791 0x11b8  tdcmdpst - ok
01:12:57.0838 0x11b8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
01:12:57.0838 0x11b8  TDPIPE - ok
01:12:57.0885 0x11b8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
01:12:57.0885 0x11b8  TDTCP - ok
01:12:57.0916 0x11b8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
01:12:57.0932 0x11b8  tdx - ok
01:12:57.0947 0x11b8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\drivers\termdd.sys
01:12:57.0947 0x11b8  TermDD - ok
01:12:57.0994 0x11b8  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\windows\System32\termsrv.dll
01:12:58.0025 0x11b8  TermService - ok
01:12:58.0056 0x11b8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
01:12:58.0056 0x11b8  Themes - ok
01:12:58.0103 0x11b8  [ C013F6ACAA9761F571BD28DADA7C157D, E57246132B36FE38D4B177AAE3367D25AF28449201CD4D02CB7957C32AF02AC6 ] Thpdrv          C:\windows\system32\DRIVERS\thpdrv.sys
01:12:58.0103 0x11b8  Thpdrv - ok
01:12:58.0119 0x11b8  [ B4E609047434ED948AF7BDEF2FA66E38, 353B7A120E532E9CDF0DE91EC39DF5B9B92A1A99B537FF4FB0D1EA13DBE30D17 ] Thpevm          C:\windows\system32\DRIVERS\Thpevm.SYS
01:12:58.0119 0x11b8  Thpevm - ok
01:12:58.0166 0x11b8  [ 6146EAC71AE3C9DA17B0E33632082B7B, F1DD588C9A01333A12F89B64959FA27BAE8D17BFB0FB4F63BB85AEE616ADF305 ] Thpsrv          C:\windows\system32\ThpSrv.exe
01:12:58.0181 0x11b8  Thpsrv - ok
01:12:58.0228 0x11b8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
01:12:58.0228 0x11b8  THREADORDER - ok
01:12:58.0290 0x11b8  [ F120967184A27E927052E8DDBB727851, B54A1D2B4D52C0DF19AC81617A26CA164C5779C568DB86A6FD97D0A14D5FEEB4 ] TMachInfo       C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
01:12:58.0290 0x11b8  TMachInfo - ok
01:12:58.0322 0x11b8  [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
01:12:58.0337 0x11b8  TODDSrv - ok
01:12:58.0415 0x11b8  [ 4DB8C79BCEA76063B83B13410366A1F7, 401521222F2E76D6D2E953006EB7C1DBBEA519306B83592DA0031F8ED656CDDE ] TosCoSrv        C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
01:12:58.0431 0x11b8  TosCoSrv - ok
01:12:58.0478 0x11b8  [ 32FF64D06A91DAA0331C624AFF442679, 21C9EA29D602970E0AB9EA52A2AA7AABBAE9AF0068F83E482433D1BF97FC054D ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
01:12:58.0493 0x11b8  TOSHIBA eco Utility Service - ok
01:12:58.0587 0x11b8  [ EDA12E9BC9A0F104C24101720EEC4785, 8B310D11B32AB66D64DBF565C0F27B5F6FB1D22F32AC93244D561B2AABB66CD0 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
01:12:58.0587 0x11b8  TOSHIBA HDD SSD Alert Service - ok
01:12:58.0680 0x11b8  [ 09FF7B0B1B5C3D225495CB6F5A9B39F8, 0D2CC72B7E02B92C9A1D6B76300B75A39427046903326642B9D511A51A795027 ] tos_sps64       C:\windows\system32\DRIVERS\tos_sps64.sys
01:12:58.0696 0x11b8  tos_sps64 - ok
01:12:58.0774 0x11b8  [ DE64C52BD0671165CF2EEBF2A728A3E2, 201E7D2CD34248AEAB961C87C8481FA1CD253621C5F26C121F5017D422C74288 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
01:12:58.0790 0x11b8  TPCHSrv - ok
01:12:58.0805 0x11b8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
01:12:58.0821 0x11b8  TrkWks - ok
01:12:58.0868 0x11b8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
01:12:58.0868 0x11b8  TrustedInstaller - ok
01:12:58.0899 0x11b8  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
01:12:58.0914 0x11b8  tssecsrv - ok
01:12:58.0946 0x11b8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
01:12:58.0946 0x11b8  TsUsbFlt - ok
01:12:58.0992 0x11b8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
01:12:59.0008 0x11b8  tunnel - ok
01:12:59.0055 0x11b8  [ 550B567F9364D8F7684C3FB3EA665A72, A214BBBBAB9F0DD525FA5A818CEB8E9294B4A96676317255D7ACF6049049C933 ] TVALZ           C:\windows\system32\DRIVERS\TVALZ_O.SYS
01:12:59.0055 0x11b8  TVALZ - ok
01:12:59.0086 0x11b8  [ 9C7191F4B2E49BFF47A6C1144B5923FA, DF4E663499946F4E68B7528CA399574D1EB69797FF81F681943B84F3E5E6A40E ] TVALZFL         C:\windows\system32\DRIVERS\TVALZFL.sys
01:12:59.0086 0x11b8  TVALZFL - ok
01:12:59.0133 0x11b8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
01:12:59.0133 0x11b8  uagp35 - ok
01:12:59.0180 0x11b8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
01:12:59.0195 0x11b8  udfs - ok
01:12:59.0242 0x11b8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
01:12:59.0242 0x11b8  UI0Detect - ok
01:12:59.0289 0x11b8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
01:12:59.0289 0x11b8  uliagpkx - ok
01:12:59.0336 0x11b8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\drivers\umbus.sys
01:12:59.0351 0x11b8  umbus - ok
01:12:59.0382 0x11b8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
01:12:59.0382 0x11b8  UmPass - ok
01:12:59.0429 0x11b8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
01:12:59.0429 0x11b8  upnphost - ok
01:12:59.0460 0x11b8  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys
01:12:59.0476 0x11b8  USBAAPL64 - ok
01:12:59.0507 0x11b8  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
01:12:59.0507 0x11b8  usbccgp - ok
01:12:59.0523 0x11b8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
01:12:59.0523 0x11b8  usbcir - ok
01:12:59.0538 0x11b8  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
01:12:59.0554 0x11b8  usbehci - ok
01:12:59.0585 0x11b8  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
01:12:59.0601 0x11b8  usbhub - ok
01:12:59.0616 0x11b8  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\windows\system32\drivers\usbohci.sys
01:12:59.0616 0x11b8  usbohci - ok
01:12:59.0663 0x11b8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
01:12:59.0663 0x11b8  usbprint - ok
01:12:59.0679 0x11b8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
01:12:59.0679 0x11b8  USBSTOR - ok
01:12:59.0710 0x11b8  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\windows\system32\DRIVERS\usbuhci.sys
01:12:59.0710 0x11b8  usbuhci - ok
01:12:59.0788 0x11b8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
01:12:59.0788 0x11b8  usbvideo - ok
01:12:59.0835 0x11b8  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\windows\system32\drivers\usb8023x.sys
01:12:59.0835 0x11b8  usb_rndisx - ok
01:12:59.0866 0x11b8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
01:12:59.0866 0x11b8  UxSms - ok
01:12:59.0897 0x11b8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\windows\system32\lsass.exe
01:12:59.0897 0x11b8  VaultSvc - ok
01:12:59.0944 0x11b8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
01:12:59.0944 0x11b8  vdrvroot - ok
01:13:00.0006 0x11b8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
01:13:00.0022 0x11b8  vds - ok
01:13:00.0084 0x11b8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
01:13:00.0100 0x11b8  vga - ok
01:13:00.0116 0x11b8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
01:13:00.0116 0x11b8  VgaSave - ok
01:13:00.0147 0x11b8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
01:13:00.0162 0x11b8  vhdmp - ok
01:13:00.0178 0x11b8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
01:13:00.0194 0x11b8  viaide - ok
01:13:00.0225 0x11b8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
01:13:00.0225 0x11b8  volmgr - ok
01:13:00.0272 0x11b8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
01:13:00.0287 0x11b8  volmgrx - ok
01:13:00.0334 0x11b8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys
01:13:00.0334 0x11b8  volsnap - ok
01:13:00.0381 0x11b8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
01:13:00.0381 0x11b8  vsmraid - ok
01:13:00.0490 0x11b8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
01:13:00.0537 0x11b8  VSS - ok
01:13:00.0552 0x11b8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
01:13:00.0552 0x11b8  vwifibus - ok
01:13:00.0584 0x11b8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
01:13:00.0584 0x11b8  vwififlt - ok
01:13:00.0615 0x11b8  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
01:13:00.0615 0x11b8  vwifimp - ok
01:13:00.0646 0x11b8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
01:13:00.0646 0x11b8  W32Time - ok
01:13:00.0693 0x11b8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
01:13:00.0693 0x11b8  WacomPen - ok
01:13:00.0740 0x11b8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
01:13:00.0755 0x11b8  WANARP - ok
01:13:00.0755 0x11b8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
01:13:00.0755 0x11b8  Wanarpv6 - ok
01:13:00.0880 0x11b8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
01:13:00.0911 0x11b8  WatAdminSvc - ok
01:13:01.0005 0x11b8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
01:13:01.0052 0x11b8  wbengine - ok
01:13:01.0083 0x11b8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
01:13:01.0098 0x11b8  WbioSrvc - ok
01:13:01.0130 0x11b8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
01:13:01.0145 0x11b8  wcncsvc - ok
01:13:01.0176 0x11b8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
01:13:01.0176 0x11b8  WcsPlugInService - ok
01:13:01.0208 0x11b8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\DRIVERS\wd.sys
01:13:01.0223 0x11b8  Wd - ok
01:13:01.0301 0x11b8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
01:13:01.0317 0x11b8  Wdf01000 - ok
01:13:01.0348 0x11b8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\windows\system32\wdi.dll
01:13:01.0364 0x11b8  WdiServiceHost - ok
01:13:01.0364 0x11b8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\windows\system32\wdi.dll
01:13:01.0364 0x11b8  WdiSystemHost - ok
01:13:01.0442 0x11b8  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll
01:13:01.0457 0x11b8  WebClient - ok
01:13:01.0504 0x11b8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
01:13:01.0520 0x11b8  Wecsvc - ok
01:13:01.0535 0x11b8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
01:13:01.0535 0x11b8  wercplsupport - ok
01:13:01.0582 0x11b8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
01:13:01.0582 0x11b8  WerSvc - ok
01:13:01.0629 0x11b8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
01:13:01.0629 0x11b8  WfpLwf - ok
01:13:01.0660 0x11b8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
01:13:01.0660 0x11b8  WIMMount - ok
01:13:01.0691 0x11b8  WinDefend - ok
01:13:01.0691 0x11b8  WinHttpAutoProxySvc - ok
01:13:01.0816 0x11b8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
01:13:01.0832 0x11b8  Winmgmt - ok
01:13:01.0941 0x11b8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\windows\system32\WsmSvc.dll
01:13:01.0988 0x11b8  WinRM - ok
01:13:02.0050 0x11b8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\windows\system32\DRIVERS\WinUSB.sys
01:13:02.0050 0x11b8  WinUSB - ok
01:13:02.0128 0x11b8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
01:13:02.0159 0x11b8  Wlansvc - ok
01:13:02.0300 0x11b8  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:13:02.0346 0x11b8  wlidsvc - ok
01:13:02.0378 0x11b8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
01:13:02.0378 0x11b8  WmiAcpi - ok
01:13:02.0424 0x11b8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
01:13:02.0424 0x11b8  wmiApSrv - ok
01:13:02.0471 0x11b8  WMPNetworkSvc - ok
01:13:02.0518 0x11b8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
01:13:02.0534 0x11b8  WPCSvc - ok
01:13:02.0596 0x11b8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
01:13:02.0596 0x11b8  WPDBusEnum - ok
01:13:02.0627 0x11b8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
01:13:02.0627 0x11b8  ws2ifsl - ok
01:13:02.0674 0x11b8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
01:13:02.0674 0x11b8  wscsvc - ok
01:13:02.0674 0x11b8  WSearch - ok
01:13:02.0846 0x11b8  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\windows\system32\wuaueng.dll
01:13:02.0908 0x11b8  wuauserv - ok
01:13:02.0955 0x11b8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
01:13:02.0955 0x11b8  WudfPf - ok
01:13:03.0002 0x11b8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
01:13:03.0017 0x11b8  WUDFRd - ok
01:13:03.0033 0x11b8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
01:13:03.0048 0x11b8  wudfsvc - ok
01:13:03.0080 0x11b8  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\windows\System32\wwansvc.dll
01:13:03.0095 0x11b8  WwanSvc - ok
01:13:03.0142 0x11b8  ================ Scan global ===============================
01:13:03.0173 0x11b8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
01:13:03.0204 0x11b8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
01:13:03.0220 0x11b8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
01:13:03.0251 0x11b8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
01:13:03.0282 0x11b8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
01:13:03.0298 0x11b8  [ Global ] - ok
01:13:03.0298 0x11b8  ================ Scan MBR ==================================
01:13:03.0314 0x11b8  [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
01:13:03.0813 0x11b8  \Device\Harddisk0\DR0 - ok
01:13:03.0813 0x11b8  ================ Scan VBR ==================================
01:13:03.0860 0x11b8  [ CAD3298D4D77BBB8D8C4F32376809149 ] \Device\Harddisk0\DR0\Partition1
01:13:03.0860 0x11b8  \Device\Harddisk0\DR0\Partition1 - ok
01:13:03.0860 0x11b8  Waiting for KSN requests completion. In queue: 199
01:13:04.0874 0x11b8  Waiting for KSN requests completion. In queue: 199
01:13:05.0888 0x11b8  Waiting for KSN requests completion. In queue: 199
01:13:06.0902 0x11b8  Waiting for KSN requests completion. In queue: 199
01:13:07.0916 0x11b8  Waiting for KSN requests completion. In queue: 199
01:13:08.0930 0x11b8  Waiting for KSN requests completion. In queue: 199
01:13:09.0944 0x11b8  Waiting for KSN requests completion. In queue: 199
01:13:10.0958 0x11b8  Waiting for KSN requests completion. In queue: 199
01:13:11.0972 0x11b8  Waiting for KSN requests completion. In queue: 199
01:13:12.0986 0x11b8  Waiting for KSN requests completion. In queue: 199
01:13:14.0000 0x11b8  Waiting for KSN requests completion. In queue: 199
01:13:15.0014 0x11b8  Waiting for KSN requests completion. In queue: 199
01:13:16.0028 0x11b8  Waiting for KSN requests completion. In queue: 199
01:13:17.0042 0x11b8  Waiting for KSN requests completion. In queue: 199
01:13:18.0056 0x11b8  Waiting for KSN requests completion. In queue: 199
01:13:19.0101 0x11b8  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x60000 ( disabled : updated )
01:13:19.0101 0x11b8  Win FW state via NFP2: enabled
01:13:22.0018 0x11b8  ============================================================
01:13:22.0018 0x11b8  Scan finished
01:13:22.0018 0x11b8  ============================================================
01:13:22.0018 0x05c8  Detected object count: 0
01:13:22.0018 0x05c8  Actual detected object count: 0
 



#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:30 PM

Posted 11 January 2014 - 05:13 AM

Can you re run the junkware removal tool and post the new log a couple of items failed to delete earlier.

 

 

Then.......

 

 

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
      Save it to your Desktop.
    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.


#14 Slow Mo

Slow Mo
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 11 January 2014 - 05:05 PM

Junkware removal tool:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Teresa on Sat 01/11/2014 at  8:57:47.54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\dynconie



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\fighters"
Successfully deleted: [Folder] "C:\ProgramData\strongvault online backup"



~~~ FireFox

Emptied folder: C:\Users\Teresa\AppData\Roaming\mozilla\firefox\profiles\u89nc3bp.default-1385951061197\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/11/2014 at  9:06:36.04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

ESET Scan:

 

C:\Users\All Users\Updater\Uninstall.exe    a variant of Win32/ExFriendAlert.B application    
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mozilla Firefox\nsprotector.js.vir    Win32/Conduit.SearchProtect.A application    cleaned by deleting - quarantined
C:\ProgramData\Updater\Uninstall.exe    a variant of Win32/ExFriendAlert.B application    cleaned by deleting - quarantined
C:\Users\Teresa\Downloads\ccsetup409.exe    Win32/Bundled.Toolbar.Google.D application    cleaned by deleting - quarantined
C:\Users\Teresa\Downloads\Firefox_Setup.exe    a variant of Win32/InstallCore.ES application    cleaned by deleting - quarantined
C:\Users\Teresa\Downloads\rcp_dcomnew_sec_728.exe    Win32/Systweak.B application    cleaned by deleting - quarantined
 



#15 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:30 PM

Posted 11 January 2014 - 05:33 PM

How is the machine?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users