Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HitmanPro detects "proxy server on this computer (user)


  • This topic is locked This topic is locked
26 replies to this topic

#1 Kaseycs

Kaseycs

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:38 AM

Posted 27 July 2014 - 06:46 PM

I am receiving this when I run Hitman PRO and after it is repaired it shows up again next reboot.
 
I ran this because I read another post similiar to this I ran the FRST tool.
 
I would really appreciate some help fixng this.
 
 
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by kaseycs (administrator) on WESTIE on 27-07-2014 18:59:04
Running from C:\Users\kaseycs\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Windows\SysWOW64\PSIService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Digital Delivery Networks, Inc.) C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Digital Delivery Networks, Inc.) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-08-08] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox]  ATTENTION! ====> ZeroAccess?
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-2525507361-3722342168-342951548-1005\...\Run: [ISUSPM] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-05-16] (Macrovision Corporation)
HKU\S-1-5-21-2525507361-3722342168-342951548-1005\...\Policies\Explorer: [TaskbarNoThumbnail] 0
BootExecute: autocheck autochk * bootdelete
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {637870FF-1496-4C52-9FD5-85D8CEBBBF4E} URL = http://search.rr.com/#web/{searchTerms}/1/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (Pin It Button) - C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-07-24]
CHR Extension: (Google Wallet) - C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [176624 2014-02-13] (Coupons.com Inc.)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-07-17] (SurfRight B.V.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [61440 2013-07-02] (Digital Delivery Networks, Inc.) [File not signed]
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [174656 2006-11-02] () [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-06-01] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-07-27 18:59 - 2014-07-27 18:59 - 00015163 _____ () C:\Users\kaseycs\Downloads\FRST.txt
2014-07-27 18:58 - 2014-07-27 18:59 - 00000000 ____D () C:\FRST
2014-07-27 18:57 - 2014-07-27 18:57 - 02093568 _____ (Farbar) C:\Users\kaseycs\Downloads\FRST64.exe
2014-07-27 18:50 - 2014-07-27 18:50 - 00003777 _____ () C:\Users\kaseycs\Desktop\Malware.txt
2014-07-27 18:37 - 2014-07-27 18:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-27 18:37 - 2014-07-27 18:37 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-27 18:37 - 2014-07-27 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-27 18:37 - 2014-07-27 18:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-27 18:37 - 2014-07-27 18:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-27 18:37 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-27 18:37 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-27 18:37 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-27 18:36 - 2014-07-27 18:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\kaseycs\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-27 18:36 - 2014-07-27 18:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\kaseycs\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-27 18:31 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-27 18:30 - 2014-07-27 18:33 - 00000000 ____D () C:\AdwCleaner
2014-07-27 18:29 - 2014-07-27 18:29 - 01367289 _____ () C:\Users\kaseycs\Downloads\AdwCleaner.exe
2014-07-27 18:03 - 2014-06-20 16:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-27 18:03 - 2014-06-20 15:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-27 18:03 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-27 18:03 - 2014-06-18 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-27 18:03 - 2014-06-18 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-27 18:03 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-27 18:03 - 2014-06-18 20:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-27 18:03 - 2014-06-18 20:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-27 18:03 - 2014-06-18 20:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-27 18:03 - 2014-06-18 20:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-27 18:03 - 2014-06-18 20:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-27 18:03 - 2014-06-18 20:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-27 18:03 - 2014-06-18 20:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-27 18:03 - 2014-06-18 20:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-27 18:03 - 2014-06-18 20:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-27 18:03 - 2014-06-18 20:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-27 18:03 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-27 18:03 - 2014-06-18 20:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-27 18:03 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-27 18:03 - 2014-06-18 19:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-27 18:03 - 2014-06-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-27 18:03 - 2014-06-18 19:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-27 18:03 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-27 18:03 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-27 18:03 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-27 18:03 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-27 18:03 - 2014-06-18 19:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-27 18:03 - 2014-06-18 19:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-27 18:03 - 2014-06-18 19:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-27 18:03 - 2014-06-18 19:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-27 18:03 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-27 18:03 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-27 18:03 - 2014-06-18 19:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-27 18:03 - 2014-06-18 19:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-27 18:03 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-27 18:03 - 2014-06-18 19:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-27 18:03 - 2014-06-18 19:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-27 18:03 - 2014-06-18 19:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-27 18:03 - 2014-06-18 19:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-27 18:03 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-27 18:03 - 2014-06-18 19:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-27 18:03 - 2014-06-18 19:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-27 18:03 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-27 18:03 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-27 18:03 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-27 18:03 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-27 18:03 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-27 18:03 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-27 18:03 - 2014-06-18 18:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-27 18:03 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-27 18:03 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-27 18:03 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-27 18:03 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-27 18:03 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-27 18:03 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-27 18:03 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-27 12:01 - 2014-07-27 12:01 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Windows
2014-07-25 23:49 - 2014-07-25 23:49 - 00000000 _____ () C:\Windows\SysWOW64\shoA8DF.tmp
2014-07-21 17:13 - 2014-07-27 18:54 - 00009166 _____ () C:\Windows\PFRO.log
2014-07-20 12:58 - 2014-07-26 23:00 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Apple Computer
2014-07-20 12:58 - 2014-07-20 12:58 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Apple Computer
2014-07-20 12:57 - 2014-07-20 12:57 - 00001743 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\Program Files\iTunes
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\Program Files\iPod
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-20 12:57 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-07-20 12:56 - 2014-07-20 12:56 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Apple
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Program Files\Bonjour
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-07-20 12:55 - 2014-07-20 12:56 - 00000000 ____D () C:\ProgramData\Apple
2014-07-20 12:54 - 2014-07-20 12:55 - 113509200 _____ (Apple Inc.) C:\Users\kaseycs\Downloads\iTunes64Setup.exe
2014-07-20 12:52 - 2014-07-20 12:53 - 111992144 _____ (Apple Inc.) C:\Users\kaseycs\Downloads\iTunesSetup.exe
2014-07-20 12:36 - 2014-07-20 12:36 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\iConvertor
2014-07-20 12:34 - 2014-07-20 12:38 - 00000396 __RSH () C:\ProgramData\ntuser.pol
2014-07-20 12:33 - 2014-07-20 12:33 - 00613896 _____ () C:\Users\kaseycs\Downloads\setup (2).exe
2014-07-18 23:54 - 2014-07-18 23:54 - 00001413 _____ () C:\Users\kaseycs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-18 23:47 - 2014-07-18 23:52 - 00007583 _____ () C:\Windows\IE11_main.log
2014-07-18 19:11 - 2014-07-18 19:11 - 00284224 _____ (Mozilla) C:\Users\kaseycs\Downloads\Firefox Setup Stub 30.0 (1).exe
2014-07-18 17:48 - 2014-07-27 18:54 - 00000784 _____ () C:\Windows\setupact.log
2014-07-18 17:48 - 2014-07-18 17:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-18 16:15 - 2014-07-18 16:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main
2014-07-18 16:04 - 2014-07-18 16:04 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-07-18 16:04 - 2012-03-12 00:08 - 09888872 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsPStorIcon.dll
2014-07-18 16:04 - 2012-03-12 00:08 - 00340072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys
2014-07-18 16:01 - 2014-07-18 16:01 - 00003800 _____ () C:\Windows\System32\Tasks\VAIO Health Report
2014-07-18 16:01 - 2014-07-18 16:01 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VAIO Health Report
2014-07-18 15:52 - 2014-07-18 15:52 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-07-18 15:51 - 2014-07-18 15:51 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\SystemRequirementsLab
2014-07-18 15:43 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-18 15:43 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-18 15:43 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-18 15:43 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-18 15:43 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-18 15:42 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-18 15:42 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-18 15:42 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-18 15:42 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-18 15:42 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-18 15:42 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-18 15:42 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-18 15:42 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-18 15:42 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-18 15:42 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-18 15:42 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-18 15:42 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-18 15:42 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-18 15:42 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-18 15:42 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-18 15:42 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-18 15:42 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-18 15:41 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-18 15:41 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-18 15:41 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-17 23:34 - 2014-07-17 23:34 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Oracle
2014-07-17 22:53 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-17 22:53 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-17 22:53 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-17 22:53 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-17 22:52 - 2014-07-17 22:53 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-17 22:16 - 2014-07-17 22:16 - 00002215 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-17 22:16 - 2014-07-17 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-17 22:09 - 2014-07-18 17:22 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Adobe
2014-07-17 19:25 - 2014-07-17 22:08 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
2014-07-17 19:25 - 2014-07-17 22:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner Plus
2014-07-17 19:25 - 2014-07-17 20:14 - 00000434 _____ () C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - kaseycs).job
2014-07-17 19:25 - 2014-07-17 19:25 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\SlimWare Utilities Inc
2014-07-17 19:25 - 2014-07-17 19:25 - 00000000 ____D () C:\ProgramData\SlimWare Utilities Inc
2014-07-17 17:52 - 2014-07-17 17:53 - 00895120 _____ (Google Inc.) C:\Users\kaseycs\Downloads\ChromeSetup (1).exe
2014-07-17 17:34 - 2014-07-17 17:34 - 00009514 _____ () C:\Windows\system32\bootdelete.lst
2014-07-17 17:27 - 2014-07-17 17:27 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Macromedia
2014-07-17 17:21 - 2014-07-19 21:02 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Mozilla
2014-07-17 17:21 - 2014-07-19 21:02 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Mozilla
2014-07-17 17:21 - 2014-07-17 17:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-17 17:20 - 2014-07-17 17:20 - 00284224 _____ (Mozilla) C:\Users\kaseycs\Downloads\Firefox Setup Stub 30.0.exe
2014-07-17 13:57 - 2014-07-17 13:58 - 00000000 ____D () C:\Users\kaseycs\Documents\Paystubs & W-2
2014-07-16 00:02 - 2014-07-16 00:02 - 41232452 _____ () C:\Users\kaseycs\Downloads\khadfield_100intheshade.zip
2014-07-14 23:51 - 2014-07-18 14:40 - 00009021 _____ () C:\Users\kaseycs\Documents\BB Regs.xlsx
2014-07-10 13:56 - 2014-07-10 13:56 - 00007618 _____ () C:\Users\kaseycs\AppData\Local\Resmon.ResmonCfg
2014-07-04 11:44 - 2014-07-04 11:44 - 00000000 _____ () C:\Windows\SysWOW64\shoFD38.tmp
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-07-27 18:59 - 2014-07-27 18:59 - 00015163 _____ () C:\Users\kaseycs\Downloads\FRST.txt
2014-07-27 18:59 - 2014-07-27 18:58 - 00000000 ____D () C:\FRST
2014-07-27 18:58 - 2013-06-04 04:47 - 01739466 _____ () C:\Windows\WindowsUpdate.log
2014-07-27 18:57 - 2014-07-27 18:57 - 02093568 _____ (Farbar) C:\Users\kaseycs\Downloads\FRST64.exe
2014-07-27 18:54 - 2014-07-21 17:13 - 00009166 _____ () C:\Windows\PFRO.log
2014-07-27 18:54 - 2014-07-18 17:48 - 00000784 _____ () C:\Windows\setupact.log
2014-07-27 18:54 - 2014-05-17 11:01 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-27 18:54 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-27 18:53 - 2011-02-10 19:01 - 00000000 ____D () C:\Windows\InstDrvs
2014-07-27 18:50 - 2014-07-27 18:50 - 00003777 _____ () C:\Users\kaseycs\Desktop\Malware.txt
2014-07-27 18:41 - 2009-07-14 00:45 - 00030496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-27 18:41 - 2009-07-14 00:45 - 00030496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-27 18:37 - 2014-07-27 18:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-27 18:37 - 2014-07-27 18:37 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-27 18:37 - 2014-07-27 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-27 18:37 - 2014-07-27 18:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-27 18:37 - 2014-07-27 18:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-27 18:36 - 2014-07-27 18:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\kaseycs\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-27 18:36 - 2014-07-27 18:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\kaseycs\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-27 18:33 - 2014-07-27 18:30 - 00000000 ____D () C:\AdwCleaner
2014-07-27 18:33 - 2013-07-03 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Messenger
2014-07-27 18:29 - 2014-07-27 18:29 - 01367289 _____ () C:\Users\kaseycs\Downloads\AdwCleaner.exe
2014-07-27 18:27 - 2013-07-03 22:43 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-27 18:20 - 2014-05-17 11:01 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-27 18:16 - 2013-06-06 13:23 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 18:16 - 2013-06-06 13:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 18:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-27 18:08 - 2013-06-06 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-27 18:00 - 2013-06-04 15:37 - 00000000 ____D () C:\Users\kaseycs\Documents\Television Schedules
2014-07-27 17:43 - 2014-05-25 15:37 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Epson
2014-07-27 17:43 - 2014-05-25 15:31 - 00000000 ____D () C:\ProgramData\EPSON
2014-07-27 12:01 - 2014-07-27 12:01 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Windows
2014-07-26 23:11 - 2013-06-04 04:11 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2D4A72BE-3A6F-444F-8257-0A9BCAA49F7B}
2014-07-26 23:00 - 2014-07-20 12:58 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Apple Computer
2014-07-26 22:55 - 2014-05-17 10:36 - 00027136 _____ () C:\Users\kaseycs\Documents\My passwords Excel.xls
2014-07-25 23:49 - 2014-07-25 23:49 - 00000000 _____ () C:\Windows\SysWOW64\shoA8DF.tmp
2014-07-25 23:47 - 2013-06-04 15:34 - 00000000 ____D () C:\Users\kaseycs\Documents\Book Stuff
2014-07-22 22:19 - 2013-06-04 15:35 - 00000000 ____D () C:\Users\kaseycs\Documents\My PSP Files
2014-07-20 12:58 - 2014-07-20 12:58 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Apple Computer
2014-07-20 12:57 - 2014-07-20 12:57 - 00001743 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\Program Files\iTunes
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\Program Files\iPod
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-20 12:56 - 2014-07-20 12:56 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Apple
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Program Files\Bonjour
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-07-20 12:56 - 2014-07-20 12:55 - 00000000 ____D () C:\ProgramData\Apple
2014-07-20 12:55 - 2014-07-20 12:54 - 113509200 _____ (Apple Inc.) C:\Users\kaseycs\Downloads\iTunes64Setup.exe
2014-07-20 12:53 - 2014-07-20 12:52 - 111992144 _____ (Apple Inc.) C:\Users\kaseycs\Downloads\iTunesSetup.exe
2014-07-20 12:38 - 2014-07-20 12:34 - 00000396 __RSH () C:\ProgramData\ntuser.pol
2014-07-20 12:36 - 2014-07-20 12:36 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\iConvertor
2014-07-20 12:34 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-20 12:33 - 2014-07-20 12:33 - 00613896 _____ () C:\Users\kaseycs\Downloads\setup (2).exe
2014-07-19 21:03 - 2013-06-04 03:31 - 00000000 ____D () C:\Users\kaseycs
2014-07-19 21:02 - 2014-07-17 17:21 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Mozilla
2014-07-19 21:02 - 2014-07-17 17:21 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Mozilla
2014-07-19 21:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-07-19 21:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-07-19 13:00 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-07-19 11:26 - 2009-07-14 01:08 - 00032652 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-18 23:54 - 2014-07-18 23:54 - 00001413 _____ () C:\Users\kaseycs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-18 23:54 - 2011-02-10 18:48 - 00000000 ____D () C:\Windows\Panther
2014-07-18 23:52 - 2014-07-18 23:47 - 00007583 _____ () C:\Windows\IE11_main.log
2014-07-18 22:35 - 2014-06-01 20:30 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\iolo
2014-07-18 19:11 - 2014-07-18 19:11 - 00284224 _____ (Mozilla) C:\Users\kaseycs\Downloads\Firefox Setup Stub 30.0 (1).exe
2014-07-18 17:48 - 2014-07-18 17:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-18 17:46 - 2013-07-31 18:18 - 00000000 ____D () C:\Windows\Minidump
2014-07-18 17:35 - 2009-07-14 00:45 - 05975632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-18 17:22 - 2014-07-17 22:09 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Adobe
2014-07-18 16:16 - 2013-06-25 20:31 - 00000000 ____D () C:\Update
2014-07-18 16:15 - 2014-07-18 16:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main
2014-07-18 16:15 - 2013-06-25 21:14 - 00000021 _____ () C:\Windows\Model.txt
2014-07-18 16:15 - 2013-06-04 05:01 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-18 16:15 - 2013-06-04 04:49 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-18 16:15 - 2013-06-04 04:43 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-07-18 16:14 - 2013-06-04 05:53 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayStation Tools
2014-07-18 16:14 - 2013-06-04 05:39 - 00000000 ____D () C:\Program Files\Sony
2014-07-18 16:10 - 2013-06-04 05:01 - 00014938 _____ () C:\Windows\system32\results.xml
2014-07-18 16:08 - 2013-06-04 04:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-07-18 16:04 - 2014-07-18 16:04 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-07-18 16:04 - 2013-06-04 04:56 - 00000000 ____D () C:\Windows\SysWOW64\sda
2014-07-18 16:01 - 2014-07-18 16:01 - 00003800 _____ () C:\Windows\System32\Tasks\VAIO Health Report
2014-07-18 16:01 - 2014-07-18 16:01 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VAIO Health Report
2014-07-18 16:00 - 2013-06-04 05:27 - 00000000 ____D () C:\Documentation
2014-07-18 15:53 - 2014-05-25 17:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-18 15:53 - 2011-03-14 22:36 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-18 15:53 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-18 15:53 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-18 15:52 - 2014-07-18 15:52 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-07-18 15:52 - 2013-06-04 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-18 15:51 - 2014-07-18 15:51 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\SystemRequirementsLab
2014-07-18 15:49 - 2013-07-31 19:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-18 15:46 - 2013-06-08 20:36 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-18 14:40 - 2014-07-14 23:51 - 00009021 _____ () C:\Users\kaseycs\Documents\BB Regs.xlsx
2014-07-17 23:39 - 2013-06-04 05:03 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-17 23:34 - 2014-07-17 23:34 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Oracle
2014-07-17 22:53 - 2014-07-17 22:52 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-17 22:53 - 2014-06-12 16:21 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-17 22:44 - 2013-06-04 03:31 - 00000000 ____D () C:\Windows\pss
2014-07-17 22:27 - 2013-07-03 22:43 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-17 22:27 - 2013-07-03 22:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-17 22:27 - 2013-07-03 22:43 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-17 22:16 - 2014-07-17 22:16 - 00002215 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-17 22:16 - 2014-07-17 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-17 22:16 - 2013-06-04 12:23 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-17 22:15 - 2014-05-17 11:01 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-17 22:15 - 2014-05-17 11:01 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-17 22:15 - 2013-06-04 12:23 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Deployment
2014-07-17 22:08 - 2014-07-17 19:25 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
2014-07-17 22:07 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-07-17 22:06 - 2014-07-17 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner Plus
2014-07-17 22:06 - 2013-06-06 21:46 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-17 22:06 - 2013-06-04 05:27 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-07-17 22:06 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-07-17 20:14 - 2014-07-17 19:25 - 00000434 _____ () C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - kaseycs).job
2014-07-17 19:25 - 2014-07-17 19:25 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\SlimWare Utilities Inc
2014-07-17 19:25 - 2014-07-17 19:25 - 00000000 ____D () C:\ProgramData\SlimWare Utilities Inc
2014-07-17 19:10 - 2014-06-01 20:30 - 00000000 ____D () C:\ProgramData\iolo
2014-07-17 17:53 - 2014-07-17 17:52 - 00895120 _____ (Google Inc.) C:\Users\kaseycs\Downloads\ChromeSetup (1).exe
2014-07-17 17:34 - 2014-07-17 17:34 - 00009514 _____ () C:\Windows\system32\bootdelete.lst
2014-07-17 17:34 - 2014-06-17 10:29 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-07-17 17:27 - 2014-07-17 17:27 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Macromedia
2014-07-17 17:21 - 2014-07-17 17:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-17 17:20 - 2014-07-17 17:20 - 00284224 _____ (Mozilla) C:\Users\kaseycs\Downloads\Firefox Setup Stub 30.0.exe
2014-07-17 17:16 - 2011-03-14 22:36 - 00000000 ____D () C:\Windows\ShellNew
2014-07-17 13:58 - 2014-07-17 13:57 - 00000000 ____D () C:\Users\kaseycs\Documents\Paystubs & W-2
2014-07-16 00:02 - 2014-07-16 00:02 - 41232452 _____ () C:\Users\kaseycs\Downloads\khadfield_100intheshade.zip
2014-07-15 20:54 - 2013-06-04 15:34 - 00000000 ____D () C:\Users\kaseycs\Documents\Insight Cable Manuals
2014-07-11 03:02 - 2014-07-17 22:53 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-17 22:53 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-17 22:53 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-17 22:53 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-10 13:56 - 2014-07-10 13:56 - 00007618 _____ () C:\Users\kaseycs\AppData\Local\Resmon.ResmonCfg
2014-07-08 15:52 - 2013-06-04 15:35 - 00000000 ____D () C:\Users\kaseycs\Documents\Outlook Files
2014-07-04 11:44 - 2014-07-04 11:44 - 00000000 _____ () C:\Windows\SysWOW64\shoFD38.tmp
2014-07-01 21:15 - 2014-06-18 22:42 - 00011142 _____ () C:\Users\kaseycs\Documents\Garage Sale.xlsx
2014-06-29 22:09 - 2014-07-18 15:43 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-29 22:04 - 2014-07-18 15:43 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
 
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$5f5e8ccbb3d02372bc4b07b41c249e40
 
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-2525507361-3722342168-342951548-1005\$5f5e8ccbb3d02372bc4b07b41c249e40
 
Some content of TEMP:
====================
C:\Users\kaseycs\AppData\Local\Temp\GLF15F5.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF174C.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF18C3.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF19FB.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF37E.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF486A.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF4AFA.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF553.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF5A35.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF5C96.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF5D0.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF7534.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF78DD.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF8FB6.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF9275.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFBB86.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFC7A7.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFDA5C.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFDCFC.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFE055.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFE362.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFF8B5.EXE
C:\Users\kaseycs\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-18 18:38
 
==================== End Of Log ============================

Edited by Kaseycs, 27 July 2014 - 07:45 PM.


BC AdBot (Login to Remove)

 


#2 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:38 AM

Posted 31 July 2014 - 12:21 PM

Hi Kaseycs and welcome to BC.

Please take note of the following:

1. Please do not run any other tools unless instructed.
2. Please don't install or uninstall anything unless asked.
3. The cleaning process is not instant. Please continue to review my answers until I tell you that your computer is clean.
4. If there's anything that you don't understand, please ask your question(s) before proceeding with the fixes.
5. Please reply to this thread. Do not start a new topic.


You have quite a serious infection there.
Unfortunately you didn't post the addition.txt report with the main FRST report.

Let's get an up to date set of reports just in case anything has changed.

Please re-run FRST.
  • Make sure that Addition.txt is selected at the bottom
  • Press Scan button.

    newfrst_zpsa63ffa3d.png
  • It will make a log (FRST.txt) in the same directory the tool is run. (Running from C:\Users\kaseycs\Downloads)
  • Please copy and paste it to your reply.
  • It will also make another log (Addition.txt). Please copy and paste it to your reply also.
In your next reply, please submit:
Both reports from FRST


Thanks.

BBPP6nz.png


#3 Kaseycs

Kaseycs
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:38 AM

Posted 31 July 2014 - 01:04 PM

Thanks I am attaching the files you requested.

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 01
Ran by kaseycs (administrator) on WESTIE on 31-07-2014 13:56:49
Running from C:\Users\kaseycs\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Windows\SysWOW64\PSIService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Digital Delivery Networks, Inc.) C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Digital Delivery Networks, Inc.) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-08-08] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox]  ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-2525507361-3722342168-342951548-1005\...\Run: [ISUSPM] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-05-16] (Macrovision Corporation)
HKU\S-1-5-21-2525507361-3722342168-342951548-1005\...\Policies\Explorer: [TaskbarNoThumbnail] 0
BootExecute: autocheck autochk * bootdelete
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {637870FF-1496-4C52-9FD5-85D8CEBBBF4E} URL = http://search.rr.com/#web/{searchTerms}/1/
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
 
Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (Pin It Button) - C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-07-24]
CHR Extension: (MyWebFace) - C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj [2014-07-28]
CHR Extension: (Google Wallet) - C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [176624 2014-02-13] (Coupons.com Inc.)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-07-17] (SurfRight B.V.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [61440 2013-07-02] (Digital Delivery Networks, Inc.) [File not signed]
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [174656 2006-11-02] () [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-06-01] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2014 01
Ran by kaseycs at 2014-07-31 13:58:40
Running from C:\Users\kaseycs\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.10 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version:  - )
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.18.51 - Conexant)
Corel Paint Shop Pro X (HKLM-x32\...\{1A15507A-8551-4626-915D-3D5FA095CC1B}) (Version: 10.10 - Corel Inc)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.166 - Corel Inc.)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.7) (Version: 5.0.0.7 - Coupons.com Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
DesignPro 5 (HKLM-x32\...\InstallShield_{32821558-2C36-4FD0-A891-CA65360B0EC7}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden
EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.30.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WF-3540 Series Printer Uninstall (HKLM\...\EPSON WF-3540 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
FaceFilter Studio 2 (HKLM-x32\...\{F59205C8-E5FB-43F5-AAB2-16C1760D4F59}) (Version: 2.0 - Reallusion)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.221 - SurfRight B.V.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Jasc Paint Shop Pro 9 (HKLM-x32\...\{F843C6A3-224D-4615-94F8-3C461BD9AEA0}) (Version: 9.01.0000 - Jasc Software Inc)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Oasis2Service (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.4 - DDNi)
OLYMPUS ib (HKLM-x32\...\InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}) (Version: 1.1.1404 - OLYMPUS IMAGING CORP.)
OLYMPUS ib (x32 Version: 1.1.1404 - OLYMPUS IMAGING CORP.) Hidden
OOBE (x32 Version: 11.2.1.10 - Sony Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (x32 Version: 5.5.02.12220 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.01.04010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.07060 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Smilebox (HKCU\...\Smilebox) (Version: 1.0.0.25280 - Smilebox, Inc.)
Software Updater (HKLM-x32\...\{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}) (Version: 4.2.7 - SEIKO EPSON CORPORATION)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VAIO - Media Gallery (x32 Version: 1.5.0.16020 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Guide (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Plug-in (x32 Version: 1.5.01.04060 - Sony Corporation) Hidden
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.1.0.07060 - Sony Corporation)
VAIO - Remote Play with PlayStation®3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{FDCC09EA-A33E-4639-B1CD-FC1702815FA7}) (Version: 8.4.0.14281 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (x32 Version: 4.5.0.03040 - Sony Corporation) Hidden
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (x32 Version: 5.5.0.03040 - Sony Corporation) Hidden
VAIO Gate (x32 Version: 2.4.2.02200 - Sony Corporation) Hidden
VAIO Gate Default (x32 Version: 2.4.0.03240 - Sony Corporation) Hidden
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics)
VAIO Help and Support (HKLM-x32\...\{F5248E24-F52C-4FD1-B76F-102460BAFD6B}) (Version: 14.00.0125 - Sony Corporation)
VAIO Improvement (x32 Version: 1.0.0.14150 - Sony Corporation) Hidden
VAIO Manual (x32 Version: 2.0.0.02250 - Sony Corporation) Hidden
VAIO Messenger (HKLM-x32\...\VAIO Messenger) (Version: 2.0.550.0 - DDNi)
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (x32 Version: 1.4.0.09010 - Sony Corporation) Hidden
VAIO Satisfaction Survey. (x32 Version: 3.0 - Sony Electronics Inc.) Hidden
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.1.08270 - Sony Corporation)
VAIO Transfer Support (x32 Version: 1.4.0.14230 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VoiceZoneConnect (HKLM-x32\...\com.twc.voicezoneconnect) (Version: 1.5.0 - Time Warner Cable Media Inc)
VoiceZoneConnect (x32 Version: 1.5.0 - Time Warner Cable Media Inc) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
19-07-2014 03:34:56 Windows Update
19-07-2014 03:37:47 Restore Operation
19-07-2014 03:46:15 Windows Update
20-07-2014 00:21:10 Windows Update
20-07-2014 00:59:49 Restore Operation
20-07-2014 02:30:48 Revo Uninstaller's restore point - Mozilla Maintenance Service
20-07-2014 02:32:27 Revo Uninstaller's restore point - Mozilla Firefox 30.0 (x86 en-US)
20-07-2014 16:39:32 Revo Uninstaller's restore point - Consumer Input (remove only)
20-07-2014 16:41:39 Revo Uninstaller's restore point - FastMediaConverter
20-07-2014 16:46:01 Checkpoint by HitmanPro
20-07-2014 16:56:31 Installed iTunes
21-07-2014 21:21:14 Checkpoint by HitmanPro
22-07-2014 22:04:35 Windows Update
26-07-2014 03:35:25 Windows Update
26-07-2014 03:56:23 Checkpoint by HitmanPro
27-07-2014 22:03:57 Windows Update
27-07-2014 22:25:43 Checkpoint by HitmanPro
28-07-2014 00:19:07 Restore Operation
28-07-2014 00:30:18 Checkpoint by HitmanPro
29-07-2014 15:51:52 Checkpoint by HitmanPro
31-07-2014 16:25:22 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {058E8C46-75A0-4C3F-A65F-003A240E32B6} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {0DDDF40E-0DF8-4F13-8528-11F849E363C3} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {17C2D14A-856D-4E26-A2F7-244A2CFA5F5C} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {2A79DAB0-424E-42B5-AA2D-1361BDB2A4C9} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {3B21014A-EDA5-4264-8B22-F844A1A6DF07} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {3E3D4391-3EA2-43A1-8B64-427E68B2875F} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation)
Task: {44D38AFD-8D3E-4A70-8797-D90110513C74} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {4B63AE26-4ED7-4EB1-909B-757726031EEF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-17] (Adobe Systems Incorporated)
Task: {54773E8C-4C93-488B-9B23-BF29E40FCB13} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {757780D9-EB19-4F7E-A847-4EE087F73279} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {7776D7C2-3248-4D58-B660-E7383B3754B0} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {79C1B52A-03AB-40B2-9697-75B3A1FA412F} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {7AC7ED7D-4280-4BAE-8400-2C30860D8907} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8332269E-457F-4DA0-AA77-A0C6159267DF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-17] (Google Inc.)
Task: {88625652-AE53-40E3-9F8C-4DB8284B15A0} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {8A29CFB2-B4DF-41FE-80FA-73E42FBF5CF1} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {989CF5EE-206D-4EC4-B84E-DC8117C4BFAF} - System32\Tasks\DDNi Startup => C:\Program Files (x86)\DDNi\Oasis\DDNiStartup.exe [2013-07-03] (Digital Delivery Networks, Inc.)
Task: {A3A557F2-A562-4B36-9264-404F82FDD1E7} - System32\Tasks\VAIO Health Report => C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe [2013-06-20] (Sony Electronics)
Task: {A47F868E-751E-4665-9973-563EF1D9D580} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {A77269FF-1088-406B-83B7-985B6A41B571} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {CCA66AAB-83E5-4AF6-B957-769948CF9BA4} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {D3D5F4AE-5445-4864-B757-9731F6F7815A} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {DCA667F5-4304-4EEC-91FA-DB4B70F4B5B6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {E1558AFB-3AAB-4409-AD38-9EC70C371A35} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {E4C07EB9-65EE-47F9-88BA-56D34AFFCFEC} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-21] (Sony Corporation)
Task: {E8E62887-59A8-4FCB-9D0D-73055F3C59AB} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-01-27] (Sony Corporation)
Task: {F362210F-24C0-482F-A658-7C201F0A85BD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-17] (Google Inc.)
Task: {FAD845FD-2173-4CFF-BD6C-21675A44C32F} - System32\Tasks\VAIO® Messenger (kaseycs) => C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [2013-07-03] (Digital Delivery Networks, Inc.)
Task: {FCD75DC0-F5E9-4C30-AEDE-BF53F5DAFEAA} - System32\Tasks\VAIO® Messenger (Administrator) => C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [2013-07-03] (Digital Delivery Networks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - kaseycs).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2006-11-02 20:40 - 2006-11-02 20:40 - 00174656 _____ () C:\Windows\SysWOW64\PSIService.exe
2011-03-29 21:46 - 2011-03-29 04:47 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-11-01 14:59 - 2013-11-01 14:59 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-04 05:25 - 2011-03-05 19:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-07-17 22:16 - 2014-07-15 05:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-17 22:16 - 2014-07-15 05:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-17 22:16 - 2014-07-15 05:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-17 22:16 - 2014-07-15 05:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-17 22:16 - 2014-07-15 05:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2013-07-03 22:07 - 2013-07-03 02:08 - 00061864 _____ () C:\Program Files (x86)\DDNi\Oasis\OasisCloudModel.dll
2013-07-03 22:07 - 2013-07-03 02:08 - 00018856 _____ () C:\Program Files (x86)\DDNi\Oasis\OasisCloudClient.dll
2014-03-31 13:59 - 2014-03-31 13:59 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll
2013-06-04 04:49 - 2010-09-13 21:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2013-07-02 23:06 - 2013-07-02 23:06 - 00039936 _____ () C:\Program Files (x86)\DDNi\Oasis2Service\OasisCloudModel.dll
2013-07-02 23:06 - 2013-07-02 23:06 - 00011264 _____ () C:\Program Files (x86)\DDNi\Oasis2Service\OasisCloudClient.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-07-17 22:16 - 2014-07-15 05:24 - 14664008 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Users^kaseycs^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupfolder: C:^Users^kaseycs^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^VoiceZoneConnect.lnk => C:\Windows\pss\VoiceZoneConnect.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Apoint => %ProgramFiles%\Apoint\Apoint.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: cAudioFilterAgent => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: FUFAXRCV => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
MSCONFIG\startupreg: FUFAXSTM => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
MSCONFIG\startupreg: MDS_Menu => "C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: Olympus ib => "C:\Program Files (x86)\Olympus\ib\olycamdetect.exe" /Startup
MSCONFIG\startupreg: SmileboxTray => "C:\Users\kaseycs\AppData\Roaming\Smilebox\SmileboxTray.exe"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/31/2014 00:06:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vuagent.exe, version: 7.0.0.14270, time stamp: 0x530eaf5a
Faulting module name: wwanapi.dll, version: 6.1.7600.16385, time stamp: 0x4a5be0a8
Exception code: 0xc0000005
Fault offset: 0x0000000000030306
Faulting process id: 0x1430
Faulting application start time: 0xvuagent.exe0
Faulting application path: vuagent.exe1
Faulting module path: vuagent.exe2
Report Id: vuagent.exe3
 
Error: (07/31/2014 00:05:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 23235662
 
Error: (07/31/2014 00:05:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 23235662
 
Error: (07/31/2014 00:05:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/31/2014 05:38:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9079
 
Error: (07/31/2014 05:38:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9079
 
Error: (07/31/2014 05:38:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/31/2014 05:38:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8065
 
Error: (07/31/2014 05:38:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8065
 
Error: (07/31/2014 05:38:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (07/31/2014 00:06:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The VUAgent service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/31/2014 00:05:34 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe" -Embedding740{FFF2D28F-E4EE-44D9-8104-8E71556757F6}
 
Error: (07/31/2014 05:37:27 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HitmanProScheduler service.
 
Error: (07/31/2014 05:37:27 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (07/30/2014 00:03:59 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe" -Embedding740{FFF2D28F-E4EE-44D9-8104-8E71556757F6}
 
Error: (07/30/2014 06:07:24 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Oasis2Service service.
 
Error: (07/29/2014 11:46:17 AM) (Source: DCOM) (EventID: 10000) (User: )
Description: "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe" -Embedding740{FFF2D28F-E4EE-44D9-8104-8E71556757F6}
 
Error: (07/29/2014 00:18:28 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (07/28/2014 08:25:57 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe" -Embedding740{FFF2D28F-E4EE-44D9-8104-8E71556757F6}
 
Error: (07/28/2014 07:46:27 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SampleCollector service.
 
 
Microsoft Office Sessions:
=========================
Error: (07/31/2014 00:06:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vuagent.exe7.0.0.14270530eaf5awwanapi.dll6.1.7600.163854a5be0a8c00000050000000000030306143001cfab447b18e7c4C:\Program Files\Sony\VAIO Update\vuagent.exeC:\Windows\system32\wwanapi.dll941de686-18cc-11e4-866e-78843ce363bc
 
Error: (07/31/2014 00:05:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 23235662
 
Error: (07/31/2014 00:05:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 23235662
 
Error: (07/31/2014 00:05:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/31/2014 05:38:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9079
 
Error: (07/31/2014 05:38:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9079
 
Error: (07/31/2014 05:38:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/31/2014 05:38:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8065
 
Error: (07/31/2014 05:38:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8065
 
Error: (07/31/2014 05:38:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 69%
Total physical RAM: 4043.86 MB
Available physical RAM: 1239.57 MB
Total Pagefile: 8228.9 MB
Available Pagefile: 2877.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:585.63 GB) (Free:486.22 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: DF4E32F8)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=586 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#4 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:38 AM

Posted 31 July 2014 - 01:48 PM

Hi Kaseycs

The Addition.txt is complete, but the main FRST report seems to have been cut off and is incomplete.
Can you please post the main FRST report again.

Thanks

BBPP6nz.png


#5 Kaseycs

Kaseycs
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:38 AM

Posted 31 July 2014 - 02:38 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 01
Ran by kaseycs (administrator) on WESTIE on 31-07-2014 13:56:49
Running from C:\Users\kaseycs\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Windows\SysWOW64\PSIService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Digital Delivery Networks, Inc.) C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Digital Delivery Networks, Inc.) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-08-08] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox]  ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-2525507361-3722342168-342951548-1005\...\Run: [ISUSPM] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-05-16] (Macrovision Corporation)
HKU\S-1-5-21-2525507361-3722342168-342951548-1005\...\Policies\Explorer: [TaskbarNoThumbnail] 0
BootExecute: autocheck autochk * bootdelete
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {637870FF-1496-4C52-9FD5-85D8CEBBBF4E} URL = http://search.rr.com/#web/{searchTerms}/1/
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
 
Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (Pin It Button) - C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-07-24]
CHR Extension: (MyWebFace) - C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj [2014-07-28]
CHR Extension: (Google Wallet) - C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [176624 2014-02-13] (Coupons.com Inc.)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-07-17] (SurfRight B.V.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [61440 2013-07-02] (Digital Delivery Networks, Inc.) [File not signed]
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [174656 2006-11-02] () [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-06-01] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-07-31 13:56 - 2014-07-31 13:56 - 02094080 _____ (Farbar) C:\Users\kaseycs\Downloads\FRST64.exe
2014-07-30 19:31 - 2014-07-30 19:31 - 00000165 ____H () C:\Users\kaseycs\Documents\~$BB Regs.xlsx
2014-07-27 20:14 - 2014-07-27 20:14 - 00002972 _____ () C:\Users\kaseycs\Downloads\HitmanPro_17990716_2132.log
2014-07-27 20:03 - 2014-07-27 20:22 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-27 19:09 - 2014-07-27 19:09 - 00001219 _____ () C:\Users\kaseycs\Desktop\JRT.txt
2014-07-27 19:00 - 2014-07-27 19:01 - 00045249 _____ () C:\Users\kaseycs\Downloads\Addition.txt
2014-07-27 18:59 - 2014-07-31 13:57 - 00016949 _____ () C:\Users\kaseycs\Downloads\FRST.txt
2014-07-27 18:58 - 2014-07-31 13:56 - 00000000 ____D () C:\FRST
2014-07-27 18:50 - 2014-07-27 18:50 - 00003777 _____ () C:\Users\kaseycs\Desktop\Malware.txt
2014-07-27 18:37 - 2014-07-27 20:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-27 18:37 - 2014-07-27 18:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-27 18:30 - 2014-07-27 18:33 - 00000000 ____D () C:\AdwCleaner
2014-07-27 18:03 - 2014-06-20 16:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-27 18:03 - 2014-06-20 15:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-27 18:03 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-27 18:03 - 2014-06-18 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-27 18:03 - 2014-06-18 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-27 18:03 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-27 18:03 - 2014-06-18 20:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-27 18:03 - 2014-06-18 20:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-27 18:03 - 2014-06-18 20:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-27 18:03 - 2014-06-18 20:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-27 18:03 - 2014-06-18 20:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-27 18:03 - 2014-06-18 20:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-27 18:03 - 2014-06-18 20:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-27 18:03 - 2014-06-18 20:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-27 18:03 - 2014-06-18 20:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-27 18:03 - 2014-06-18 20:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-27 18:03 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-27 18:03 - 2014-06-18 20:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-27 18:03 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-27 18:03 - 2014-06-18 19:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-27 18:03 - 2014-06-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-27 18:03 - 2014-06-18 19:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-27 18:03 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-27 18:03 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-27 18:03 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-27 18:03 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-27 18:03 - 2014-06-18 19:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-27 18:03 - 2014-06-18 19:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-27 18:03 - 2014-06-18 19:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-27 18:03 - 2014-06-18 19:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-27 18:03 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-27 18:03 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-27 18:03 - 2014-06-18 19:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-27 18:03 - 2014-06-18 19:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-27 18:03 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-27 18:03 - 2014-06-18 19:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-27 18:03 - 2014-06-18 19:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-27 18:03 - 2014-06-18 19:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-27 18:03 - 2014-06-18 19:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-27 18:03 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-27 18:03 - 2014-06-18 19:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-27 18:03 - 2014-06-18 19:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-27 18:03 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-27 18:03 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-27 18:03 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-27 18:03 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-27 18:03 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-27 18:03 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-27 18:03 - 2014-06-18 18:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-27 18:03 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-27 18:03 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-27 18:03 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-27 18:03 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-27 18:03 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-27 18:03 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-27 18:03 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-27 12:01 - 2014-07-27 12:01 - 00456776 _____ () C:\Users\kaseycs\Downloads\ShopAtHome_AppCore_7127_C40080369_D1_R1032683_B3 (1).exe
2014-07-27 12:01 - 2014-07-27 12:01 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Windows
2014-07-27 12:00 - 2014-07-27 12:01 - 00456776 _____ () C:\Users\kaseycs\Downloads\ShopAtHome_AppCore_7127_C40080369_D1_R1032683_B3.exe
2014-07-25 23:49 - 2014-07-25 23:49 - 00000000 _____ () C:\Windows\SysWOW64\shoA8DF.tmp
2014-07-21 17:13 - 2014-07-21 17:13 - 00004168 _____ () C:\Windows\PFRO.log
2014-07-20 12:58 - 2014-07-26 23:00 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Apple Computer
2014-07-20 12:58 - 2014-07-20 12:58 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Apple Computer
2014-07-20 12:57 - 2014-07-20 12:57 - 00001743 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\Program Files\iTunes
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\Program Files\iPod
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-20 12:57 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-07-20 12:56 - 2014-07-20 12:56 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Apple
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Program Files\Bonjour
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-07-20 12:55 - 2014-07-20 12:56 - 00000000 ____D () C:\ProgramData\Apple
2014-07-20 12:54 - 2014-07-20 12:55 - 113509200 _____ (Apple Inc.) C:\Users\kaseycs\Downloads\iTunes64Setup.exe
2014-07-20 12:52 - 2014-07-20 12:53 - 111992144 _____ (Apple Inc.) C:\Users\kaseycs\Downloads\iTunesSetup.exe
2014-07-20 12:36 - 2014-07-20 12:36 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\iConvertor
2014-07-20 12:34 - 2014-07-20 12:38 - 00000396 __RSH () C:\ProgramData\ntuser.pol
2014-07-20 12:33 - 2014-07-20 12:33 - 00613896 _____ () C:\Users\kaseycs\Downloads\setup (2).exe
2014-07-18 23:54 - 2014-07-18 23:54 - 00001413 _____ () C:\Users\kaseycs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-18 23:47 - 2014-07-18 23:52 - 00007583 _____ () C:\Windows\IE11_main.log
2014-07-18 19:11 - 2014-07-18 19:11 - 00284224 _____ (Mozilla) C:\Users\kaseycs\Downloads\Firefox Setup Stub 30.0 (1).exe
2014-07-18 17:48 - 2014-07-29 11:45 - 00000784 _____ () C:\Windows\setupact.log
2014-07-18 17:48 - 2014-07-18 17:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-18 16:15 - 2014-07-18 16:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main
2014-07-18 16:04 - 2014-07-18 16:04 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-07-18 16:04 - 2012-03-12 00:08 - 09888872 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsPStorIcon.dll
2014-07-18 16:04 - 2012-03-12 00:08 - 00340072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys
2014-07-18 16:01 - 2014-07-18 16:01 - 00003800 _____ () C:\Windows\System32\Tasks\VAIO Health Report
2014-07-18 16:01 - 2014-07-18 16:01 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VAIO Health Report
2014-07-18 15:52 - 2014-07-18 15:52 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-07-18 15:51 - 2014-07-18 15:51 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\SystemRequirementsLab
2014-07-18 15:43 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-18 15:43 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-18 15:43 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-18 15:43 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-18 15:43 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-18 15:42 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-18 15:42 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-18 15:42 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-18 15:42 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-18 15:42 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-18 15:42 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-18 15:42 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-18 15:42 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-18 15:42 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-18 15:42 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-18 15:42 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-18 15:42 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-18 15:42 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-18 15:42 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-18 15:42 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-18 15:42 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-18 15:42 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-18 15:41 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-18 15:41 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-18 15:41 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-17 23:34 - 2014-07-17 23:34 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Oracle
2014-07-17 22:53 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-17 22:53 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-17 22:53 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-17 22:53 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-17 22:52 - 2014-07-17 22:53 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-17 22:16 - 2014-07-17 22:16 - 00002215 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-17 22:16 - 2014-07-17 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-17 22:09 - 2014-07-18 17:22 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Adobe
2014-07-17 19:25 - 2014-07-17 22:08 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
2014-07-17 19:25 - 2014-07-17 22:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner Plus
2014-07-17 19:25 - 2014-07-17 20:14 - 00000434 _____ () C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - kaseycs).job
2014-07-17 19:25 - 2014-07-17 19:25 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\SlimWare Utilities Inc
2014-07-17 19:25 - 2014-07-17 19:25 - 00000000 ____D () C:\ProgramData\SlimWare Utilities Inc
2014-07-17 17:52 - 2014-07-17 17:53 - 00895120 _____ (Google Inc.) C:\Users\kaseycs\Downloads\ChromeSetup (1).exe
2014-07-17 17:34 - 2014-07-17 17:34 - 00009514 _____ () C:\Windows\system32\bootdelete.lst
2014-07-17 17:27 - 2014-07-17 17:27 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Macromedia
2014-07-17 17:21 - 2014-07-19 21:02 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Mozilla
2014-07-17 17:21 - 2014-07-19 21:02 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Mozilla
2014-07-17 17:21 - 2014-07-17 17:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-17 17:20 - 2014-07-17 17:20 - 00284224 _____ (Mozilla) C:\Users\kaseycs\Downloads\Firefox Setup Stub 30.0.exe
2014-07-17 13:57 - 2014-07-17 13:58 - 00000000 ____D () C:\Users\kaseycs\Documents\Paystubs & W-2
2014-07-16 00:02 - 2014-07-16 00:02 - 41232452 _____ () C:\Users\kaseycs\Downloads\khadfield_100intheshade.zip
2014-07-14 23:51 - 2014-07-31 12:52 - 00009073 _____ () C:\Users\kaseycs\Documents\BB Regs.xlsx
2014-07-10 13:56 - 2014-07-10 13:56 - 00007618 _____ () C:\Users\kaseycs\AppData\Local\Resmon.ResmonCfg
2014-07-04 11:44 - 2014-07-04 11:44 - 00000000 _____ () C:\Windows\SysWOW64\shoFD38.tmp
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-07-31 13:57 - 2014-07-27 18:59 - 00016949 _____ () C:\Users\kaseycs\Downloads\FRST.txt
2014-07-31 13:56 - 2014-07-31 13:56 - 02094080 _____ (Farbar) C:\Users\kaseycs\Downloads\FRST64.exe
2014-07-31 13:56 - 2014-07-27 18:58 - 00000000 ____D () C:\FRST
2014-07-31 13:47 - 2013-06-04 04:47 - 01890788 _____ () C:\Windows\WindowsUpdate.log
2014-07-31 13:27 - 2013-07-03 22:43 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-31 13:20 - 2014-05-17 11:01 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-31 12:52 - 2014-07-14 23:51 - 00009073 _____ () C:\Users\kaseycs\Documents\BB Regs.xlsx
2014-07-31 12:52 - 2014-05-17 10:36 - 00027136 _____ () C:\Users\kaseycs\Documents\My passwords Excel.xls
2014-07-30 22:20 - 2014-05-17 11:01 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-30 22:01 - 2013-06-04 15:37 - 00000000 ____D () C:\Users\kaseycs\Documents\Television Schedules
2014-07-30 21:53 - 2013-06-04 04:11 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2D4A72BE-3A6F-444F-8257-0A9BCAA49F7B}
2014-07-30 19:31 - 2014-07-30 19:31 - 00000165 ____H () C:\Users\kaseycs\Documents\~$BB Regs.xlsx
2014-07-29 11:53 - 2009-07-14 00:45 - 00030496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-29 11:53 - 2009-07-14 00:45 - 00030496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-29 11:45 - 2014-07-18 17:48 - 00000784 _____ () C:\Windows\setupact.log
2014-07-29 11:45 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-28 11:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-07-27 20:23 - 2013-06-04 03:31 - 00000000 ____D () C:\Users\kaseycs
2014-07-27 20:22 - 2014-07-27 20:03 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-27 20:22 - 2014-07-27 18:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-27 20:22 - 2013-11-14 20:17 - 00000000 ____D () C:\Program Files (x86)\Coupons
2014-07-27 20:22 - 2013-07-03 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Messenger
2014-07-27 20:22 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-07-27 20:14 - 2014-07-27 20:14 - 00002972 _____ () C:\Users\kaseycs\Downloads\HitmanPro_17990716_2132.log
2014-07-27 19:09 - 2014-07-27 19:09 - 00001219 _____ () C:\Users\kaseycs\Desktop\JRT.txt
2014-07-27 19:01 - 2014-07-27 19:00 - 00045249 _____ () C:\Users\kaseycs\Downloads\Addition.txt
2014-07-27 18:50 - 2014-07-27 18:50 - 00003777 _____ () C:\Users\kaseycs\Desktop\Malware.txt
2014-07-27 18:37 - 2014-07-27 18:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-27 18:33 - 2014-07-27 18:30 - 00000000 ____D () C:\AdwCleaner
2014-07-27 18:16 - 2013-06-06 13:23 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 18:16 - 2013-06-06 13:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 18:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-27 18:08 - 2013-06-06 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-27 17:43 - 2014-05-25 15:37 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Epson
2014-07-27 17:43 - 2014-05-25 15:31 - 00000000 ____D () C:\ProgramData\EPSON
2014-07-27 12:01 - 2014-07-27 12:01 - 00456776 _____ () C:\Users\kaseycs\Downloads\ShopAtHome_AppCore_7127_C40080369_D1_R1032683_B3 (1).exe
2014-07-27 12:01 - 2014-07-27 12:01 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Windows
2014-07-27 12:01 - 2014-07-27 12:00 - 00456776 _____ () C:\Users\kaseycs\Downloads\ShopAtHome_AppCore_7127_C40080369_D1_R1032683_B3.exe
2014-07-26 23:00 - 2014-07-20 12:58 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Apple Computer
2014-07-25 23:49 - 2014-07-25 23:49 - 00000000 _____ () C:\Windows\SysWOW64\shoA8DF.tmp
2014-07-25 23:47 - 2013-06-04 15:34 - 00000000 ____D () C:\Users\kaseycs\Documents\Book Stuff
2014-07-22 22:19 - 2013-06-04 15:35 - 00000000 ____D () C:\Users\kaseycs\Documents\My PSP Files
2014-07-21 17:13 - 2014-07-21 17:13 - 00004168 _____ () C:\Windows\PFRO.log
2014-07-20 12:58 - 2014-07-20 12:58 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Apple Computer
2014-07-20 12:57 - 2014-07-20 12:57 - 00001743 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\Program Files\iTunes
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\Program Files\iPod
2014-07-20 12:57 - 2014-07-20 12:57 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-20 12:56 - 2014-07-20 12:56 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Apple
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Program Files\Bonjour
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-07-20 12:56 - 2014-07-20 12:56 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-07-20 12:56 - 2014-07-20 12:55 - 00000000 ____D () C:\ProgramData\Apple
2014-07-20 12:55 - 2014-07-20 12:54 - 113509200 _____ (Apple Inc.) C:\Users\kaseycs\Downloads\iTunes64Setup.exe
2014-07-20 12:53 - 2014-07-20 12:52 - 111992144 _____ (Apple Inc.) C:\Users\kaseycs\Downloads\iTunesSetup.exe
2014-07-20 12:38 - 2014-07-20 12:34 - 00000396 __RSH () C:\ProgramData\ntuser.pol
2014-07-20 12:36 - 2014-07-20 12:36 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\iConvertor
2014-07-20 12:34 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-20 12:33 - 2014-07-20 12:33 - 00613896 _____ () C:\Users\kaseycs\Downloads\setup (2).exe
2014-07-19 21:02 - 2014-07-17 17:21 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Mozilla
2014-07-19 21:02 - 2014-07-17 17:21 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Mozilla
2014-07-19 21:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-07-19 11:26 - 2009-07-14 01:08 - 00032652 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-18 23:54 - 2014-07-18 23:54 - 00001413 _____ () C:\Users\kaseycs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-18 23:54 - 2011-02-10 18:48 - 00000000 ____D () C:\Windows\Panther
2014-07-18 23:52 - 2014-07-18 23:47 - 00007583 _____ () C:\Windows\IE11_main.log
2014-07-18 22:35 - 2014-06-01 20:30 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\iolo
2014-07-18 19:11 - 2014-07-18 19:11 - 00284224 _____ (Mozilla) C:\Users\kaseycs\Downloads\Firefox Setup Stub 30.0 (1).exe
2014-07-18 17:48 - 2014-07-18 17:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-18 17:46 - 2013-07-31 18:18 - 00000000 ____D () C:\Windows\Minidump
2014-07-18 17:35 - 2009-07-14 00:45 - 05975632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-18 17:22 - 2014-07-17 22:09 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Adobe
2014-07-18 16:16 - 2013-06-25 20:31 - 00000000 ____D () C:\Update
2014-07-18 16:15 - 2014-07-18 16:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main
2014-07-18 16:15 - 2013-06-25 21:14 - 00000021 _____ () C:\Windows\Model.txt
2014-07-18 16:15 - 2013-06-04 05:01 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-18 16:15 - 2013-06-04 04:49 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-18 16:15 - 2013-06-04 04:43 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-07-18 16:14 - 2013-06-04 05:53 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayStation Tools
2014-07-18 16:14 - 2013-06-04 05:39 - 00000000 ____D () C:\Program Files\Sony
2014-07-18 16:10 - 2013-06-04 05:01 - 00014938 _____ () C:\Windows\system32\results.xml
2014-07-18 16:08 - 2013-06-04 04:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-07-18 16:04 - 2014-07-18 16:04 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-07-18 16:04 - 2013-06-04 04:56 - 00000000 ____D () C:\Windows\SysWOW64\sda
2014-07-18 16:01 - 2014-07-18 16:01 - 00003800 _____ () C:\Windows\System32\Tasks\VAIO Health Report
2014-07-18 16:01 - 2014-07-18 16:01 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VAIO Health Report
2014-07-18 16:00 - 2013-06-04 05:27 - 00000000 ____D () C:\Documentation
2014-07-18 15:53 - 2014-05-25 17:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-18 15:53 - 2011-03-14 22:36 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-18 15:53 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-18 15:53 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-18 15:52 - 2014-07-18 15:52 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-07-18 15:52 - 2013-06-04 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-18 15:51 - 2014-07-18 15:51 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\SystemRequirementsLab
2014-07-18 15:49 - 2013-07-31 19:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-18 15:46 - 2013-06-08 20:36 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-17 23:39 - 2013-06-04 05:03 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-17 23:34 - 2014-07-17 23:34 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\Oracle
2014-07-17 22:53 - 2014-07-17 22:52 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-17 22:53 - 2014-06-12 16:21 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-17 22:44 - 2013-06-04 03:31 - 00000000 ____D () C:\Windows\pss
2014-07-17 22:27 - 2013-07-03 22:43 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-17 22:27 - 2013-07-03 22:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-17 22:27 - 2013-07-03 22:43 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-17 22:16 - 2014-07-17 22:16 - 00002215 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-17 22:16 - 2014-07-17 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-17 22:16 - 2013-06-04 12:23 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-17 22:15 - 2014-05-17 11:01 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-17 22:15 - 2014-05-17 11:01 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-17 22:15 - 2013-06-04 12:23 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Deployment
2014-07-17 22:08 - 2014-07-17 19:25 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
2014-07-17 22:07 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-07-17 22:06 - 2014-07-17 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner Plus
2014-07-17 22:06 - 2013-06-06 21:46 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-17 22:06 - 2013-06-04 05:27 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-07-17 22:06 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-07-17 20:14 - 2014-07-17 19:25 - 00000434 _____ () C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - kaseycs).job
2014-07-17 19:25 - 2014-07-17 19:25 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\SlimWare Utilities Inc
2014-07-17 19:25 - 2014-07-17 19:25 - 00000000 ____D () C:\ProgramData\SlimWare Utilities Inc
2014-07-17 19:10 - 2014-06-01 20:30 - 00000000 ____D () C:\ProgramData\iolo
2014-07-17 17:53 - 2014-07-17 17:52 - 00895120 _____ (Google Inc.) C:\Users\kaseycs\Downloads\ChromeSetup (1).exe
2014-07-17 17:34 - 2014-07-17 17:34 - 00009514 _____ () C:\Windows\system32\bootdelete.lst
2014-07-17 17:34 - 2014-06-17 10:29 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-07-17 17:27 - 2014-07-17 17:27 - 00000000 ____D () C:\Users\kaseycs\AppData\Local\Macromedia
2014-07-17 17:21 - 2014-07-17 17:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-17 17:20 - 2014-07-17 17:20 - 00284224 _____ (Mozilla) C:\Users\kaseycs\Downloads\Firefox Setup Stub 30.0.exe
2014-07-17 17:16 - 2011-03-14 22:36 - 00000000 ____D () C:\Windows\ShellNew
2014-07-17 13:58 - 2014-07-17 13:57 - 00000000 ____D () C:\Users\kaseycs\Documents\Paystubs & W-2
2014-07-16 00:02 - 2014-07-16 00:02 - 41232452 _____ () C:\Users\kaseycs\Downloads\khadfield_100intheshade.zip
2014-07-15 20:54 - 2013-06-04 15:34 - 00000000 ____D () C:\Users\kaseycs\Documents\Insight Cable Manuals
2014-07-11 03:02 - 2014-07-17 22:53 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-17 22:53 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-17 22:53 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-17 22:53 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-10 13:56 - 2014-07-10 13:56 - 00007618 _____ () C:\Users\kaseycs\AppData\Local\Resmon.ResmonCfg
2014-07-08 15:52 - 2013-06-04 15:35 - 00000000 ____D () C:\Users\kaseycs\Documents\Outlook Files
2014-07-04 11:44 - 2014-07-04 11:44 - 00000000 _____ () C:\Windows\SysWOW64\shoFD38.tmp
2014-07-01 21:15 - 2014-06-18 22:42 - 00011142 _____ () C:\Users\kaseycs\Documents\Garage Sale.xlsx
 
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$5f5e8ccbb3d02372bc4b07b41c249e40
 
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-2525507361-3722342168-342951548-1005\$5f5e8ccbb3d02372bc4b07b41c249e40
 
Some content of TEMP:
====================
C:\Users\kaseycs\AppData\Local\Temp\GLF15F5.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF174C.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF18C3.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF19FB.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF37E.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF486A.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF4AFA.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF553.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF5A35.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF5C96.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF5D0.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF7534.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF78DD.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF8FB6.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF9275.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFBB86.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFC7A7.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFDA5C.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFDCFC.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFE055.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFE362.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFF8B5.EXE
C:\Users\kaseycs\AppData\Local\Temp\nsa4E80.exe
C:\Users\kaseycs\AppData\Local\Temp\nsf546A.exe
C:\Users\kaseycs\AppData\Local\Temp\nsl8415.exe
C:\Users\kaseycs\AppData\Local\Temp\nsm7800.exe
C:\Users\kaseycs\AppData\Local\Temp\nsq8AE9.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-28 01:59
 
==================== End Of Log ============================


#6 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:38 AM

Posted 31 July 2014 - 03:41 PM

Hi Kaseycs

Why would you stop your Anti Virus program from running at startup?

MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

Please re-enable this again.
Click Start >> type into search box msconfig
Under the Program section click on msconfig.
Click the Startup tab and re-enable msseces.exe


Step 1
Please download the attached fixlist.txt file (bottom of this post) and save it to C:\Users\kaseycs\Downloads.
NOTE.
It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Re-run FRST/FRST64 (which ever is installed ) and press the Fix button just once and wait.

frstfix_zps7db0c905.png

The tool will make a log in the Download folder (Fixlog.txt). Please post this in your next reply.


Step 2
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. A malicious site could render Java content under older, vulnerable versions of Sun's software if the user has not removed them. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) 8 Update 11 and save it to your desktop.
  • Scroll down to where it says "Java SE 8 Update 11".
  • Click the "Download JRE " button.
  • Accept the license agreement.
  • select 'Windows x64.exe' from the list.
  • Save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
    .
    Java 7 Update 60
    .
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on downloaded icon to install the newest version.
Step 3
  • Download Malwarebytes Anti-Malware Free and save it to your desktop
  • Double click the desktop icon, click Run, then OK
  • Click Next
  • Select I accept the agreement then continue to click Next then finally click Install
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.... (i recommend that you UNtick this option )
  • Click Finish
  • If you are notified the Database is out of date click Update Now

    mbamnew_zpsdc989cc1.png
  • Click Scan Now >>
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
.

(Copy to clipboard for pasting into forum replies)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab >> Application Logs.

    mbamapplog_zps222887ef.png
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'

    mbamhis_zps7bfe6503.png
  • Paste the contents of the clipboard into your reply.
In your next reply, please submit:
Fixlog.txt
MBAM scan report


Thanks.

Attached Files


Edited by Starbuck, 31 July 2014 - 03:44 PM.

BBPP6nz.png


#7 Kaseycs

Kaseycs
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:38 AM

Posted 31 July 2014 - 05:15 PM

 Malwarebytes Anti-Malware

www.malwarebytes.org
 
Scan Date: 7/31/2014
Scan Time: 5:46:06 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.07.31.08
Rootkit Database: v2014.07.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: kaseycs
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 306526
Time Elapsed: 13 min, 54 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 3
PUP.Optional.SweetPacks.A, HKLM\SOFTWARE\Updater By SweetPacks, Quarantined, [247d524e215a0d29a7ea1bf96f959d63], 
PUP.Optional.SweetPacks.A, HKLM\SOFTWARE\WOW6432NODE\Updater By SweetPacks, Quarantined, [adf490107efd80b6424fe03432d224dc], 
PUP.Optional.ReMarkable.A, HKU\S-1-5-21-2525507361-3722342168-342951548-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Re_Markable, Quarantined, [cbd608985922b77f01d8806bca38bd43], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 85
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\native, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\native\libs, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\adapter, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\abstractbutton, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\abstractbutton\background, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\alert, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\alert\background, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\embedhtml, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\embedhtml\background, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\embedhtml\html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\embedhtml\js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\embedscript, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\embedscript\background, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\embedscript\html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\embedscript\js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\flare, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\flare\background, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\flare\icons, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\generic, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\generic\background, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\link, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\link\background, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\menu, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\menu\background, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\menu\css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\menu\html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\menu\images, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\menu\js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\rss, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\rss\background, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\thirdparty, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\thirdparty\background, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\uninstall, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\uninstall\background, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\weather, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\weather\background, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\common, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\radio, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\radio\css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\radio\js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\rss, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\rss\js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\test, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\topapps, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\topapps\css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\topapps\js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\weather, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\weather\css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\weather\js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\api, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\api\background, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\api\window, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\defaultSearch, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\defaultSearch\background, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\defaultSearch\foreground, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\moviereviews, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\moviereviews\background, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\moviereviews\css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\moviereviews\html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\moviereviews\js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\radio, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\radio\background, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\radio\css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\radio\foreground, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\radio\radioWrapper, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\search, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\search\background, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\search\html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\supertab, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\supertab\css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\supertab\html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\supertab\js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\icons, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\images, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\shared, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\_metadata, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
 
Files: 202
PUP.Optional.SweetIM, C:\Windows\Installer\177c7e.msi, Quarantined, [1d84435d700bb1851dca79669d6709f7], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_njienacjggibaeolcbbjfnigbojkcggj_0.localstorage, Quarantined, [821f366a6912cb6b1cb162c81aeadb25], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_njienacjggibaeolcbbjfnigbojkcggj_0.localstorage-journal, Quarantined, [257c663a3a4104327954f238a55f0000], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mywebface.dl.tb.ask.com_0.localstorage, Quarantined, [6d34b1ef671415210cc247e3a85cb848], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mywebface.dl.tb.ask.com_0.localstorage-journal, Quarantined, [4061d0d0cbb0072ff3db969433d1a15f], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\buildVars.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\config.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\contentScript.css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\contentScript.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\extension_toolbar_api.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\initWidgetWindow.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\manifest.json, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\options.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\spent.css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\spent.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\spent.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\superFrame.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\toolbar.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\toolbar.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\toolbarUI.css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\toolbarUI.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\toolbarUI.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\native\ce.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\native\ss.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\native\libs\jquery-1.7.1.min.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\native\libs\jquery-1.9.1.min.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\adapter\adapterUtil.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\adapter\widget-adapter.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\abstractbutton\background\abstractButton.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\alert\background\alertButton.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\embedhtml\background\embedHtmlWidget.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\embedhtml\html\embedHtmlTemplate.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\embedhtml\html\innerEmbedHtmlTemplate.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\embedhtml\js\embedHtmlUI.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\embedscript\background\embedScriptWidget.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\embedscript\html\embedScriptTemplate.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\embedscript\html\innerEmbedScriptTemplate.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\embedscript\js\embedScriptUI.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\flare\background\FlareWidget.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\flare\icons\Icon_Flare_blue.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\flare\icons\Icon_Flare_pink.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\flare\icons\Thumbs.db, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\generic\background\GenericWidget.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\link\background\linkButton.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\menu\README.txt, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\menu\background\menuButton.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\menu\css\menuframe.css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\menu\html\menuframe.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\menu\images\right_arrow.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\menu\images\right_arrow_white.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\menu\js\jquery-1.7.1.min.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\menu\js\menuframe.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\menu\js\query-string.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\menu\js\underscore-1.3.1.min.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\rss\background\RssWidget.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\thirdparty\background\thirdPartyWidget.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\uninstall\background\uninstallButton.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\components\weather\background\weatherButton.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\js\blacklistService.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\js\common.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\js\dynamic.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\js\enableDetect.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\js\eventListening.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\js\global.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\js\jquery-1.7.1.min.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\js\list-interaction.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\js\messageEventListener.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\js\navRedirector.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\js\paramReplacer.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\js\PartnerId.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\js\set.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\js\underscore-1.3.1.min.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\js\underscore-1.5.2.min.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\js\unifiedLogging.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widget-context-1.0.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\common\common.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\common\eventListening.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\common\jquery-1.7.1.min.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\common\list-interaction.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\common\set.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\common\underscore-1.3.1.min.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\radio\radio-widget.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\radio\css\radio-widget.css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\radio\js\radio-custom.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\radio\js\radio-parser.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\radio\js\radio-widget-ui.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\radio\js\radio-widget.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\rss\rssWidget.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\rss\js\rss-widget-custom.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\rss\js\rss-widget-parse.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\rss\js\rss-widget.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\test\invalid.json, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\test\jquery.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\test\qunit.css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\test\qunit.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\test\resource.json, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\test\resource.xml, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\test\testWidget.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\test\testWidget.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\topapps\widget.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\topapps\css\widget.css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\topapps\js\nanigans-topapps-feed.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\topapps\js\topapps-config.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\topapps\js\widget.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\weather\weatherButton.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\weather\css\weatherButton.css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\common\widget-api\widgets\weather\js\weather.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\api\background\ApiBasedWidget.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\api\background\widget-api-impl.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\api\window\hiddenWidgetWindow.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\api\window\hiddenWidgetWindow.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\api\window\hiddenWidgetWindowInit.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\api\window\widgetWindow.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\api\window\widgetWindow.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\defaultSearch\background\updateSearch.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\defaultSearch\background\updateSearchPromptBg.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\defaultSearch\foreground\07_buttons2.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\defaultSearch\foreground\08_buttons2.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\defaultSearch\foreground\defaultSearchModal.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\defaultSearch\foreground\defaultSearchModalInjector.css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\defaultSearch\foreground\defaultSearchModalInjector.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\defaultSearch\foreground\tvf_btn_ok.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\defaultSearch\foreground\tvf_btn_ok2.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\defaultSearch\foreground\tvf_restart_alert_icon.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\defaultSearch\foreground\tvf_restart_icon.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\defaultSearch\foreground\updateSearchPromptFg.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\moviereviews\background\MovieReviewsWidget.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\moviereviews\css\movieReviews.css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\moviereviews\html\movieReviews.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\moviereviews\js\movieReviews.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\radio\background\RadioWidget.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\radio\css\toolbar-item.css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\radio\foreground\button.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\radio\radioWrapper\radioWrapper.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\radio\radioWrapper\radioWrapper.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\search\background\searchBox.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\search\html\searchSuggestions.css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\search\html\searchSuggestions.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\search\html\searchSuggestions.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\search\html\searchSuggestionsInit.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\supertab\css\supertab.css, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\supertab\html\supertab.html, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\supertab\js\newtabfork.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\supertab\js\reporting.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\supertab\js\srchsugg.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\supertab\js\supertab.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\supertab\js\unifiedLogging.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\components\supertab\js\__utm.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\icons\arrowSprite.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\icons\icon128.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\icons\icon16.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\icons\icon19disabled.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\icons\icon19on.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\icons\icon48.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\icons\tb_icon_search_disappearing_ask.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\images\222161866.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\images\222161867.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\images\222161882.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\images\222161893.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\images\222161894.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\images\222161895.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\images\222161897.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\images\222161911.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\images\down_arrow.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\images\IDR_PRODUCT_LOGO_16.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\images\IDR_WEBSTORE_ICON.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\images\magnifying_glass.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\images\RadioPlayerSprite.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\images\search_button.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\images\tvf_icon_guide.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\images\tvf_logo.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\images\wrench.png, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\options.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\chromeUtils.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\exeManager.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\exePackageManager.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\focusManager.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\globalBlacklistManager.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\messaging.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\mutation_summary-min.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\mutation_summary.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\newTabInfo.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\newTabInitialize.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\readLocalStorage.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\reservespacefortoolbar.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\reservespaceifenabled.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\scriptInjector.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\searchContext.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\settingsOverrides.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\toolbarCookieParser.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\toolbarPreinit.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\underscore-1.3.1.min.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\URILoaderContentScript.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\Widget.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\widgetFactory.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\js\widgetWindowManager.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\shared\HttpURL.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\shared\rsvp-latest.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\shared\unifiedLogging.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\shared\universalConsole.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\shared\utils.js, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
PUP.Optional.MindSpark.A, C:\Users\kaseycs\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj\10.82.4.29509_0\_metadata\verified_contents.json, Quarantined, [7b26d1cfb7c40234eb0f912640c2fe02], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
 
 
I cannot find a way to attach the FIXLOG File so I am copying and pasting below
 
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-07-2014 02
Ran by kaseycs at 2014-07-31 17:20:21 Run:1
Running from C:\Users\kaseycs\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
HKLM-x32\...\Run: [] => [X]
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox]  ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-2525507361-3722342168-342951548-1005\...\Policies\Explorer: [TaskbarNoThumbnail] 0
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {637870FF-1496-4C52-9FD5-85D8CEBBBF4E} URL = http://search.rr.com/#web/{searchTerms}/1/
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [176624 2014-02-13] (Coupons.com Inc.)
2014-07-25 23:49 - 2014-07-25 23:49 - 00000000 _____ () C:\Windows\SysWOW64\shoA8DF.tmp
2014-07-04 11:44 - 2014-07-04 11:44 - 00000000 _____ () C:\Windows\SysWOW64\shoFD38.tmp
2014-07-27 20:22 - 2013-11-14 20:17 - 00000000 ____D () C:\Program Files (x86)\Coupons
2014-07-18 22:35 - 2014-06-01 20:30 - 00000000 ____D () C:\Users\kaseycs\AppData\Roaming\iolo
2014-07-17 19:10 - 2014-06-01 20:30 - 00000000 ____D () C:\ProgramData\iolo
C:\$Recycle.Bin\S-1-5-18\$5f5e8ccbb3d02372bc4b07b41c249e40
C:\$Recycle.Bin\S-1-5-21-2525507361-3722342168-342951548-1005\$5f5e8ccbb3d02372bc4b07b41c249e40
C:\Users\kaseycs\AppData\Local\Temp\GLF15F5.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF174C.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF18C3.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF19FB.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF37E.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF486A.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF4AFA.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF553.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF5A35.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF5C96.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF5D0.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF7534.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF78DD.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF8FB6.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLF9275.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFBB86.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFC7A7.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFDA5C.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFDCFC.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFE055.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFE362.EXE
C:\Users\kaseycs\AppData\Local\Temp\GLFF8B5.EXE
C:\Users\kaseycs\AppData\Local\Temp\nsa4E80.exe
C:\Users\kaseycs\AppData\Local\Temp\nsf546A.exe
C:\Users\kaseycs\AppData\Local\Temp\nsl8415.exe
C:\Users\kaseycs\AppData\Local\Temp\nsm7800.exe
C:\Users\kaseycs\AppData\Local\Temp\nsq8AE9.exe
Task: {88625652-AE53-40E3-9F8C-4DB8284B15A0} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
C:\Program Files (x86)\Desk 365
Hosts:
CMD: ipconfig /flushdns
Reboot:
 
 
 
 
 
 
 
*****************
 
[8136] C:\Program Files (x86)\Coupons\CouponPrinterService.exe => Process closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32\\Default => Value was restored successfully.
HKU\S-1-5-21-2525507361-3722342168-342951548-1005\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoThumbnail => value deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" => Key deleted successfully.
"HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{637870FF-1496-4C52-9FD5-85D8CEBBBF4E}" => Key deleted successfully.
"HKCR\CLSID\{637870FF-1496-4C52-9FD5-85D8CEBBBF4E}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
"HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin" => Key deleted successfully.
C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll not found.
HKLM\Software\Mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} => value deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
CouponPrinterService => Service stopped successfully.
CouponPrinterService => Service deleted successfully.
C:\Windows\SysWOW64\shoA8DF.tmp => Moved successfully.
C:\Windows\SysWOW64\shoFD38.tmp => Moved successfully.
C:\Program Files (x86)\Coupons => Moved successfully.
C:\Users\kaseycs\AppData\Roaming\iolo => Moved successfully.
C:\ProgramData\iolo => Moved successfully.
C:\$Recycle.Bin\S-1-5-18\$5f5e8ccbb3d02372bc4b07b41c249e40 => Moved successfully.
C:\$Recycle.Bin\S-1-5-21-2525507361-3722342168-342951548-1005\$5f5e8ccbb3d02372bc4b07b41c249e40 => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLF15F5.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLF174C.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLF18C3.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLF19FB.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLF37E.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLF486A.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLF4AFA.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLF553.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLF5A35.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLF5C96.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLF5D0.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLF7534.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLF78DD.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLF8FB6.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLF9275.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLFBB86.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLFC7A7.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLFDA5C.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLFDCFC.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLFE055.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLFE362.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\GLFF8B5.EXE => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\nsa4E80.exe => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\nsf546A.exe => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\nsl8415.exe => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\nsm7800.exe => Moved successfully.
C:\Users\kaseycs\AppData\Local\Temp\nsq8AE9.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88625652-AE53-40E3-9F8C-4DB8284B15A0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88625652-AE53-40E3-9F8C-4DB8284B15A0}" => Key deleted successfully.
C:\Windows\System32\Tasks\Desk 365 RunAsStdUser => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser" => Key deleted successfully.
"C:\Program Files (x86)\Desk 365" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
 
The system needed a reboot. 
 
==== End of Fixlog ====


#8 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:38 AM

Posted 31 July 2014 - 05:40 PM

Hi Kaseycs
 

I cannot find a way to attach the FIXLOG File so I am copying and pasting below

That is fine..... i prefer the reports copy/paste :)

Ok, things are beginning to look a lot better.

Step 1
Download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista/Win7, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.
Step 2
Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

Link 1
Link 2

CF_download_FF.gif


CF_download_rename.gif

This is an example, you may rename ComboFix to anything you want.Then:

Vista/Windows 7 users right-click and select Run As Administrator. on Combo-Fix.exe
  • Please follow any prompts
  • Note:
    Do not mouseclick combofix's window while it's running. That may cause it to stall


    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply

    Thanks

BBPP6nz.png


#9 Kaseycs

Kaseycs
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:38 AM

Posted 31 July 2014 - 07:24 PM

Here is the Combo Log

 

ComboFix 14-07-31.02 - kaseycs 07/31/2014  20:01:28.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.4044.1782 [GMT -4:00]
Running from: C:\Users\kaseycs\Desktop\Combo35K.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
 
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
 
 
C:\Users\kaseycs\AppData\Roaming\windows
 
 
(((((((((((((((((((((((((   Files Created from 2014-07-01 to 2014-08-01  )))))))))))))))))))))))))))))))
 
 
2014-08-01 00:11:20 . 2014-08-01 00:11:20 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-07-31 21:45:13 . 2014-07-31 22:03:15 122584 ----a-w- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-07-31 21:44:52 . 2014-05-12 11:26:10 63704 ----a-w- C:\Windows\system32\drivers\mwac.sys
2014-07-31 21:44:52 . 2014-05-12 11:26:00 91352 ----a-w- C:\Windows\system32\drivers\mbamchameleon.sys
2014-07-27 22:37:06 . 2014-07-27 22:37:06 -------- d-----w- C:\ProgramData\Malwarebytes
2014-07-27 22:30:58 . 2014-07-27 22:33:13 -------- d-----w- C:\AdwCleaner
2014-07-20 16:58:01 . 2014-07-27 03:00:49 -------- d-----w- C:\Users\kaseycs\AppData\Roaming\Apple Computer
2014-07-20 16:58:01 . 2014-07-20 16:58:01 -------- d-----w- C:\Users\kaseycs\AppData\Local\Apple Computer
2014-07-20 16:55:48 . 2014-07-20 16:56:22 -------- d-----w- C:\ProgramData\Apple
2014-07-20 16:36:44 . 2014-07-20 16:36:44 -------- d-----w- C:\Users\kaseycs\AppData\Local\iConvertor
2014-07-18 20:04:26 . 2012-03-12 04:08:08 340072 ----a-w- C:\Windows\system32\drivers\RtsPStor.sys
2014-07-18 20:04:20 . 2012-03-12 04:08:18 9888872 ----a-w- C:\Windows\SysWow64\RtsPStorIcon.dll
2014-07-18 20:04:17 . 2014-07-18 20:04:17 -------- d-----w- C:\Program Files (x86)\Realtek
2014-07-18 19:52:14 . 2014-07-18 19:52:15 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2014-07-18 19:51:51 . 2014-07-18 19:51:51 -------- d-----w- C:\Users\kaseycs\AppData\Roaming\SystemRequirementsLab
2014-07-18 19:42:46 . 2014-06-06 10:10:34 624128 ----a-w- C:\Windows\system32\qedit.dll
2014-07-18 19:41:12 . 2014-06-05 14:45:15 1460736 ----a-w- C:\Windows\system32\lsasrv.dll
2014-07-18 19:41:12 . 2014-06-05 14:26:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-07-18 19:41:12 . 2014-06-05 14:25:49 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-07-18 03:34:11 . 2014-07-18 03:34:11 -------- d-----w- C:\Users\kaseycs\AppData\Roaming\Oracle
2014-07-18 02:09:53 . 2014-07-18 21:22:04 -------- d-----w- C:\Users\kaseycs\AppData\Local\Adobe
2014-07-17 23:25:43 . 2014-07-17 23:25:43 -------- d-----w- C:\Users\kaseycs\AppData\Local\SlimWare Utilities Inc
2014-07-17 23:25:31 . 2014-07-17 23:25:31 -------- d-----w- C:\ProgramData\SlimWare Utilities Inc
2014-07-17 23:25:30 . 2014-07-18 02:08:18 -------- d-----w- C:\Program Files\SlimCleaner Plus
2014-07-17 21:27:01 . 2014-07-17 21:27:01 -------- d-----w- C:\Users\kaseycs\AppData\Local\Macromedia
2014-07-17 21:21:50 . 2014-07-20 01:02:04 -------- d-----w- C:\Users\kaseycs\AppData\Local\Mozilla
2014-07-17 20:58:51 . 2014-07-17 20:58:51 -------- d-----w- C:\Users\kaseycs\AppData\Local\Programs
.
 
 
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
 
2014-07-18 19:46:50 . 2013-06-09 00:36:07 96441528 ----a-w- C:\Windows\system32\MRT.exe
2014-07-18 02:27:11 . 2013-07-04 02:43:40 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-18 02:27:11 . 2013-07-04 02:43:40 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-07-17 21:34:47 . 2014-06-17 14:29:16 12872 ----a-w- C:\Windows\system32\bootdelete.exe
2014-06-02 00:30:41 . 2014-06-02 00:30:41 74703 ----a-w- C:\Windows\SysWow64\mfc45.dll
2014-06-02 00:29:43 . 2014-06-02 00:30:46 13792 ----a-w- C:\Windows\system32\drivers\semav6thermal64ro.sys
2014-05-23 23:27:57 . 2014-05-19 21:56:48 444912 ----a-w- C:\Windows\CouponPrinter.ocx
2014-05-23 23:27:56 . 2014-05-19 21:58:20 659440 ----a-w- C:\Windows\couponprinter_x64.ocx
2014-05-08 09:32:11 . 2014-06-17 03:34:39 3178496 ----a-w- C:\Windows\system32\rdpcorets.dll
2014-05-08 09:32:11 . 2014-06-17 03:34:39 16384 ----a-w- C:\Windows\system32\RdpGroupPolicyExtension.dll
 
 
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
 
 
*Note* empty entries & legit default entries are not shown 
REGEDIT4
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-05-16 15:58:18 213936]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 01:32:30 283160]
"ISBMgr.exe"="C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 18:47:02 2757312]
"PMBVolumeWatcher"="c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-27 07:55:42 648032]
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [2014-07-08 12:49:56 152392]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-06-17 01:27:12 224128]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ   autocheck autochk *\0bootdelete
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
 
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 DCDhcpService;DCDhcpService;C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe;C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [x]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\system32\DRIVERS\e1y60x64.sys;C:\Windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\system32\IEEtwCollector.exe;C:\Windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys;C:\Windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\Program Files\Microsoft Security Client\NisSrv.exe;c:\Program Files\Microsoft Security Client\NisSrv.exe [x]
R3 OlyCamComm;OLYMPUS USB Communication Device;C:\Windows\system32\DRIVERS\OlyCamComm.sys;C:\Windows\SYSNATIVE\DRIVERS\OlyCamComm.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys;C:\Windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys;C:\Windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USER_ESRV_SVC;User Energy Server Service;C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe;C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [x]
R3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [x]
S2 EpsonScanSvc;Epson Scanner Service;C:\Windows\system32\EscSvc64.exe;C:\Windows\SYSNATIVE\EscSvc64.exe [x]
S2 ESRV_SVC;Energy Server Service;C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]
S2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe;C:\Program Files\HitmanPro\hmpsched.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Oasis2Service;Oasis2Service;C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe;C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 regi;regi;C:\Windows\system32\drivers\regi.sys;C:\Windows\SYSNATIVE\drivers\regi.sys [x]
S2 SampleCollector;Intel® System Behavior Tracker Collector Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [x]
S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys;C:\Windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys;C:\Windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys;C:\Windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys;C:\Windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 semav6thermal64ro;semav6thermal64ro;C:\Windows\system32\drivers\semav6thermal64ro.sys;C:\Windows\SYSNATIVE\drivers\semav6thermal64ro.sys [x]
S3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\DRIVERS\SFEP.sys;C:\Windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
S3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys;C:\Windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys;C:\Windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys;C:\Windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys;C:\Windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe;C:\Program Files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update\vuagent.exe;C:\Program Files\Sony\VAIO Update\vuagent.exe [x]
 
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-18 02:16:31 1104200 ----a-w- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
 
Contents of the 'Scheduled Tasks' folder
 
2014-07-31 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-04 02:43:42 . 2014-07-18 02:27:11]
 
2014-07-31 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-18 02:15:55 . 2014-07-18 02:15:55]
 
2014-08-01 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-18 02:15:55 . 2014-07-18 02:15:55]
 
 
--------- X64 Entries -----------
 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-08-08 09:30:02 518784]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2011-08-08 20:30:52 167704]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2011-08-08 20:30:38 392472]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2011-08-08 20:30:46 416024]
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe" [2014-03-11 16:34:12 1271072]
 
------- Supplementary Scan -------
 
uLocal Page = C:\Windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = C:\Windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
 
- - - - ORPHANS REMOVED - - - -
 
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Coupon Printer for Windows5.0.0.9 - C:\Program Files (x86)\Coupons\uninstall.exe


#10 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:38 AM

Posted 01 August 2014 - 09:47 AM

Hi Kaseycs

Step 1
Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    tdss_1.jpg
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    tdss_2.jpg
  • Click the Start Scan button.

    tdss_3.jpg
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    tdss_4.jpg
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure SKIP is selected, then click Continue => Reboot now to finish the cleaning process.

    tdss_5.jpg
  • Note: Do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


Thanks

BBPP6nz.png


#11 Kaseycs

Kaseycs
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:38 AM

Posted 01 August 2014 - 11:21 AM

12:10:58.0912 0x0ac8  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
12:11:20.0783 0x0ac8  ============================================================
12:11:20.0783 0x0ac8  Current date / time: 2014/08/01 12:11:20.0783
12:11:20.0783 0x0ac8  SystemInfo:
12:11:20.0784 0x0ac8  
12:11:20.0784 0x0ac8  OS Version: 6.1.7601 ServicePack: 1.0
12:11:20.0784 0x0ac8  Product type: Workstation
12:11:20.0784 0x0ac8  ComputerName: WESTIE
12:11:20.0784 0x0ac8  UserName: kaseycs
12:11:20.0784 0x0ac8  Windows directory: C:\Windows
12:11:20.0784 0x0ac8  System windows directory: C:\Windows
12:11:20.0784 0x0ac8  Running under WOW64
12:11:20.0784 0x0ac8  Processor architecture: Intel x64
12:11:20.0784 0x0ac8  Number of processors: 4
12:11:20.0784 0x0ac8  Page size: 0x1000
12:11:20.0784 0x0ac8  Boot type: Normal boot
12:11:20.0785 0x0ac8  ============================================================
12:11:20.0960 0x0ac8  KLMD registered as C:\Windows\system32\drivers\91107096.sys
12:11:21.0533 0x0ac8  System UUID: {C829A1DB-9C86-0AEA-BFB3-55A1B66ABDFC}
12:11:22.0397 0x0ac8  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:11:22.0401 0x0ac8  ============================================================
12:11:22.0401 0x0ac8  \Device\Harddisk0\DR0:
12:11:22.0401 0x0ac8  MBR partitions:
12:11:22.0401 0x0ac8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14E2800, BlocksNum 0x32000
12:11:22.0401 0x0ac8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1514800, BlocksNum 0x49343000
12:11:22.0401 0x0ac8  ============================================================
12:11:22.0430 0x0ac8  C: <-> \Device\Harddisk0\DR0\Partition2
12:11:22.0430 0x0ac8  ============================================================
12:11:22.0430 0x0ac8  Initialize success
12:11:22.0430 0x0ac8  ============================================================
12:12:06.0793 0x1c98  ============================================================
12:12:06.0793 0x1c98  Scan started
12:12:06.0793 0x1c98  Mode: Manual; SigCheck; TDLFS; 
12:12:06.0793 0x1c98  ============================================================
12:12:06.0793 0x1c98  KSN ping started
12:12:09.0576 0x1c98  KSN ping finished: true
12:12:10.0030 0x1c98  ================ Scan system memory ========================
12:12:10.0030 0x1c98  System memory - ok
12:12:10.0032 0x1c98  ================ Scan services =============================
12:12:10.0201 0x1c98  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:12:10.0375 0x1c98  1394ohci - ok
12:12:10.0511 0x1c98  [ B33CF4DE909A5B30F526D82053A63C8E, ABF5BB962C038E545C18B96E686E072D780C907096C7BB341297AF31D3703ABD ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
12:12:10.0565 0x1c98  ABBYY.Licensing.FineReader.Sprint.9.0 - ok
12:12:10.0617 0x1c98  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
12:12:10.0658 0x1c98  ACDaemon - ok
12:12:10.0702 0x1c98  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:12:10.0740 0x1c98  ACPI - ok
12:12:10.0766 0x1c98  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:12:10.0844 0x1c98  AcpiPmi - ok
12:12:10.0918 0x1c98  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:12:10.0947 0x1c98  AdobeARMservice - ok
12:12:11.0050 0x1c98  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:12:11.0078 0x1c98  AdobeFlashPlayerUpdateSvc - ok
12:12:11.0115 0x1c98  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:12:11.0142 0x1c98  adp94xx - ok
12:12:11.0170 0x1c98  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:12:11.0191 0x1c98  adpahci - ok
12:12:11.0199 0x1c98  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:12:11.0215 0x1c98  adpu320 - ok
12:12:11.0245 0x1c98  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:12:11.0451 0x1c98  AeLookupSvc - ok
12:12:11.0513 0x1c98  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
12:12:11.0653 0x1c98  AFD - ok
12:12:11.0705 0x1c98  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:12:11.0734 0x1c98  agp440 - ok
12:12:11.0785 0x1c98  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:12:11.0873 0x1c98  ALG - ok
12:12:11.0904 0x1c98  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:12:11.0927 0x1c98  aliide - ok
12:12:11.0958 0x1c98  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:12:11.0971 0x1c98  amdide - ok
12:12:11.0996 0x1c98  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:12:12.0013 0x1c98  AmdK8 - ok
12:12:12.0018 0x1c98  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
12:12:12.0071 0x1c98  AmdPPM - ok
12:12:12.0099 0x1c98  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:12:12.0115 0x1c98  amdsata - ok
12:12:12.0123 0x1c98  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:12:12.0141 0x1c98  amdsbs - ok
12:12:12.0151 0x1c98  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:12:12.0162 0x1c98  amdxata - ok
12:12:12.0218 0x1c98  [ 12BFA9EC4B03CC16BB7D19BAA308AEF2, 83EE94308BBDE5FBFC9D863CB0C14AAD487DA0AF34FFA446CF9B4BE0A68254C7 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
12:12:12.0286 0x1c98  ApfiltrService - ok
12:12:12.0318 0x1c98  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:12:12.0492 0x1c98  AppID - ok
12:12:12.0524 0x1c98  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:12:12.0586 0x1c98  AppIDSvc - ok
12:12:12.0615 0x1c98  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:12:12.0707 0x1c98  Appinfo - ok
12:12:12.0796 0x1c98  [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:12:12.0822 0x1c98  Apple Mobile Device - ok
12:12:12.0857 0x1c98  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:12:12.0947 0x1c98  AppMgmt - ok
12:12:12.0983 0x1c98  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
12:12:13.0003 0x1c98  arc - ok
12:12:13.0011 0x1c98  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:12:13.0025 0x1c98  arcsas - ok
12:12:13.0053 0x1c98  [ C130BC4A51B1382B2BE8E44579EC4C0A, CC1FD33ED7CAD87A504D8678F8482CAECACD18C727BB97FFB86F39255563EEF2 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
12:12:13.0063 0x1c98  ArcSoftKsUFilter - ok
12:12:13.0165 0x1c98  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:12:13.0223 0x1c98  aspnet_state - ok
12:12:13.0255 0x1c98  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:12:13.0340 0x1c98  AsyncMac - ok
12:12:13.0404 0x1c98  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:12:13.0416 0x1c98  atapi - ok
12:12:13.0555 0x1c98  [ A5E770426D18F8EF332A593F3289DA91, 87AC97758618765814B630CB1A189CD690DC6B0EAAE93D80EDE7771FB362C9AF ] athr            C:\Windows\system32\DRIVERS\athrx.sys
12:12:13.0697 0x1c98  athr - ok
12:12:13.0772 0x1c98  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:12:13.0840 0x1c98  AudioEndpointBuilder - ok
12:12:13.0861 0x1c98  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:12:13.0916 0x1c98  AudioSrv - ok
12:12:13.0926 0x1c98  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:12:14.0040 0x1c98  AxInstSV - ok
12:12:14.0114 0x1c98  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
12:12:14.0196 0x1c98  b06bdrv - ok
12:12:14.0226 0x1c98  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:12:14.0267 0x1c98  b57nd60a - ok
12:12:14.0300 0x1c98  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:12:14.0382 0x1c98  BDESVC - ok
12:12:14.0426 0x1c98  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:12:14.0514 0x1c98  Beep - ok
12:12:14.0560 0x1c98  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:12:14.0659 0x1c98  BFE - ok
12:12:14.0743 0x1c98  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
12:12:14.0819 0x1c98  BITS - ok
12:12:14.0830 0x1c98  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:12:14.0857 0x1c98  blbdrive - ok
12:12:14.0963 0x1c98  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:12:14.0988 0x1c98  Bonjour Service - ok
12:12:15.0018 0x1c98  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:12:15.0106 0x1c98  bowser - ok
12:12:15.0143 0x1c98  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
12:12:15.0178 0x1c98  BrFiltLo - ok
12:12:15.0183 0x1c98  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
12:12:15.0224 0x1c98  BrFiltUp - ok
12:12:15.0265 0x1c98  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
12:12:15.0343 0x1c98  BridgeMP - ok
12:12:15.0392 0x1c98  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:12:15.0500 0x1c98  Browser - ok
12:12:15.0534 0x1c98  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:12:15.0597 0x1c98  Brserid - ok
12:12:15.0618 0x1c98  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:12:15.0667 0x1c98  BrSerWdm - ok
12:12:15.0672 0x1c98  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:12:15.0700 0x1c98  BrUsbMdm - ok
12:12:15.0705 0x1c98  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:12:15.0723 0x1c98  BrUsbSer - ok
12:12:15.0761 0x1c98  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:12:15.0803 0x1c98  BTHMODEM - ok
12:12:15.0835 0x1c98  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:12:15.0918 0x1c98  bthserv - ok
12:12:15.0948 0x1c98  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:12:16.0039 0x1c98  cdfs - ok
12:12:16.0080 0x1c98  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:12:16.0114 0x1c98  cdrom - ok
12:12:16.0152 0x1c98  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:12:16.0208 0x1c98  CertPropSvc - ok
12:12:16.0232 0x1c98  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
12:12:16.0261 0x1c98  circlass - ok
12:12:16.0291 0x1c98  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:12:16.0313 0x1c98  CLFS - ok
12:12:16.0391 0x1c98  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:12:16.0413 0x1c98  clr_optimization_v2.0.50727_32 - ok
12:12:16.0474 0x1c98  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:12:16.0500 0x1c98  clr_optimization_v2.0.50727_64 - ok
12:12:16.0559 0x1c98  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:12:16.0665 0x1c98  clr_optimization_v4.0.30319_32 - ok
12:12:16.0701 0x1c98  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:12:16.0741 0x1c98  clr_optimization_v4.0.30319_64 - ok
12:12:16.0761 0x1c98  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:12:16.0804 0x1c98  CmBatt - ok
12:12:16.0854 0x1c98  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:12:16.0881 0x1c98  cmdide - ok
12:12:16.0930 0x1c98  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
12:12:16.0963 0x1c98  CNG - ok
12:12:17.0074 0x1c98  [ 61F989B3E4C097DE52330BA00FCBCB67, DA993855B07D6BD9B87CEC468835304A307B66A4AB9667E1C814789644E334DC ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
12:12:17.0145 0x1c98  CnxtHdAudService - ok
12:12:17.0169 0x1c98  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:12:17.0180 0x1c98  Compbatt - ok
12:12:17.0186 0x1c98  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:12:17.0233 0x1c98  CompositeBus - ok
12:12:17.0237 0x1c98  COMSysApp - ok
12:12:17.0257 0x1c98  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:12:17.0270 0x1c98  crcdisk - ok
12:12:17.0304 0x1c98  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:12:17.0388 0x1c98  CryptSvc - ok
12:12:17.0449 0x1c98  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
12:12:17.0535 0x1c98  CSC - ok
12:12:17.0600 0x1c98  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
12:12:17.0652 0x1c98  CscService - ok
12:12:17.0783 0x1c98  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:12:17.0820 0x1c98  cvhsvc - ok
12:12:17.0940 0x1c98  [ 75E3C4BB1ED032310EDCF5691A452B4B, E7FDF778CBD347017A84EB3919C530ED1EACB22277F3EA3B6FF3EA45D9FE8A6D ] DCDhcpService   C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
12:12:18.0022 0x1c98  DCDhcpService - detected UnsignedFile.Multi.Generic ( 1 )
12:12:18.0109 0x1c98  DCDhcpService ( UnsignedFile.Multi.Generic ) - warning
12:12:21.0078 0x1c98  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:12:21.0188 0x1c98  DcomLaunch - ok
12:12:21.0240 0x1c98  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:12:21.0331 0x1c98  defragsvc - ok
12:12:21.0373 0x1c98  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:12:21.0431 0x1c98  DfsC - ok
12:12:21.0463 0x1c98  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:12:21.0579 0x1c98  Dhcp - ok
12:12:21.0610 0x1c98  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:12:21.0711 0x1c98  discache - ok
12:12:21.0734 0x1c98  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
12:12:21.0753 0x1c98  Disk - ok
12:12:21.0787 0x1c98  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:12:21.0869 0x1c98  Dnscache - ok
12:12:21.0914 0x1c98  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:12:22.0025 0x1c98  dot3svc - ok
12:12:22.0053 0x1c98  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:12:22.0117 0x1c98  DPS - ok
12:12:22.0165 0x1c98  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:12:22.0195 0x1c98  drmkaud - ok
12:12:22.0272 0x1c98  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:12:22.0319 0x1c98  DXGKrnl - ok
12:12:22.0404 0x1c98  [ 50AD8FC1DC800FF36087994C8F7FDFF2, E3DA8DCE76599E0E1F0D80AA1483D6BECFE0F7242147D986A6AF3A4362FC2C80 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
12:12:22.0447 0x1c98  e1yexpress - ok
12:12:22.0491 0x1c98  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:12:22.0608 0x1c98  EapHost - ok
12:12:22.0777 0x1c98  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
12:12:22.0921 0x1c98  ebdrv - ok
12:12:22.0967 0x1c98  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
12:12:23.0089 0x1c98  EFS - ok
12:12:23.0163 0x1c98  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:12:23.0291 0x1c98  ehRecvr - ok
12:12:23.0312 0x1c98  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:12:23.0400 0x1c98  ehSched - ok
12:12:23.0482 0x1c98  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:12:23.0521 0x1c98  elxstor - ok
12:12:23.0619 0x1c98  [ 1E0764A8A8F39BAAEB271DA597422584, 0FEC21BF69925496E11DCDBB3409F63C0F7970FF2B68391CD6E3EF6F566FD2A3 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
12:12:23.0652 0x1c98  EpsonCustomerParticipation - ok
12:12:23.0685 0x1c98  [ 20ECD0A490A121CB34F553FAD1DBBD39, 17C9DA33E78FBC7582B0AA53C611929B80FBBE1343B84A179D515B51C964D218 ] EpsonScanSvc    C:\Windows\system32\EscSvc64.exe
12:12:23.0699 0x1c98  EpsonScanSvc - ok
12:12:23.0720 0x1c98  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:12:23.0781 0x1c98  ErrDev - ok
12:12:23.0862 0x1c98  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:12:23.0942 0x1c98  EventSystem - ok
12:12:23.0978 0x1c98  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:12:24.0021 0x1c98  exfat - ok
12:12:24.0060 0x1c98  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:12:24.0127 0x1c98  fastfat - ok
12:12:24.0205 0x1c98  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:12:24.0315 0x1c98  Fax - ok
12:12:24.0352 0x1c98  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
12:12:24.0429 0x1c98  fdc - ok
12:12:24.0466 0x1c98  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:12:24.0562 0x1c98  fdPHost - ok
12:12:24.0591 0x1c98  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:12:24.0628 0x1c98  FDResPub - ok
12:12:24.0653 0x1c98  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:12:24.0666 0x1c98  FileInfo - ok
12:12:24.0684 0x1c98  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:12:24.0737 0x1c98  Filetrace - ok
12:12:24.0751 0x1c98  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
12:12:24.0764 0x1c98  flpydisk - ok
12:12:24.0793 0x1c98  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:12:24.0813 0x1c98  FltMgr - ok
12:12:24.0906 0x1c98  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:12:25.0023 0x1c98  FontCache - ok
12:12:25.0079 0x1c98  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:12:25.0104 0x1c98  FontCache3.0.0.0 - ok
12:12:25.0117 0x1c98  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:12:25.0134 0x1c98  FsDepends - ok
12:12:25.0161 0x1c98  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:12:25.0173 0x1c98  Fs_Rec - ok
12:12:25.0202 0x1c98  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:12:25.0223 0x1c98  fvevol - ok
12:12:25.0264 0x1c98  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:12:25.0277 0x1c98  gagp30kx - ok
12:12:25.0322 0x1c98  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:12:25.0345 0x1c98  GEARAspiWDM - ok
12:12:25.0418 0x1c98  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:12:25.0497 0x1c98  gpsvc - ok
12:12:25.0581 0x1c98  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:12:25.0611 0x1c98  gupdate - ok
12:12:25.0635 0x1c98  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:12:25.0651 0x1c98  gupdatem - ok
12:12:25.0686 0x1c98  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:12:25.0785 0x1c98  hcw85cir - ok
12:12:25.0805 0x1c98  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:12:25.0856 0x1c98  HdAudAddService - ok
12:12:25.0887 0x1c98  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:12:25.0922 0x1c98  HDAudBus - ok
12:12:25.0927 0x1c98  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
12:12:25.0950 0x1c98  HidBatt - ok
12:12:25.0994 0x1c98  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:12:26.0042 0x1c98  HidBth - ok
12:12:26.0054 0x1c98  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:12:26.0078 0x1c98  HidIr - ok
12:12:26.0112 0x1c98  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
12:12:26.0176 0x1c98  hidserv - ok
12:12:26.0203 0x1c98  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
12:12:26.0259 0x1c98  HidUsb - ok
12:12:26.0326 0x1c98  [ EA100E56171D4BBA8E4D0B37745E985F, 4D12C232201F7BA88821809A75E3185B91DBD5017631E7BF4653CC9003179F4B ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
12:12:26.0352 0x1c98  HitmanProScheduler - ok
12:12:26.0395 0x1c98  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:12:26.0475 0x1c98  hkmsvc - ok
12:12:26.0503 0x1c98  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:12:26.0579 0x1c98  HomeGroupListener - ok
12:12:26.0627 0x1c98  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:12:26.0674 0x1c98  HomeGroupProvider - ok
12:12:26.0718 0x1c98  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:12:26.0750 0x1c98  HpSAMD - ok
12:12:26.0807 0x1c98  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:12:26.0888 0x1c98  HTTP - ok
12:12:26.0909 0x1c98  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:12:26.0920 0x1c98  hwpolicy - ok
12:12:26.0938 0x1c98  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:12:26.0954 0x1c98  i8042prt - ok
12:12:26.0991 0x1c98  [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
12:12:27.0012 0x1c98  iaStor - ok
12:12:27.0078 0x1c98  [ B25F192EA1F84A316EB7C19EFCCCF33D, 00BACE87CCA40722FF3AD7243439201CDCC23D0BA01E25F928BF63DA12816F8F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
12:12:27.0099 0x1c98  IAStorDataMgrSvc - ok
12:12:27.0164 0x1c98  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:12:27.0188 0x1c98  iaStorV - ok
12:12:27.0365 0x1c98  [ 3CC7B3BB1A9EA201A040883EDFAA67A0, F543A779BA8CBFD5E0B939844B9CB47A2C05A400C693635F520438C18FFDFAF1 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
12:12:27.0450 0x1c98  IconMan_R - ok
12:12:27.0540 0x1c98  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:12:27.0589 0x1c98  idsvc - ok
12:12:27.0618 0x1c98  IEEtwCollectorService - ok
12:12:28.0085 0x1c98  [ 0BD58366C86EF9DDC4F61AFED0CADA99, 2C4ADD577872DF0E9DE7664FA4293B8E335E18055E346B5BF644544840E420EF ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
12:12:28.0797 0x1c98  igfx - ok
12:12:28.0861 0x1c98  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:12:28.0887 0x1c98  iirsp - ok
12:12:28.0981 0x1c98  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:12:29.0064 0x1c98  IKEEXT - ok
12:12:29.0111 0x1c98  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
12:12:29.0161 0x1c98  IntcDAud - ok
12:12:29.0215 0x1c98  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:12:29.0244 0x1c98  intelide - ok
12:12:29.0290 0x1c98  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:12:29.0342 0x1c98  intelppm - ok
12:12:29.0391 0x1c98  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:12:29.0492 0x1c98  IPBusEnum - ok
12:12:29.0524 0x1c98  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:12:29.0569 0x1c98  IpFilterDriver - ok
12:12:29.0617 0x1c98  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] IpHlpSvc        C:\Windows\System32\iphlpsvc.dll
12:12:29.0690 0x1c98  IpHlpSvc - ok
12:12:29.0717 0x1c98  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:12:29.0780 0x1c98  IPMIDRV - ok
12:12:29.0806 0x1c98  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:12:29.0883 0x1c98  IPNAT - ok
12:12:29.0967 0x1c98  [ 0FA89CB1B99AD494CE36DD2DE717D696, 5B35B26C625306A7AD5A00FCAC46FD6D60061F1C8171352B5EF1C916A667AC92 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:12:29.0996 0x1c98  iPod Service - ok
12:12:30.0012 0x1c98  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:12:30.0030 0x1c98  IRENUM - ok
12:12:30.0044 0x1c98  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:12:30.0055 0x1c98  isapnp - ok
12:12:30.0105 0x1c98  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:12:30.0124 0x1c98  iScsiPrt - ok
12:12:30.0167 0x1c98  [ F415A88162D23977B5EDAE4F0410E903, B86FD88B4285ED96BFDB9430E4DB134AC1B09DBB541929C4D6C1EEAF792D444D ] IviRegMgr       C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
12:12:30.0193 0x1c98  IviRegMgr - ok
12:12:30.0216 0x1c98  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:12:30.0232 0x1c98  kbdclass - ok
12:12:30.0263 0x1c98  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
12:12:30.0303 0x1c98  kbdhid - ok
12:12:30.0334 0x1c98  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
12:12:30.0350 0x1c98  KeyIso - ok
12:12:30.0379 0x1c98  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:12:30.0396 0x1c98  KSecDD - ok
12:12:30.0439 0x1c98  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:12:30.0456 0x1c98  KSecPkg - ok
12:12:30.0481 0x1c98  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:12:30.0568 0x1c98  ksthunk - ok
12:12:30.0641 0x1c98  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:12:30.0737 0x1c98  KtmRm - ok
12:12:30.0783 0x1c98  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
12:12:30.0858 0x1c98  LanmanServer - ok
12:12:30.0882 0x1c98  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:12:30.0941 0x1c98  LanmanWorkstation - ok
12:12:30.0988 0x1c98  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:12:31.0070 0x1c98  lltdio - ok
12:12:31.0103 0x1c98  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:12:31.0163 0x1c98  lltdsvc - ok
12:12:31.0202 0x1c98  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:12:31.0239 0x1c98  lmhosts - ok
12:12:31.0301 0x1c98  [ 98B16E756243BEA9410E32025B19C06F, C4F8663FF4C2F1123CC92D88004090AD06ED12FCD07706AE168333A33B269A53 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:12:31.0341 0x1c98  LMS - ok
12:12:31.0375 0x1c98  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:12:31.0394 0x1c98  LSI_FC - ok
12:12:31.0421 0x1c98  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:12:31.0435 0x1c98  LSI_SAS - ok
12:12:31.0441 0x1c98  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:12:31.0455 0x1c98  LSI_SAS2 - ok
12:12:31.0463 0x1c98  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:12:31.0476 0x1c98  LSI_SCSI - ok
12:12:31.0492 0x1c98  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:12:31.0555 0x1c98  luafv - ok
12:12:31.0586 0x1c98  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:12:31.0602 0x1c98  Mcx2Svc - ok
12:12:31.0619 0x1c98  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:12:31.0631 0x1c98  megasas - ok
12:12:31.0664 0x1c98  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:12:31.0697 0x1c98  MegaSR - ok
12:12:31.0739 0x1c98  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
12:12:31.0762 0x1c98  MEIx64 - ok
12:12:31.0826 0x1c98  Microsoft SharePoint Workspace Audit Service - ok
12:12:31.0860 0x1c98  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:12:31.0951 0x1c98  MMCSS - ok
12:12:31.0990 0x1c98  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:12:32.0085 0x1c98  Modem - ok
12:12:32.0114 0x1c98  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:12:32.0152 0x1c98  monitor - ok
12:12:32.0183 0x1c98  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:12:32.0196 0x1c98  mouclass - ok
12:12:32.0206 0x1c98  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:12:32.0239 0x1c98  mouhid - ok
12:12:32.0277 0x1c98  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:12:32.0291 0x1c98  mountmgr - ok
12:12:32.0342 0x1c98  [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
12:12:32.0365 0x1c98  MpFilter - ok
12:12:32.0397 0x1c98  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:12:32.0412 0x1c98  mpio - ok
12:12:32.0457 0x1c98  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:12:32.0520 0x1c98  mpsdrv - ok
12:12:32.0573 0x1c98  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:12:32.0662 0x1c98  MpsSvc - ok
12:12:32.0710 0x1c98  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:12:32.0754 0x1c98  MRxDAV - ok
12:12:32.0796 0x1c98  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:12:32.0861 0x1c98  mrxsmb - ok
12:12:32.0898 0x1c98  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:12:32.0920 0x1c98  mrxsmb10 - ok
12:12:32.0944 0x1c98  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:12:32.0960 0x1c98  mrxsmb20 - ok
12:12:32.0995 0x1c98  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:12:33.0006 0x1c98  msahci - ok
12:12:33.0033 0x1c98  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:12:33.0048 0x1c98  msdsm - ok
12:12:33.0086 0x1c98  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:12:33.0114 0x1c98  MSDTC - ok
12:12:33.0154 0x1c98  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:12:33.0191 0x1c98  Msfs - ok
12:12:33.0208 0x1c98  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:12:33.0270 0x1c98  mshidkmdf - ok
12:12:33.0302 0x1c98  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:12:33.0313 0x1c98  msisadrv - ok
12:12:33.0345 0x1c98  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:12:33.0451 0x1c98  MSiSCSI - ok
12:12:33.0461 0x1c98  msiserver - ok
12:12:33.0478 0x1c98  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:12:33.0514 0x1c98  MSKSSRV - ok
12:12:33.0565 0x1c98  [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
12:12:33.0597 0x1c98  MsMpSvc - ok
12:12:33.0612 0x1c98  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:12:33.0661 0x1c98  MSPCLOCK - ok
12:12:33.0674 0x1c98  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:12:33.0733 0x1c98  MSPQM - ok
12:12:33.0779 0x1c98  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:12:33.0815 0x1c98  MsRPC - ok
12:12:33.0839 0x1c98  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:12:33.0850 0x1c98  mssmbios - ok
12:12:33.0878 0x1c98  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:12:33.0953 0x1c98  MSTEE - ok
12:12:33.0988 0x1c98  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
12:12:34.0008 0x1c98  MTConfig - ok
12:12:34.0037 0x1c98  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:12:34.0050 0x1c98  Mup - ok
12:12:34.0088 0x1c98  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:12:34.0167 0x1c98  napagent - ok
12:12:34.0200 0x1c98  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:12:34.0252 0x1c98  NativeWifiP - ok
12:12:34.0326 0x1c98  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:12:34.0365 0x1c98  NDIS - ok
12:12:34.0403 0x1c98  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:12:34.0466 0x1c98  NdisCap - ok
12:12:34.0481 0x1c98  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:12:34.0519 0x1c98  NdisTapi - ok
12:12:34.0530 0x1c98  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:12:34.0586 0x1c98  Ndisuio - ok
12:12:34.0611 0x1c98  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:12:34.0672 0x1c98  NdisWan - ok
12:12:34.0702 0x1c98  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:12:34.0741 0x1c98  NDProxy - ok
12:12:34.0760 0x1c98  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:12:34.0823 0x1c98  NetBIOS - ok
12:12:34.0855 0x1c98  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:12:34.0901 0x1c98  NetBT - ok
12:12:34.0922 0x1c98  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
12:12:34.0935 0x1c98  Netlogon - ok
12:12:34.0975 0x1c98  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:12:35.0050 0x1c98  Netman - ok
12:12:35.0113 0x1c98  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:12:35.0153 0x1c98  NetMsmqActivator - ok
12:12:35.0167 0x1c98  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:12:35.0188 0x1c98  NetPipeActivator - ok
12:12:35.0234 0x1c98  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:12:35.0310 0x1c98  netprofm - ok
12:12:35.0319 0x1c98  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:12:35.0335 0x1c98  NetTcpActivator - ok
12:12:35.0344 0x1c98  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:12:35.0359 0x1c98  NetTcpPortSharing - ok
12:12:35.0397 0x1c98  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:12:35.0410 0x1c98  nfrd960 - ok
12:12:35.0465 0x1c98  [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:12:35.0506 0x1c98  NisDrv - ok
12:12:35.0544 0x1c98  [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
12:12:35.0574 0x1c98  NisSrv - ok
12:12:35.0598 0x1c98  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:12:35.0642 0x1c98  NlaSvc - ok
12:12:35.0666 0x1c98  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:12:35.0703 0x1c98  Npfs - ok
12:12:35.0733 0x1c98  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:12:35.0788 0x1c98  nsi - ok
12:12:35.0824 0x1c98  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:12:35.0904 0x1c98  nsiproxy - ok
12:12:36.0045 0x1c98  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:12:36.0114 0x1c98  Ntfs - ok
12:12:36.0129 0x1c98  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:12:36.0165 0x1c98  Null - ok
12:12:36.0677 0x1c98  [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:12:37.0225 0x1c98  nvlddmkm - ok
12:12:37.0299 0x1c98  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:12:37.0316 0x1c98  nvraid - ok
12:12:37.0366 0x1c98  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:12:37.0384 0x1c98  nvstor - ok
12:12:37.0416 0x1c98  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:12:37.0433 0x1c98  nv_agp - ok
12:12:37.0490 0x1c98  [ 5B4E5D841B029EDF5FFB71E50C2D2C02, 8D90CAB2CB29F5FCA50A1404B517903AE25317E3ABD2F7DEFF5D8C6DBE9D77E9 ] Oasis2Service   C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
12:12:37.0519 0x1c98  Oasis2Service - detected UnsignedFile.Multi.Generic ( 1 )
12:12:37.0520 0x1c98  Oasis2Service ( UnsignedFile.Multi.Generic ) - warning
12:12:40.0390 0x1c98  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:12:40.0406 0x1c98  ohci1394 - ok
12:12:40.0446 0x1c98  [ FE8278BCF145404976D866D9A46E6BD8, ACDFE1AF5418330794B25CC9A0AA13D07898385889DFB10C5175C786BE025BDD ] OlyCamComm      C:\Windows\system32\DRIVERS\OlyCamComm.sys
12:12:40.0483 0x1c98  OlyCamComm - ok
12:12:40.0520 0x1c98  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:12:40.0537 0x1c98  ose - ok
12:12:40.0738 0x1c98  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:12:40.0951 0x1c98  osppsvc - ok
12:12:41.0019 0x1c98  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:12:41.0104 0x1c98  p2pimsvc - ok
12:12:41.0176 0x1c98  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:12:41.0209 0x1c98  p2psvc - ok
12:12:41.0259 0x1c98  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
12:12:41.0277 0x1c98  Parport - ok
12:12:41.0313 0x1c98  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:12:41.0327 0x1c98  partmgr - ok
12:12:41.0376 0x1c98  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:12:41.0443 0x1c98  PcaSvc - ok
12:12:41.0481 0x1c98  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:12:41.0507 0x1c98  pci - ok
12:12:41.0546 0x1c98  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:12:41.0564 0x1c98  pciide - ok
12:12:41.0602 0x1c98  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:12:41.0621 0x1c98  pcmcia - ok
12:12:41.0640 0x1c98  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:12:41.0652 0x1c98  pcw - ok
12:12:41.0689 0x1c98  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:12:41.0763 0x1c98  PEAUTH - ok
12:12:41.0879 0x1c98  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:12:42.0006 0x1c98  PeerDistSvc - ok
12:12:42.0091 0x1c98  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:12:42.0118 0x1c98  PerfHost - ok
12:12:42.0214 0x1c98  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:12:42.0315 0x1c98  pla - ok
12:12:42.0404 0x1c98  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:12:42.0491 0x1c98  PlugPlay - ok
12:12:42.0590 0x1c98  [ 63694C307273062A2167AE4CE80730EF, 788E762D02A8BE9802143361A5768364A994B20E769A9733FA5827F526432893 ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
12:12:42.0639 0x1c98  PMBDeviceInfoProvider - ok
12:12:42.0675 0x1c98  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:12:42.0712 0x1c98  PNRPAutoReg - ok
12:12:42.0752 0x1c98  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:12:42.0776 0x1c98  PNRPsvc - ok
12:12:42.0831 0x1c98  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:12:42.0895 0x1c98  PolicyAgent - ok
12:12:42.0943 0x1c98  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:12:43.0004 0x1c98  Power - ok
12:12:43.0037 0x1c98  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:12:43.0096 0x1c98  PptpMiniport - ok
12:12:43.0118 0x1c98  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
12:12:43.0148 0x1c98  Processor - ok
12:12:43.0206 0x1c98  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:12:43.0294 0x1c98  ProfSvc - ok
12:12:43.0322 0x1c98  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:12:43.0339 0x1c98  ProtectedStorage - ok
12:12:43.0377 0x1c98  [ 64E413BA0C529AA40C3924BBCC4153DB, 9E0EB02078EE250AC618D4A4537D54BACDD7E2B67349162CA61F35EAF91601EE ] ProtexisLicensing C:\Windows\SysWOW64\PSIService.exe
12:12:43.0412 0x1c98  ProtexisLicensing - detected UnsignedFile.Multi.Generic ( 1 )
12:12:43.0412 0x1c98  ProtexisLicensing ( UnsignedFile.Multi.Generic ) - warning
12:12:46.0341 0x1c98  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:12:46.0420 0x1c98  Psched - ok
12:12:46.0493 0x1c98  [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
12:12:46.0528 0x1c98  PSI_SVC_2 - ok
12:12:46.0639 0x1c98  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:12:46.0697 0x1c98  ql2300 - ok
12:12:46.0722 0x1c98  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:12:46.0737 0x1c98  ql40xx - ok
12:12:46.0774 0x1c98  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:12:46.0800 0x1c98  QWAVE - ok
12:12:46.0815 0x1c98  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:12:46.0849 0x1c98  QWAVEdrv - ok
12:12:46.0875 0x1c98  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:12:46.0936 0x1c98  RasAcd - ok
12:12:46.0970 0x1c98  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:12:47.0012 0x1c98  RasAgileVpn - ok
12:12:47.0038 0x1c98  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:12:47.0098 0x1c98  RasAuto - ok
12:12:47.0131 0x1c98  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:12:47.0170 0x1c98  Rasl2tp - ok
12:12:47.0199 0x1c98  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:12:47.0264 0x1c98  RasMan - ok
12:12:47.0297 0x1c98  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:12:47.0366 0x1c98  RasPppoe - ok
12:12:47.0395 0x1c98  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:12:47.0454 0x1c98  RasSstp - ok
12:12:47.0503 0x1c98  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:12:47.0578 0x1c98  rdbss - ok
12:12:47.0604 0x1c98  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:12:47.0638 0x1c98  rdpbus - ok
12:12:47.0663 0x1c98  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:12:47.0726 0x1c98  RDPCDD - ok
12:12:47.0789 0x1c98  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:12:47.0872 0x1c98  RDPDR - ok
12:12:47.0915 0x1c98  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:12:48.0008 0x1c98  RDPENCDD - ok
12:12:48.0050 0x1c98  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:12:48.0089 0x1c98  RDPREFMP - ok
12:12:48.0120 0x1c98  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:12:48.0195 0x1c98  RdpVideoMiniport - ok
12:12:48.0243 0x1c98  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:12:48.0281 0x1c98  RDPWD - ok
12:12:48.0316 0x1c98  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:12:48.0337 0x1c98  rdyboost - ok
12:12:48.0376 0x1c98  [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6, A0E808EA9A58FC99D694A9EBF1F7248B79CAA44D9E6E30A07CDEDBC72A8F3610 ] regi            C:\Windows\system32\drivers\regi.sys
12:12:48.0398 0x1c98  regi - ok
12:12:48.0448 0x1c98  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:12:48.0520 0x1c98  RemoteAccess - ok
12:12:48.0578 0x1c98  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:12:48.0656 0x1c98  RemoteRegistry - ok
12:12:48.0677 0x1c98  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:12:48.0716 0x1c98  RpcEptMapper - ok
12:12:48.0748 0x1c98  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:12:48.0762 0x1c98  RpcLocator - ok
12:12:48.0794 0x1c98  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:12:48.0846 0x1c98  RpcSs - ok
12:12:48.0887 0x1c98  [ EBBFA2B4E317AF86E93FEC4C04D7A9B3, 29480CCA0ACAB2D53D664042A0D7713247EDEBBBD4734783348669EFDE579CA9 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
12:12:48.0911 0x1c98  RSPCIESTOR - ok
12:12:48.0948 0x1c98  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:12:49.0017 0x1c98  rspndr - ok
12:12:49.0059 0x1c98  [ EA5532868BA76923D75BCB2A1448D810, C1489714C9BC95BB76134E6B8F28C5A3D044E9B2857F01BFEEEE7C8A25C74E7D ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:12:49.0081 0x1c98  RTL8167 - ok
12:12:49.0111 0x1c98  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
12:12:49.0124 0x1c98  SamSs - ok
12:12:49.0157 0x1c98  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:12:49.0171 0x1c98  sbp2port - ok
12:12:49.0211 0x1c98  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:12:49.0276 0x1c98  SCardSvr - ok
12:12:49.0316 0x1c98  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:12:49.0404 0x1c98  scfilter - ok
12:12:49.0464 0x1c98  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:12:49.0556 0x1c98  Schedule - ok
12:12:49.0596 0x1c98  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:12:49.0634 0x1c98  SCPolicySvc - ok
12:12:49.0670 0x1c98  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
12:12:49.0699 0x1c98  sdbus - ok
12:12:49.0739 0x1c98  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:12:49.0812 0x1c98  SDRSVC - ok
12:12:49.0837 0x1c98  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:12:49.0916 0x1c98  secdrv - ok
12:12:49.0946 0x1c98  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:12:49.0982 0x1c98  seclogon - ok
12:12:50.0034 0x1c98  [ 1ED7A8574A28357097A5CB4063C96B00, 4E248CA66B7DE930AEC501A85F507AB813FC3CEBCBA347DFF3B05CE6CB8E496B ] semav6thermal64ro C:\Windows\system32\drivers\semav6thermal64ro.sys
12:12:50.0089 0x1c98  semav6thermal64ro - ok
12:12:50.0118 0x1c98  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
12:12:50.0180 0x1c98  SENS - ok
12:12:50.0211 0x1c98  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:12:50.0291 0x1c98  SensrSvc - ok
12:12:50.0335 0x1c98  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
12:12:50.0361 0x1c98  Serenum - ok
12:12:50.0374 0x1c98  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
12:12:50.0407 0x1c98  Serial - ok
12:12:50.0415 0x1c98  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:12:50.0434 0x1c98  sermouse - ok
12:12:50.0496 0x1c98  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:12:50.0554 0x1c98  SessionEnv - ok
12:12:50.0601 0x1c98  [ 286D3889E6AB5589646FF8A63CB928AE, 98D9D34521328F4F0B0B7C2CAB97BA0EC998B9F3F996B5ED08E17292F1CD9452 ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
12:12:50.0657 0x1c98  SFEP - ok
12:12:50.0681 0x1c98  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:12:50.0722 0x1c98  sffdisk - ok
12:12:50.0753 0x1c98  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:12:50.0788 0x1c98  sffp_mmc - ok
12:12:50.0797 0x1c98  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:12:50.0824 0x1c98  sffp_sd - ok
12:12:50.0833 0x1c98  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:12:50.0861 0x1c98  sfloppy - ok
12:12:50.0940 0x1c98  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
12:12:50.0987 0x1c98  Sftfs - ok
12:12:51.0055 0x1c98  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:12:51.0083 0x1c98  sftlist - ok
12:12:51.0109 0x1c98  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:12:51.0129 0x1c98  Sftplay - ok
12:12:51.0155 0x1c98  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:12:51.0167 0x1c98  Sftredir - ok
12:12:51.0180 0x1c98  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
12:12:51.0191 0x1c98  Sftvol - ok
12:12:51.0219 0x1c98  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:12:51.0235 0x1c98  sftvsa - ok
12:12:51.0272 0x1c98  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:12:51.0345 0x1c98  SharedAccess - ok
12:12:51.0405 0x1c98  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:12:51.0497 0x1c98  ShellHWDetection - ok
12:12:51.0517 0x1c98  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:12:51.0529 0x1c98  SiSRaid2 - ok
12:12:51.0555 0x1c98  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:12:51.0568 0x1c98  SiSRaid4 - ok
12:12:51.0589 0x1c98  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:12:51.0642 0x1c98  Smb - ok
12:12:51.0694 0x1c98  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:12:51.0738 0x1c98  SNMPTRAP - ok
12:12:51.0837 0x1c98  [ DDF2EC98AF6FC70608A4F9CE4DB52758, A3F18822C9D0EE508CCAA5323937D631950320D9642C46FD93DB764A06A78F0D ] SOHCImp         C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
12:12:51.0977 0x1c98  SOHCImp - ok
12:12:51.0991 0x1c98  [ 5FA03F5EA6EFEF6D17B4A1A48C40A23C, E99AD063DA8E89ECD2993D1B1AAB346A3EB4E48D687E7378C03037DD00600BB8 ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
12:12:52.0046 0x1c98  SOHDs - ok
12:12:52.0134 0x1c98  [ 65E5659E9C2A0762D05657C0E22A7CA2, A6EE72878CFA901A94485C7BEC7675702ED207DB54F5A8ED70835B6A8A8F5754 ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
12:12:52.0169 0x1c98  SpfService - ok
12:12:52.0208 0x1c98  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:12:52.0219 0x1c98  spldr - ok
12:12:52.0267 0x1c98  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:12:52.0324 0x1c98  Spooler - ok
12:12:52.0508 0x1c98  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:12:52.0688 0x1c98  sppsvc - ok
12:12:52.0719 0x1c98  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:12:52.0759 0x1c98  sppuinotify - ok
12:12:52.0811 0x1c98  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:12:52.0865 0x1c98  srv - ok
12:12:52.0910 0x1c98  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:12:52.0963 0x1c98  srv2 - ok
12:12:52.0994 0x1c98  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:12:53.0013 0x1c98  srvnet - ok
12:12:53.0051 0x1c98  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:12:53.0145 0x1c98  SSDPSRV - ok
12:12:53.0178 0x1c98  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:12:53.0217 0x1c98  SstpSvc - ok
12:12:53.0262 0x1c98  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:12:53.0274 0x1c98  stexstor - ok
12:12:53.0320 0x1c98  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:12:53.0363 0x1c98  stisvc - ok
12:12:53.0392 0x1c98  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
12:12:53.0479 0x1c98  StorSvc - ok
12:12:53.0531 0x1c98  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:12:53.0547 0x1c98  swenum - ok
12:12:53.0627 0x1c98  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:12:53.0759 0x1c98  swprv - ok
12:12:53.0843 0x1c98  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:12:53.0941 0x1c98  SysMain - ok
12:12:53.0988 0x1c98  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:12:54.0027 0x1c98  TabletInputService - ok
12:12:54.0064 0x1c98  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:12:54.0115 0x1c98  TapiSrv - ok
12:12:54.0138 0x1c98  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:12:54.0179 0x1c98  TBS - ok
12:12:54.0296 0x1c98  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:12:54.0366 0x1c98  Tcpip - ok
12:12:54.0427 0x1c98  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:12:54.0489 0x1c98  TCPIP6 - ok
12:12:54.0530 0x1c98  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:12:54.0546 0x1c98  tcpipreg - ok
12:12:54.0580 0x1c98  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:12:54.0646 0x1c98  TDPIPE - ok
12:12:54.0676 0x1c98  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:12:54.0708 0x1c98  TDTCP - ok
12:12:54.0745 0x1c98  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:12:54.0791 0x1c98  tdx - ok
12:12:54.0815 0x1c98  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:12:54.0828 0x1c98  TermDD - ok
12:12:54.0882 0x1c98  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
12:12:54.0944 0x1c98  TermService - ok
12:12:54.0964 0x1c98  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:12:54.0984 0x1c98  Themes - ok
12:12:55.0013 0x1c98  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:12:55.0051 0x1c98  THREADORDER - ok
12:12:55.0073 0x1c98  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:12:55.0137 0x1c98  TrkWks - ok
12:12:55.0210 0x1c98  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:12:55.0265 0x1c98  TrustedInstaller - ok
12:12:55.0308 0x1c98  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:12:55.0359 0x1c98  tssecsrv - ok
12:12:55.0411 0x1c98  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:12:55.0479 0x1c98  TsUsbFlt - ok
12:12:55.0530 0x1c98  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
12:12:55.0548 0x1c98  TsUsbGD - ok
12:12:55.0594 0x1c98  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:12:55.0668 0x1c98  tunnel - ok
12:12:55.0702 0x1c98  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:12:55.0715 0x1c98  uagp35 - ok
12:12:55.0767 0x1c98  [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC, 30BD61BA46955BD6A48EC78538FAAB46026DD048347F8280352335EB0ECE16AD ] uCamMonitor     C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
12:12:55.0794 0x1c98  uCamMonitor - ok
12:12:55.0830 0x1c98  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:12:55.0944 0x1c98  udfs - ok
12:12:56.0004 0x1c98  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:12:56.0042 0x1c98  UI0Detect - ok
12:12:56.0064 0x1c98  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:12:56.0079 0x1c98  uliagpkx - ok
12:12:56.0122 0x1c98  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:12:56.0174 0x1c98  umbus - ok
12:12:56.0187 0x1c98  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
12:12:56.0218 0x1c98  UmPass - ok
12:12:56.0267 0x1c98  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:12:56.0309 0x1c98  UmRdpService - ok
12:12:56.0559 0x1c98  [ 7A78ED1088890114DFDE2C4AB038D6B6, B52357594A90A8BCF5F96FA630F52BB1274A2FE814AF0270D21C892871D076FC ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:12:56.0649 0x1c98  UNS - ok
12:12:56.0691 0x1c98  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:12:56.0764 0x1c98  upnphost - ok
12:12:56.0811 0x1c98  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:12:56.0875 0x1c98  usbccgp - ok
12:12:56.0922 0x1c98  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:12:56.0962 0x1c98  usbcir - ok
12:12:57.0006 0x1c98  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
12:12:57.0041 0x1c98  usbehci - ok
12:12:57.0079 0x1c98  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:12:57.0123 0x1c98  usbhub - ok
12:12:57.0165 0x1c98  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:12:57.0186 0x1c98  usbohci - ok
12:12:57.0220 0x1c98  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
12:12:57.0269 0x1c98  usbprint - ok
12:12:57.0317 0x1c98  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:12:57.0403 0x1c98  USBSTOR - ok
12:12:57.0455 0x1c98  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:12:57.0479 0x1c98  usbuhci - ok
12:12:57.0541 0x1c98  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
12:12:57.0614 0x1c98  usbvideo - ok
12:12:57.0738 0x1c98  [ 34349E7B488FA61B639117F6BF1EBF99, A7A7E60511F7D6370473D41867F5323695308CC27D3EEB0286687D3A9E0084E9 ] USER_ESRV_SVC   C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
12:12:57.0783 0x1c98  USER_ESRV_SVC - ok
12:12:57.0812 0x1c98  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:12:57.0866 0x1c98  UxSms - ok
12:12:57.0918 0x1c98  [ DCB1F83AD167D16D263CE57C94E9EEDF, 2389268A1F83F0D354111553FB5F48E77A8FE4C0A1C22376A313A961252ED259 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
12:12:57.0942 0x1c98  VAIO Event Service - ok
12:12:57.0967 0x1c98  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
12:12:57.0985 0x1c98  VaultSvc - ok
12:12:58.0062 0x1c98  [ D00058C1FFF3F3DE990444A5734E9639, 450192C5F458888D71328994E29A6CB0E04F387BF63D49E7EABA1E1AECD680F9 ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
12:12:58.0151 0x1c98  VCFw - ok
12:12:58.0240 0x1c98  [ BFFDE5AF83DBEF61F8AFE1781482521D, 2E2237AB9ED20C3F2687A727D9816E47229170DD88C1844682CDBF278EDF1ADA ] VcmIAlzMgr      C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
12:12:58.0297 0x1c98  VcmIAlzMgr - ok
12:12:58.0328 0x1c98  [ 2F06D134554BA84FE253DBC481DCFE6D, A88780610A1B4FAFF1818CF3D86AC83B27DDDCD9CDB9F1A38C5BBFEE5632CF5E ] VcmINSMgr       C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
12:12:58.0379 0x1c98  VcmINSMgr - ok
12:12:58.0421 0x1c98  [ 32A3735F6874B7783C6209ED5CA36D9D, B6DA3D749A000D99B6F0BF475C47AC0867595B634CC6502C8758B241759F531C ] VcmXmlIfHelper  C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
12:12:58.0445 0x1c98  VcmXmlIfHelper - ok
12:12:58.0486 0x1c98  [ 7CBA5728C50FCDFBB87FF9C2DCE881B0, CE12024F548B9380F90C559CB3448FD0CD4393061E9B0EDDAE8F13FBB100762D ] VCService       C:\Program Files\Sony\VAIO Care\VCService.exe
12:12:58.0499 0x1c98  VCService - ok
12:12:58.0529 0x1c98  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:12:58.0541 0x1c98  vdrvroot - ok
12:12:58.0588 0x1c98  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:12:58.0661 0x1c98  vds - ok
12:12:58.0688 0x1c98  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:12:58.0704 0x1c98  vga - ok
12:12:58.0734 0x1c98  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:12:58.0789 0x1c98  VgaSave - ok
12:12:58.0826 0x1c98  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:12:58.0844 0x1c98  vhdmp - ok
12:12:58.0861 0x1c98  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:12:58.0872 0x1c98  viaide - ok
12:12:58.0888 0x1c98  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:12:58.0901 0x1c98  volmgr - ok
12:12:58.0926 0x1c98  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:12:58.0948 0x1c98  volmgrx - ok
12:12:58.0980 0x1c98  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:12:59.0000 0x1c98  volsnap - ok
12:12:59.0029 0x1c98  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:12:59.0044 0x1c98  vsmraid - ok
12:12:59.0181 0x1c98  [ 86958A24639B8E3A84F14307CE35650B, C16CC385239B441FD3B363EB17D0EA5C792F274347EA028758103E7DC85B9318 ] VSNService      C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
12:12:59.0247 0x1c98  VSNService - ok
12:12:59.0334 0x1c98  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:12:59.0444 0x1c98  VSS - ok
12:12:59.0573 0x1c98  [ C460F38BCA36929693892DEC77857114, 230362A5B8F7BCA5484C62D219E3EF3CF2C0732669BBBA48DE8DB3282C4F87C9 ] VUAgent         C:\Program Files\Sony\VAIO Update\vuagent.exe
12:12:59.0626 0x1c98  VUAgent - ok
12:12:59.0646 0x1c98  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:12:59.0686 0x1c98  vwifibus - ok
12:12:59.0724 0x1c98  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:12:59.0791 0x1c98  vwififlt - ok
12:12:59.0849 0x1c98  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:12:59.0913 0x1c98  W32Time - ok
12:12:59.0959 0x1c98  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:13:00.0005 0x1c98  WacomPen - ok
12:13:00.0044 0x1c98  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:13:00.0099 0x1c98  WANARP - ok
12:13:00.0109 0x1c98  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:13:00.0146 0x1c98  Wanarpv6 - ok
12:13:00.0262 0x1c98  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:13:00.0312 0x1c98  WatAdminSvc - ok
12:13:00.0441 0x1c98  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:13:00.0558 0x1c98  wbengine - ok
12:13:00.0601 0x1c98  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:13:00.0665 0x1c98  WbioSrvc - ok
12:13:00.0738 0x1c98  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:13:00.0817 0x1c98  wcncsvc - ok
12:13:00.0850 0x1c98  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:13:00.0888 0x1c98  WcsPlugInService - ok
12:13:00.0918 0x1c98  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
12:13:00.0932 0x1c98  Wd - ok
12:13:00.0989 0x1c98  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:13:01.0027 0x1c98  Wdf01000 - ok
12:13:01.0044 0x1c98  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:13:01.0151 0x1c98  WdiServiceHost - ok
12:13:01.0171 0x1c98  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:13:01.0198 0x1c98  WdiSystemHost - ok
12:13:01.0248 0x1c98  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
12:13:01.0272 0x1c98  WebClient - ok
12:13:01.0308 0x1c98  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:13:01.0390 0x1c98  Wecsvc - ok
12:13:01.0419 0x1c98  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:13:01.0459 0x1c98  wercplsupport - ok
12:13:01.0486 0x1c98  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:13:01.0525 0x1c98  WerSvc - ok
12:13:01.0547 0x1c98  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:13:01.0584 0x1c98  WfpLwf - ok
12:13:01.0609 0x1c98  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:13:01.0621 0x1c98  WIMMount - ok
12:13:01.0651 0x1c98  WinDefend - ok
12:13:01.0676 0x1c98  WinHttpAutoProxySvc - ok
12:13:01.0741 0x1c98  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:13:01.0806 0x1c98  Winmgmt - ok
12:13:01.0938 0x1c98  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:13:02.0045 0x1c98  WinRM - ok
12:13:02.0105 0x1c98  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:13:02.0121 0x1c98  WinUsb - ok
12:13:02.0190 0x1c98  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:13:02.0259 0x1c98  Wlansvc - ok
12:13:02.0317 0x1c98  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:13:02.0342 0x1c98  wlcrasvc - ok
12:13:02.0541 0x1c98  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:13:02.0620 0x1c98  wlidsvc - ok
12:13:02.0661 0x1c98  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:13:02.0708 0x1c98  WmiAcpi - ok
12:13:02.0769 0x1c98  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:13:02.0809 0x1c98  wmiApSrv - ok
12:13:02.0839 0x1c98  WMPNetworkSvc - ok
12:13:02.0869 0x1c98  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:13:02.0928 0x1c98  WPCSvc - ok
12:13:02.0971 0x1c98  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:13:03.0040 0x1c98  WPDBusEnum - ok
12:13:03.0083 0x1c98  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:13:03.0172 0x1c98  ws2ifsl - ok
12:13:03.0230 0x1c98  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
12:13:03.0282 0x1c98  wscsvc - ok
12:13:03.0295 0x1c98  WSearch - ok
12:13:03.0441 0x1c98  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:13:03.0528 0x1c98  wuauserv - ok
12:13:03.0563 0x1c98  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:13:03.0613 0x1c98  WudfPf - ok
12:13:03.0644 0x1c98  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:13:03.0664 0x1c98  WUDFRd - ok
12:13:03.0700 0x1c98  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:13:03.0741 0x1c98  wudfsvc - ok
12:13:03.0788 0x1c98  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:13:03.0870 0x1c98  WwanSvc - ok
12:13:03.0914 0x1c98  ================ Scan global ===============================
12:13:03.0969 0x1c98  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:13:04.0021 0x1c98  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:13:04.0048 0x1c98  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:13:04.0077 0x1c98  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:13:04.0114 0x1c98  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:13:04.0128 0x1c98  [ Global ] - ok
12:13:04.0129 0x1c98  ================ Scan MBR ==================================
12:13:04.0141 0x1c98  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:13:05.0140 0x1c98  \Device\Harddisk0\DR0 - ok
12:13:05.0141 0x1c98  ================ Scan VBR ==================================
12:13:05.0160 0x1c98  [ 1F3E090B122673513F0C1AE46D307B97 ] \Device\Harddisk0\DR0\Partition1
12:13:05.0164 0x1c98  \Device\Harddisk0\DR0\Partition1 - ok
12:13:05.0183 0x1c98  [ 62B6F75A8C164A940D74DEEF55DB9214 ] \Device\Harddisk0\DR0\Partition2
12:13:05.0185 0x1c98  \Device\Harddisk0\DR0\Partition2 - ok
12:13:05.0186 0x1c98  ================ Scan generic autorun ======================
12:13:05.0255 0x1c98  [ 7D1B808410A734E427A229B31EAE8891, 36BB31B9119062A53D2AB6CCBFF820D8195776836D84AF7008CE1F18D2519009 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
12:13:05.0287 0x1c98  cAudioFilterAgent - ok
12:13:05.0312 0x1c98  [ 6349A663F21A579A9E708A1EA138DEAD, 9A66D44767494C8B0A869FBEFC8A9D57AC8F7B47FDD11675C94357F759008FD4 ] C:\Windows\system32\igfxtray.exe
12:13:05.0329 0x1c98  IgfxTray - ok
12:13:05.0383 0x1c98  [ 3C6EDA4DB5DE13898A5F3FA1BA7A2B5E, 0C75EFB35684AEB6FB94AC539CE19E92D0940CAB8B0B992F47087086C849ABCC ] C:\Windows\system32\hkcmd.exe
12:13:05.0423 0x1c98  HotKeysCmds - ok
12:13:05.0453 0x1c98  [ F8C1B21E4CE3F1E19333E27771CB2FC5, 3A574D42E29CE832E7C5453F089C0E7A8419A56E4EEB0F5DA45036DF08EA628A ] C:\Windows\system32\igfxpers.exe
12:13:05.0477 0x1c98  Persistence - ok
12:13:05.0591 0x1c98  [ 569AC1376B12D4083FC66CC7A304F234, DD209F09573F10A77D710E30EF3D0461D2E8F4E5F18106B18EFB587C88393460 ] c:\Program Files\Microsoft Security Client\msseces.exe
12:13:05.0654 0x1c98  MSC - ok
12:13:05.0691 0x1c98  [ C0B97E53A0E39A48EEA2DCD500EEA07A, 111FBD91850E52E61E6A4D8065BF56C9C6B89C55BA6312F726125F1CE4B09EE1 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
12:13:05.0709 0x1c98  IAStorIcon - ok
12:13:05.0841 0x1c98  [ 440699F90786EF6A7722B4417BB0F5C7, 75C8743E944E847541848AE972B90480AD33CA7607ECA9D4FF4C90D442AEC8FB ] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
12:13:05.0968 0x1c98  ISBMgr.exe - ok
12:13:06.0019 0x1c98  [ 48B9248CED8A5DE4EB0917CB676CB8D5, E39AF20AE2D8B768C9E6CD060BEB7E24F71B1398472274BA7178AB9ADF8A3248 ] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
12:13:06.0095 0x1c98  PMBVolumeWatcher - ok
12:13:06.0137 0x1c98  [ 603668084332DDB58D8C5AACE30B04FC, B6FA6BBE18D433F41F96640726444B7CB9D669BAE87A545E1408391B9469EDB9 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
12:13:06.0153 0x1c98  iTunesHelper - ok
12:13:06.0205 0x1c98  [ D9F4805A18CB455CA72F6F1E86C40AD4, A10742F1F533A152F954EDA5D4DF1CF5AAE773ABA5F2ECA6AB5734F97DF579FE ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
12:13:06.0226 0x1c98  SunJavaUpdateSched - ok
12:13:06.0305 0x1c98  [ 2BAD84B393AF47006D80BA2F03B18029, 72E7A5906E48C6318533D9657D32B29E9AB1D76E25C2C0C6D4C34077561493A2 ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
12:13:06.0332 0x1c98  ISUSPM - ok
12:13:06.0421 0x1c98  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
12:13:06.0456 0x1c98  Win FW state via NFP2: enabled
12:13:09.0299 0x1c98  ============================================================
12:13:09.0299 0x1c98  Scan finished
12:13:09.0299 0x1c98  ============================================================
12:13:09.0321 0x1d24  Detected object count: 3
12:13:09.0322 0x1d24  Actual detected object count: 3
12:13:23.0433 0x1d24  DCDhcpService ( UnsignedFile.Multi.Generic ) - skipped by user
12:13:23.0433 0x1d24  DCDhcpService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:13:23.0433 0x1d24  Oasis2Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:13:23.0433 0x1d24  Oasis2Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:13:23.0436 0x1d24  ProtexisLicensing ( UnsignedFile.Multi.Generic ) - skipped by user
12:13:23.0437 0x1d24  ProtexisLicensing ( UnsignedFile.Multi.Generic ) - User select action: Skip 


#12 Kaseycs

Kaseycs
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:38 AM

Posted 01 August 2014 - 01:19 PM

I just realized that while I did disable Microsoft essentials before I ran ComboFix, I did not disable MalwareBytes nor Hitman Pro. Did this create an issue?



#13 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:38 AM

Posted 01 August 2014 - 02:28 PM

Did this create an issue?

No, the program ran fine.

The files that TDSSKiller reported are not malware related.
They are just not digitally signed...... that is fairly common.

I am receiving this when I run Hitman PRO and after it is repaired it shows up again next reboot.

Are you still getting those messages?

BBPP6nz.png


#14 Kaseycs

Kaseycs
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:38 AM

Posted 01 August 2014 - 02:40 PM

I am running it now to see if it happens again.



#15 Kaseycs

Kaseycs
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:38 AM

Posted 01 August 2014 - 02:42 PM

Yes I am still receiving that message.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users