Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Lots of pop-ups and having trouble accessing websites


  • This topic is locked This topic is locked
12 replies to this topic

#1 psiegel

psiegel

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:29 AM

Posted 09 October 2014 - 04:01 AM

Hello,

My computer is an HP G62 Notebook PC running Windows 7. I am having an issue with pop-ups that has gotten worse in the last day. I could not open the window to post in this forum without first receiving several pop-up ads to "clean my computer". These ads all have the name OffersWizard on them. In addition I keep receiving error  and other types of messages. Such as:

Access Forbidden!

You don't have permission to access the requested directory. There is either no index document or the directory is read protected. If you think this is a server error please contact the webmaster. error 403.

 I also get pop-ups to install a new video driver with the web address:

http://vas.gaslitlactealwowser.com

 

 

and when trying to uninstall OffersWizard which I did not personally install I receive this message:

 

OffersWizard Network System Driver

Uninstalling this service requires a complete machine reboot.

Attention: If this service is disabled, any other service that explicitly depend on this service will fail to operate properly, continue with the uninstall process?

It will not uninstall

 

Thanks,

Peggy



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:29 AM

Posted 09 October 2014 - 11:28 AM

Hell, lets run a few tools and see the reports.

Hello VonZapper we may not need it.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 psiegel

psiegel
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:29 AM

Posted 09 October 2014 - 06:46 PM

Hello,

Here are the reports.

First is report from MiniToolBox

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Peggy (administrator) on 09-10-2014 at 09:51:14
Running from "C:\Users\Peggy\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Ralink RT5390 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
PdaNet Broadband Adapter = Local Area Connection 3 (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Lily
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : att.net

Ethernet adapter Local Area Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : PdaNet Broadband Adapter
   Physical Address. . . . . . . . . : 00-26-37-BD-39-42
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 90-00-4E-8C-A3-A2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : att.net
   Description . . . . . . . . . . . : Ralink RT5390 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : 90-00-4E-8C-A3-A3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2602:30a:c0ac:f40:6d8e:da5:17ac:1ba9(Preferred)
   Temporary IPv6 Address. . . . . . : 2602:30a:c0ac:f40:1850:12f8:b85d:237f(Preferred)
   Link-local IPv6 Address . . . . . : fe80::6d8e:da5:17ac:1ba9%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.249(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, October 09, 2014 9:40:53 AM
   Lease Expires . . . . . . . . . . : Friday, October 10, 2014 9:40:53 AM
   Default Gateway . . . . . . . . . : fe80::7ebf:b1ff:fe78:6230%11
                                       192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 311427150
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-AC-31-AC-98-4B-E1-B9-77-C3
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : att.net
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 98-4B-E1-B9-77-C3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Server:  dsldevice.att.net
Address:  192.168.1.254

Name:    google.com
Addresses:  2607:f8b0:4000:804::1008
   74.125.227.97
   74.125.227.96
   74.125.227.110
   74.125.227.104
   74.125.227.105
   74.125.227.101
   74.125.227.102
   74.125.227.100
   74.125.227.98
   74.125.227.103
   74.125.227.99

Pinging google.com [2607:f8b0:4000:807::1000] with 32 bytes of data:
Reply from 2607:f8b0:4000:807::1000: time=175ms
Reply from 2607:f8b0:4000:807::1000: time=138ms

Ping statistics for 2607:f8b0:4000:807::1000:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 138ms, Maximum = 175ms, Average = 156ms
Server:  dsldevice.att.net
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  98.138.253.109
   98.139.183.24
   206.190.36.45

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=148ms TTL=47
Reply from 206.190.36.45: bytes=32 time=193ms TTL=47

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 148ms, Maximum = 193ms, Average = 170ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 18...00 26 37 bd 39 42 ......PdaNet Broadband Adapter
 12...90 00 4e 8c a3 a2 ......Microsoft Virtual WiFi Miniport Adapter
 11...90 00 4e 8c a3 a3 ......Ralink RT5390 802.11b/g/n WiFi Adapter
 10...98 4b e1 b9 77 c3 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.249     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.249    281
    192.168.1.249  255.255.255.255         On-link     192.168.1.249    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.249    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.249    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.249    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11    281 ::/0                     fe80::7ebf:b1ff:fe78:6230
  1    306 ::1/128                  On-link
 11     33 2602:30a:c0ac:f40::/64   On-link
 11    281 2602:30a:c0ac:f40:1850:12f8:b85d:237f/128
                                    On-link
 11    281 2602:30a:c0ac:f40:6d8e:da5:17ac:1ba9/128
                                    On-link
 11    281 fe80::/64                On-link
 11    281 fe80::6d8e:da5:17ac:1ba9/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/09/2014 01:58:10 AM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 31.0.1650.63, time stamp: 0x53ccf06b
Faulting module name: SHELL32.dll, version: 6.1.7601.18517, time stamp: 0x53aa285b
Exception code: 0xc0000005
Fault offset: 0x001f1d2b
Faulting process id: 0x4100
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (10/09/2014 01:48:09 AM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 31.0.1650.63, time stamp: 0x53ccf06b
Faulting module name: SHELL32.dll, version: 6.1.7601.18517, time stamp: 0x53aa285b
Exception code: 0xc0000005
Fault offset: 0x001f1d2b
Faulting process id: 0x2ef4
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (10/09/2014 01:34:38 AM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17280, time stamp: 0x53f262ac
Faulting module name: igd10umd32.dll, version: 8.15.10.2086, time stamp: 0x4b80087f
Exception code: 0xc0000005
Fault offset: 0x000280a1
Faulting process id: 0x6cc4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (10/09/2014 01:02:12 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17280 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 6764

Start Time: 01cfe3971666efd6

Termination Time: 36

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (10/09/2014 01:00:35 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17280 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 6fc4

Start Time: 01cfe3948b9e3037

Termination Time: 72

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (10/08/2014 06:26:36 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (10/06/2014 00:23:41 AM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 31.0.1650.63, time stamp: 0x53ccf06b
Faulting module name: SHELL32.dll, version: 6.1.7601.18517, time stamp: 0x53aa285b
Exception code: 0xc0000005
Fault offset: 0x001f1d2b
Faulting process id: 0x125c
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (10/05/2014 09:08:30 PM) (Source: Application Hang) (User: )
Description: The program WINWORDC.EXE version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 17b0

Start Time: 01cfe11a353ac3c0

Termination Time: 8

Application Path: Q:\140066.enu\Office14\WINWORDC.EXE

Report Id: 672b15b2-4d0e-11e4-a7ea-984be1b977c3

Error: (10/04/2014 01:58:23 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (10/02/2014 05:21:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 31.0.1650.63, time stamp: 0x53ccf06b
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x2774
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

System errors:
=============
Error: (10/05/2014 04:23:47 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NAV service.

Error: (10/01/2014 10:04:18 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (09/30/2014 10:18:39 PM) (Source: Microsoft-Windows-Bits-Client) (User: NT AUTHORITY)
Description: A new BITS job could not be created. The current job count for the user Lily\Peggy (60) is equal to or greater than the job limit (60) specified through group policy.  To correct the problem, complete or cancel the BITS jobs that haven't made progress by looking at the error, and restart the BITS service. If this error recurs, contact your system administrator and increate the per-user and per-computer Group Policy job limits.

Error: (09/26/2014 02:42:07 PM) (Source: Service Control Manager) (User: )
Description: The BrowseIgnite Update (1051) service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (09/25/2014 11:52:26 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (09/25/2014 11:51:58 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (09/25/2014 11:51:58 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (09/25/2014 11:51:58 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (09/25/2014 11:51:58 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (09/25/2014 11:51:58 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Microsoft Office Sessions:
=========================
Error: (10/09/2014 01:58:10 AM) (Source: Application Error)(User: )
Description: chrome.exe31.0.1650.6353ccf06bSHELL32.dll6.1.7601.1851753aa285bc0000005001f1d2b410001cfe39f132dd009C:\Users\Peggy\AppData\Local\I-_D-_~1.-R\CHROME~1\chrome.exeC:\Windows\syswow64\SHELL32.dll6484b067-4f92-11e4-9731-984be1b977c3

Error: (10/09/2014 01:48:09 AM) (Source: Application Error)(User: )
Description: chrome.exe31.0.1650.6353ccf06bSHELL32.dll6.1.7601.1851753aa285bc0000005001f1d2b2ef401cfe39daf4d576eC:\Users\Peggy\AppData\Local\I-_D-_~1.-R\CHROME~1\chrome.exeC:\Windows\syswow64\SHELL32.dllfdf4e289-4f90-11e4-9731-984be1b977c3

Error: (10/09/2014 01:34:38 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1728053f262acigd10umd32.dll8.15.10.20864b80087fc0000005000280a16cc401cfe399accd22f8C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\igd10umd32.dll1a7bae18-4f8f-11e4-9731-984be1b977c3

Error: (10/09/2014 01:02:12 AM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.17280676401cfe3971666efd636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (10/09/2014 01:00:35 AM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.172806fc401cfe3948b9e303772C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (10/08/2014 06:26:36 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (10/06/2014 00:23:41 AM) (Source: Application Error)(User: )
Description: chrome.exe31.0.1650.6353ccf06bSHELL32.dll6.1.7601.1851753aa285bc0000005001f1d2b125c01cfe13665277801C:\Users\Peggy\AppData\Local\I-_D-_~1.-R\CHROME~1\chrome.exeC:\Windows\syswow64\SHELL32.dllb1fd6f87-4d29-11e4-89c6-984be1b977c3

Error: (10/05/2014 09:08:30 PM) (Source: Application Hang)(User: )
Description: WINWORDC.EXE0.0.0.017b001cfe11a353ac3c08Q:\140066.enu\Office14\WINWORDC.EXE672b15b2-4d0e-11e4-a7ea-984be1b977c3

Error: (10/04/2014 01:58:23 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (10/02/2014 05:21:04 PM) (Source: Application Error)(User: )
Description: chrome.exe31.0.1650.6353ccf06bntdll.dll6.1.7601.18247521ea8e7c0000374000ce753277401cfde9f225117ddC:\Users\Peggy\AppData\Local\I-_D-_~1.-R\CHROME~1\chrome.exeC:\Windows\SysWOW64\ntdll.dll28fce2a8-4a93-11e4-a83e-984be1b977c3

CodeIntegrity Errors:
===================================
  Date: 2013-07-16 23:03:44.688
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-16 23:03:44.532
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

=========================== Installed Programs ============================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.2.12610 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.0.2.12610 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}) (Version: 11.5.8.612 - Adobe Systems, Inc)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{504CC891-B140-4E1B-860B-5E4C1DFBA9E3}) (Version: 2.0.5350 - K-NFB Reading Technology, Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3320 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.3320 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1920 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.0.1920 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.4604 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.1.4604 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.2.3321 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.2.3321 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.0.5.618 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Auto (Version: 1.0.12494.3472 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.0.12656.3472 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Deskjet 1000 J110 series Basic Device Software (HKLM\...\{883B114D-BD3E-498F-9DAD-5E4A8E1C43BA}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1000 J110 series Help (HKLM-x32\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
HP Deskjet 1000 J110 series Product Improvement Study (HKLM\...\{1A570BFA-D775-47EE-8071-06E9559C14F5}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Documentation (HKLM-x32\...\{2385DA7C-F545-4E66-A968-D464F0519425}) (Version: 1.4.0.0 - Hewlett-Packard)
HP Game Console (x32 Version:  - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0.2 - Hewlett-Packard)
HP MovieStore (x32 Version: 1.0.023 - Hewlett-Packard) Hidden
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.4042 - HP Photo Creations Powered by RocketLife)
HP Power Manager (HKLM-x32\...\{AF306BD8-F9D1-4627-89B9-246E59074A05}) (Version: 1.1.2 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{97174E88-52F9-445A-A28E-704A45332D19}) (Version: 4.0.108.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{13DCC2C7-454D-42F0-A892-E0E9A5DE4E67}) (Version: 4.0.10.0 - Hewlett-Packard Company)
I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r (HKLM-x32\...\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r) (Version: 96.0.0.443 - SADDLEBACK PROC LTD)
Inspiration 9 PDF Driver (novaPDF 7.3 printer) (HKLM\...\Inspiration 9 PDF Driver_is1) (Version:  - Softland)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
InternetHelper3.1 Toolbar for IE (HKLM-x32\...\IECT3289663) (Version: 6.16.2.2 - InternetHelper3.1)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3220 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3220 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 18.7.1.3 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OffersWizard Network System Driver (HKLM-x32\...\inethnfd) (Version: 1.0.0.3001 - )
PdaNet+ for Android 4.12 (HKLM-x32\...\PdaNet_is1) (Version:  - June Fabrics Technology Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4419 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4419 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3320 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3320 - CyberLink Corp.) Hidden
Prezi Desktop (HKLM-x32\...\{7FAE73A4-F0BC-4B65-81CF-52C417383407}) (Version: 4.7.5 - Prezi.com)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.1.13.0 - Ralink)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6206 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30120 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3223 - CyberLink Corp.) Hidden
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.101 - RoxioNow)
RtVOsd (HKLM\...\{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
Samsung PC Studio 3 USB Driver Installer (HKLM-x32\...\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}) (Version: 3.2.0.70701 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1900.0 - SAMSUNG Electronics Co., Ltd.)
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.4.2 - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.5.1012 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.64 - Synaptics Incorporated)
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 69%
Total physical RAM: 3893.86 MB
Available physical RAM: 1182.09 MB
Total Pagefile: 7785.9 MB
Available Pagefile: 4226 MB
Total Virtual: 4095.88 MB
Available Virtual: 3986.73 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:446.41 GB) (Free:355.52 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:19.05 GB) (Free:2.76 GB) NTFS

========================= Users: ========================================

User accounts for \\LILY

Administrator            Guest                    Peggy                   

**** End of log ****

 

Next is report from TDSSKiller

 

10:09:56.0256 0x3770  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
10:10:07.0701 0x3770  ============================================================
10:10:07.0701 0x3770  Current date / time: 2014/10/09 10:10:07.0701
10:10:07.0701 0x3770  SystemInfo:
10:10:07.0701 0x3770 
10:10:07.0701 0x3770  OS Version: 6.1.7601 ServicePack: 1.0
10:10:07.0701 0x3770  Product type: Workstation
10:10:07.0701 0x3770  ComputerName: LILY
10:10:07.0701 0x3770  UserName: Peggy
10:10:07.0701 0x3770  Windows directory: C:\Windows
10:10:07.0701 0x3770  System windows directory: C:\Windows
10:10:07.0701 0x3770  Running under WOW64
10:10:07.0701 0x3770  Processor architecture: Intel x64
10:10:07.0701 0x3770  Number of processors: 4
10:10:07.0701 0x3770  Page size: 0x1000
10:10:07.0701 0x3770  Boot type: Normal boot
10:10:07.0701 0x3770  ============================================================
10:10:12.0526 0x3770  KLMD registered as C:\Windows\system32\drivers\52708052.sys
10:10:12.0869 0x3770  System UUID: {008A9AB1-18E6-FBCB-4CB8-8FEFD4439CB3}
10:10:13.0957 0x3770  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:10:13.0963 0x3770  ============================================================
10:10:13.0963 0x3770  \Device\Harddisk0\DR0:
10:10:13.0964 0x3770  MBR partitions:
10:10:13.0964 0x3770  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
10:10:13.0964 0x3770  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37CD3000
10:10:13.0964 0x3770  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37D37000, BlocksNum 0x261B000
10:10:13.0964 0x3770  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
10:10:13.0964 0x3770  ============================================================
10:10:14.0208 0x3770  C: <-> \Device\Harddisk0\DR0\Partition2
10:10:14.0250 0x3770  D: <-> \Device\Harddisk0\DR0\Partition3
10:10:14.0324 0x3770  ============================================================
10:10:14.0324 0x3770  Initialize success
10:10:14.0324 0x3770  ============================================================
10:10:44.0502 0x36b4  ============================================================
10:10:44.0502 0x36b4  Scan started
10:10:44.0502 0x36b4  Mode: Manual;
10:10:44.0502 0x36b4  ============================================================
10:10:44.0502 0x36b4  KSN ping started
10:11:09.0334 0x36b4  KSN ping finished: true
10:11:20.0942 0x36b4  ================ Scan system memory ========================
10:11:20.0942 0x36b4  System memory - ok
10:11:20.0945 0x36b4  ================ Scan services =============================
10:11:21.0151 0x36b4  [ 7D9D615201A483D6FA99491C2E655A5A, EF24EBC4E08B555E5A90E6D560F375267137064AED1A9DC5251BB1FF2B65BA37 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
10:11:21.0158 0x36b4  !SASCORE - ok
10:11:21.0916 0x36b4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:11:21.0925 0x36b4  1394ohci - ok
10:11:21.0985 0x36b4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:11:21.0999 0x36b4  ACPI - ok
10:11:22.0034 0x36b4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:11:22.0037 0x36b4  AcpiPmi - ok
10:11:22.0150 0x36b4  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:11:22.0158 0x36b4  AdobeARMservice - ok
10:11:22.0745 0x36b4  [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:11:22.0759 0x36b4  AdobeFlashPlayerUpdateSvc - ok
10:11:22.0833 0x36b4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:11:22.0865 0x36b4  adp94xx - ok
10:11:22.0909 0x36b4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:11:23.0019 0x36b4  adpahci - ok
10:11:23.0048 0x36b4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:11:23.0057 0x36b4  adpu320 - ok
10:11:23.0084 0x36b4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:11:23.0092 0x36b4  AeLookupSvc - ok
10:11:23.0151 0x36b4  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
10:11:23.0157 0x36b4  AERTFilters - ok
10:11:23.0344 0x36b4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
10:11:23.0464 0x36b4  AFD - ok
10:11:23.0519 0x36b4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:11:23.0563 0x36b4  agp440 - ok
10:11:23.0594 0x36b4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:11:23.0599 0x36b4  ALG - ok
10:11:23.0633 0x36b4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:11:23.0635 0x36b4  aliide - ok
10:11:23.0653 0x36b4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:11:23.0655 0x36b4  amdide - ok
10:11:23.0701 0x36b4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:11:23.0706 0x36b4  AmdK8 - ok
10:11:23.0717 0x36b4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:11:23.0721 0x36b4  AmdPPM - ok
10:11:23.0764 0x36b4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:11:23.0779 0x36b4  amdsata - ok
10:11:24.0327 0x36b4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:11:24.0382 0x36b4  amdsbs - ok
10:11:24.0426 0x36b4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:11:24.0429 0x36b4  amdxata - ok
10:11:24.0494 0x36b4  [ 4DE0D5D747A73797C95A97DCCE5018B5, 17EC669675C2E43515EFE2D8BCC9DDFFBE64F99EBFB9A6DAB429F65A2B504560 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
10:11:24.0498 0x36b4  androidusb - ok
10:11:24.0553 0x36b4  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
10:11:24.0562 0x36b4  AppID - ok
10:11:24.0593 0x36b4  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:11:24.0596 0x36b4  AppIDSvc - ok
10:11:24.0631 0x36b4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
10:11:24.0634 0x36b4  Appinfo - ok
10:11:24.0677 0x36b4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:11:24.0682 0x36b4  arc - ok
10:11:24.0697 0x36b4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:11:24.0701 0x36b4  arcsas - ok
10:11:25.0224 0x36b4  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:11:25.0288 0x36b4  aspnet_state - ok
10:11:25.0329 0x36b4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:11:25.0332 0x36b4  AsyncMac - ok
10:11:25.0370 0x36b4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:11:25.0372 0x36b4  atapi - ok
10:11:25.0440 0x36b4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:11:25.0465 0x36b4  AudioEndpointBuilder - ok
10:11:25.0495 0x36b4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:11:25.0526 0x36b4  AudioSrv - ok
10:11:25.0622 0x36b4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:11:25.0627 0x36b4  AxInstSV - ok
10:11:25.0669 0x36b4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:11:25.0697 0x36b4  b06bdrv - ok
10:11:25.0920 0x36b4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:11:25.0959 0x36b4  b57nd60a - ok
10:11:26.0004 0x36b4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:11:26.0013 0x36b4  BDESVC - ok
10:11:26.0042 0x36b4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:11:26.0045 0x36b4  Beep - ok
10:11:26.0161 0x36b4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:11:26.0251 0x36b4  BFE - ok
10:11:26.0724 0x36b4  [ 5B1FE9D351C284701C8051DA2AA81DF6, 6D5069EEF071E993E226C725D71703909730B50BA5E754C33E8B7D4FABABEF7D ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\BASHDefs\20120413.001\BHDrvx64.sys
10:11:26.0787 0x36b4  BHDrvx64 - ok
10:11:26.0925 0x36b4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:11:26.0988 0x36b4  BITS - ok
10:11:27.0026 0x36b4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:11:27.0029 0x36b4  blbdrive - ok
10:11:27.0063 0x36b4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:11:27.0067 0x36b4  bowser - ok
10:11:27.0088 0x36b4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:11:27.0090 0x36b4  BrFiltLo - ok
10:11:27.0103 0x36b4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:11:27.0105 0x36b4  BrFiltUp - ok
10:11:27.0148 0x36b4  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
10:11:27.0153 0x36b4  BridgeMP - ok
10:11:27.0190 0x36b4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:11:27.0195 0x36b4  Browser - ok
10:11:27.0224 0x36b4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:11:27.0239 0x36b4  Brserid - ok
10:11:27.0277 0x36b4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:11:27.0280 0x36b4  BrSerWdm - ok
10:11:27.0301 0x36b4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:11:27.0309 0x36b4  BrUsbMdm - ok
10:11:27.0314 0x36b4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:11:27.0315 0x36b4  BrUsbSer - ok
10:11:27.0334 0x36b4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:11:27.0338 0x36b4  BTHMODEM - ok
10:11:27.0379 0x36b4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:11:27.0384 0x36b4  bthserv - ok
10:11:27.0423 0x36b4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:11:27.0428 0x36b4  cdfs - ok
10:11:27.0475 0x36b4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
10:11:27.0482 0x36b4  cdrom - ok
10:11:27.0535 0x36b4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:11:27.0551 0x36b4  CertPropSvc - ok
10:11:27.0745 0x36b4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:11:27.0748 0x36b4  circlass - ok
10:11:27.0861 0x36b4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:11:27.0903 0x36b4  CLFS - ok
10:11:28.0061 0x36b4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:11:28.0069 0x36b4  clr_optimization_v2.0.50727_32 - ok
10:11:28.0148 0x36b4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:11:28.0153 0x36b4  clr_optimization_v2.0.50727_64 - ok
10:11:28.0419 0x36b4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:11:28.0568 0x36b4  clr_optimization_v4.0.30319_32 - ok
10:11:28.0596 0x36b4  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:11:28.0657 0x36b4  clr_optimization_v4.0.30319_64 - ok
10:11:28.0727 0x36b4  [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
10:11:28.0730 0x36b4  clwvd - ok
10:11:28.0824 0x36b4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:11:28.0833 0x36b4  CmBatt - ok
10:11:28.0862 0x36b4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:11:28.0878 0x36b4  cmdide - ok
10:11:29.0007 0x36b4  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
10:11:29.0062 0x36b4  CNG - ok
10:11:29.0108 0x36b4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:11:29.0117 0x36b4  Compbatt - ok
10:11:29.0175 0x36b4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:11:29.0178 0x36b4  CompositeBus - ok
10:11:29.0194 0x36b4  COMSysApp - ok
10:11:29.0211 0x36b4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:11:29.0214 0x36b4  crcdisk - ok
10:11:29.0285 0x36b4  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:11:29.0293 0x36b4  CryptSvc - ok
10:11:30.0271 0x36b4  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:11:30.0346 0x36b4  cvhsvc - ok
10:11:30.0487 0x36b4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:11:30.0530 0x36b4  DcomLaunch - ok
10:11:30.0826 0x36b4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:11:30.0911 0x36b4  defragsvc - ok
10:11:30.0958 0x36b4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:11:30.0963 0x36b4  DfsC - ok
10:11:30.0998 0x36b4  [ A64CC0B5D93F25BF5D052A1FEBE71E68, 839EC10F08397F8DC0BB7CEB170A84A85865E4ABB7B11A4CEE63275B6F5AA517 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
10:11:31.0002 0x36b4  dg_ssudbus - ok
10:11:31.0064 0x36b4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:11:31.0074 0x36b4  Dhcp - ok
10:11:31.0103 0x36b4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:11:31.0105 0x36b4  discache - ok
10:11:31.0161 0x36b4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:11:31.0165 0x36b4  Disk - ok
10:11:31.0216 0x36b4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:11:31.0223 0x36b4  Dnscache - ok
10:11:31.0260 0x36b4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:11:31.0269 0x36b4  dot3svc - ok
10:11:31.0295 0x36b4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:11:31.0302 0x36b4  DPS - ok
10:11:31.0331 0x36b4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:11:31.0333 0x36b4  drmkaud - ok
10:11:31.0526 0x36b4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:11:31.0643 0x36b4  DXGKrnl - ok
10:11:32.0046 0x36b4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:11:32.0051 0x36b4  EapHost - ok
10:11:32.0485 0x36b4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:11:32.0653 0x36b4  ebdrv - ok
10:11:32.0795 0x36b4  [ 0C3F9EFF8DDD9F9EB56D754B4620155F, D81F2DF707E9A3852BB0CE30883B86D722EA1E7585E7A7D1BC3E081E0A4FDFDB ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:11:32.0871 0x36b4  eeCtrl - ok
10:11:32.0908 0x36b4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
10:11:32.0912 0x36b4  EFS - ok
10:11:33.0090 0x36b4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:11:33.0150 0x36b4  ehRecvr - ok
10:11:33.0185 0x36b4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:11:33.0191 0x36b4  ehSched - ok
10:11:33.0244 0x36b4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:11:33.0274 0x36b4  elxstor - ok
10:11:33.0358 0x36b4  [ 8C0F9B877BC0B7FFD327EF55F9EFB642, 238FB9A33DE89BC2D0F38734A44E16B6FE0E8806CDF9C09C0F238239DC9DA74B ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:11:33.0365 0x36b4  EraserUtilRebootDrv - ok
10:11:33.0427 0x36b4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:11:33.0429 0x36b4  ErrDev - ok
10:11:33.0517 0x36b4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:11:33.0556 0x36b4  EventSystem - ok
10:11:33.0578 0x36b4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:11:33.0585 0x36b4  exfat - ok
10:11:33.0614 0x36b4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:11:33.0621 0x36b4  fastfat - ok
10:11:33.0791 0x36b4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:11:33.0883 0x36b4  Fax - ok
10:11:33.0981 0x36b4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:11:33.0990 0x36b4  fdc - ok
10:11:34.0038 0x36b4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:11:34.0042 0x36b4  fdPHost - ok
10:11:34.0059 0x36b4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:11:34.0063 0x36b4  FDResPub - ok
10:11:34.0080 0x36b4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:11:34.0084 0x36b4  FileInfo - ok
10:11:34.0101 0x36b4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:11:34.0104 0x36b4  Filetrace - ok
10:11:34.0125 0x36b4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:11:34.0127 0x36b4  flpydisk - ok
10:11:34.0177 0x36b4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:11:34.0221 0x36b4  FltMgr - ok
10:11:34.0337 0x36b4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
10:11:34.0452 0x36b4  FontCache - ok
10:11:34.0581 0x36b4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:11:34.0585 0x36b4  FontCache3.0.0.0 - ok
10:11:34.0610 0x36b4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:11:34.0615 0x36b4  FsDepends - ok
10:11:34.0643 0x36b4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:11:34.0646 0x36b4  Fs_Rec - ok
10:11:34.0717 0x36b4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:11:34.0727 0x36b4  fvevol - ok
10:11:34.0742 0x36b4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:11:34.0746 0x36b4  gagp30kx - ok
10:11:34.0810 0x36b4  [ D154305DE6090E6E84E525F84BB08A06, 7B235178C3F26043AB7DB9EAD9A2185CEAF3C07BC48D63CA0EB6D56BCFEDF41A ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
10:11:34.0818 0x36b4  GameConsoleService - ok
10:11:34.0879 0x36b4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:11:34.0900 0x36b4  gpsvc - ok
10:11:34.0986 0x36b4  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:11:34.0991 0x36b4  gupdate - ok
10:11:34.0999 0x36b4  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:11:35.0002 0x36b4  gupdatem - ok
10:11:35.0033 0x36b4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:11:35.0041 0x36b4  hcw85cir - ok
10:11:35.0119 0x36b4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:11:35.0131 0x36b4  HdAudAddService - ok
10:11:35.0164 0x36b4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:11:35.0174 0x36b4  HDAudBus - ok
10:11:35.0242 0x36b4  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
10:11:35.0245 0x36b4  HECIx64 - ok
10:11:35.0272 0x36b4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:11:35.0276 0x36b4  HidBatt - ok
10:11:35.0292 0x36b4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:11:35.0297 0x36b4  HidBth - ok
10:11:35.0312 0x36b4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:11:35.0315 0x36b4  HidIr - ok
10:11:35.0338 0x36b4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
10:11:35.0341 0x36b4  hidserv - ok
10:11:35.0383 0x36b4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:11:35.0391 0x36b4  HidUsb - ok
10:11:35.0418 0x36b4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:11:35.0424 0x36b4  hkmsvc - ok
10:11:35.0465 0x36b4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:11:35.0475 0x36b4  HomeGroupListener - ok
10:11:35.0514 0x36b4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:11:35.0526 0x36b4  HomeGroupProvider - ok
10:11:35.0891 0x36b4  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
10:11:35.0896 0x36b4  HP Support Assistant Service - ok
10:11:36.0121 0x36b4  [ C930128C8F8FF03D8F8C42B570920D56, 6D44373F466A580EFB9866FA4FACB4951C522893C2A1877ED0E462460B90E241 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
10:11:36.0125 0x36b4  HP Wireless Assistant Service - ok
10:11:36.0155 0x36b4  [ 3DC11A802353401332D49C3CBFBBE5FC, E812E8A4ED64FEC346BE6B175CE651CFC553A23F31B0ABC5D50E6995A7F130DF ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
10:11:36.0164 0x36b4  HPClientSvc - ok
10:11:36.0341 0x36b4  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
10:11:36.0386 0x36b4  hpqwmiex - ok
10:11:36.0497 0x36b4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:11:36.0502 0x36b4  HpSAMD - ok
10:11:36.0621 0x36b4  [ F630DD7564EBB7248A13B1CC774D9EA6, 53BDFDB7177606DCBB5098A417542F181487227FB73C5C93BE1275752D2C002A ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
10:11:36.0626 0x36b4  HPWMISVC - ok
10:11:36.0792 0x36b4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:11:36.0835 0x36b4  HTTP - ok
10:11:36.0902 0x36b4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:11:36.0911 0x36b4  hwpolicy - ok
10:11:36.0964 0x36b4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:11:36.0969 0x36b4  i8042prt - ok
10:11:37.0023 0x36b4  [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
10:11:37.0037 0x36b4  iaStor - ok
10:11:37.0089 0x36b4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:11:37.0137 0x36b4  iaStorV - ok
10:11:37.0536 0x36b4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:11:37.0675 0x36b4  idsvc - ok
10:11:37.0974 0x36b4  [ 18C40C3F368323B203ACE403CB430DB1, 068B4487EEE698DD4A6A99C4C26D5331566EE2AB263C86ADA0E5D878AA4BDB59 ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\IPSDefs\20120419.001\IDSvia64.sys
10:11:38.0005 0x36b4  IDSVia64 - ok
10:11:38.0061 0x36b4  IEEtwCollectorService - ok
10:11:38.0120 0x36b4  IePluginService - ok
10:11:39.0535 0x36b4  [ 898AB5BFED7040D7AB07AF01885EB944, 72B140D6A62A8AF9439FA7061D8014EE7D1D49EC9EE6524881749A7C85926721 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:11:39.0943 0x36b4  igfx - ok
10:11:40.0016 0x36b4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:11:40.0019 0x36b4  iirsp - ok
10:11:40.0094 0x36b4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:11:40.0135 0x36b4  IKEEXT - ok
10:11:40.0197 0x36b4  [ 4B6363CD4610BB848531BB260B15DFCC, 13A8AA9571497086341AC00797EFF212FF76EE62F9CFF758D3C08B377EC7BF04 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
10:11:40.0202 0x36b4  Impcd - ok
10:11:40.0350 0x36b4  [ D311E2DD59A34079D89C249B2A4D9FDB, F2DB1DBD5619A48545434983DDB5260A610F22B37E1D81720B688FEF95C9AD07 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:11:40.0488 0x36b4  IntcAzAudAddService - ok
10:11:40.0549 0x36b4  [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
10:11:40.0558 0x36b4  IntcDAud - ok
10:11:40.0587 0x36b4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:11:40.0589 0x36b4  intelide - ok
10:11:40.0617 0x36b4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:11:40.0621 0x36b4  intelppm - ok
10:11:40.0643 0x36b4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:11:40.0648 0x36b4  IPBusEnum - ok
10:11:40.0677 0x36b4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:11:40.0681 0x36b4  IpFilterDriver - ok
10:11:40.0843 0x36b4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:11:40.0898 0x36b4  iphlpsvc - ok
10:11:40.0926 0x36b4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:11:40.0930 0x36b4  IPMIDRV - ok
10:11:40.0970 0x36b4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:11:40.0975 0x36b4  IPNAT - ok
10:11:41.0001 0x36b4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:11:41.0004 0x36b4  IRENUM - ok
10:11:41.0015 0x36b4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:11:41.0018 0x36b4  isapnp - ok
10:11:41.0171 0x36b4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:11:41.0197 0x36b4  iScsiPrt - ok
10:11:41.0254 0x36b4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
10:11:41.0264 0x36b4  kbdclass - ok
10:11:41.0314 0x36b4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
10:11:41.0319 0x36b4  kbdhid - ok
10:11:41.0338 0x36b4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
10:11:41.0342 0x36b4  KeyIso - ok
10:11:41.0369 0x36b4  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:11:41.0373 0x36b4  KSecDD - ok
10:11:41.0407 0x36b4  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:11:41.0413 0x36b4  KSecPkg - ok
10:11:41.0454 0x36b4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:11:41.0457 0x36b4  ksthunk - ok
10:11:41.0504 0x36b4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:11:41.0518 0x36b4  KtmRm - ok
10:11:41.0564 0x36b4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
10:11:41.0576 0x36b4  LanmanServer - ok
10:11:41.0620 0x36b4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:11:41.0626 0x36b4  LanmanWorkstation - ok
10:11:41.0657 0x36b4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:11:41.0661 0x36b4  lltdio - ok
10:11:41.0707 0x36b4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:11:41.0721 0x36b4  lltdsvc - ok
10:11:41.0743 0x36b4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:11:41.0749 0x36b4  lmhosts - ok
10:11:41.0920 0x36b4  [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:11:41.0932 0x36b4  LMS - ok
10:11:41.0974 0x36b4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:11:41.0981 0x36b4  LSI_FC - ok
10:11:41.0999 0x36b4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:11:42.0003 0x36b4  LSI_SAS - ok
10:11:42.0019 0x36b4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:11:42.0023 0x36b4  LSI_SAS2 - ok
10:11:42.0035 0x36b4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:11:42.0039 0x36b4  LSI_SCSI - ok
10:11:42.0059 0x36b4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:11:42.0065 0x36b4  luafv - ok
10:11:42.0110 0x36b4  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
10:11:42.0113 0x36b4  MBAMProtector - ok
10:11:42.0369 0x36b4  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:11:42.0435 0x36b4  MBAMScheduler - ok
10:11:42.0507 0x36b4  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:11:42.0541 0x36b4  MBAMService - ok
10:11:42.0624 0x36b4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:11:42.0628 0x36b4  Mcx2Svc - ok
10:11:42.0850 0x36b4  [ 214F41BDFC967A22C7F24CBB1E500680, FB17F1735AD2A7AA4DE10C4D89D0661E9339E146698B7B478C57268A953945C1 ] MediaDevSrv     C:\ProgramData\MediaDev\1398496685\mediadev.exe
10:11:42.0866 0x36b4  MediaDevSrv - ok
10:11:42.0896 0x36b4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:11:42.0900 0x36b4  megasas - ok
10:11:42.0927 0x36b4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:11:42.0938 0x36b4  MegaSR - ok
10:11:43.0020 0x36b4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:11:43.0025 0x36b4  MMCSS - ok
10:11:43.0038 0x36b4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:11:43.0042 0x36b4  Modem - ok
10:11:43.0068 0x36b4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:11:43.0071 0x36b4  monitor - ok
10:11:43.0087 0x36b4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:11:43.0091 0x36b4  mouclass - ok
10:11:43.0112 0x36b4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:11:43.0115 0x36b4  mouhid - ok
10:11:43.0141 0x36b4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:11:43.0146 0x36b4  mountmgr - ok
10:11:43.0206 0x36b4  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:11:43.0212 0x36b4  MozillaMaintenance - ok
10:11:43.0237 0x36b4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:11:43.0244 0x36b4  mpio - ok
10:11:43.0280 0x36b4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:11:43.0284 0x36b4  mpsdrv - ok
10:11:43.0552 0x36b4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:11:43.0602 0x36b4  MpsSvc - ok
10:11:43.0985 0x36b4  [ 9BD4DCB5412921864A7AACDEDFBD1923, 46DEE9B9414D26203B62F0D6CAEBF37A3CEFD118556129547B2C5FC7B6FDBA05 ] MREMP50         C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
10:11:43.0994 0x36b4  MREMP50 - ok
10:11:44.0119 0x36b4  [ C2758DF79C83A0D12A5599A040CA1818, 236641D2AD596CDC53AE8407F7A7AA02719764CCC7E6D5C547F41FE7C1D67BB5 ] MREMP50a64      C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS
10:11:44.0134 0x36b4  MREMP50a64 - ok
10:11:44.0141 0x36b4  MREMPR5 - ok
10:11:44.0148 0x36b4  MRENDIS5 - ok
10:11:44.0262 0x36b4  [ 07C02C892E8E1A72D6BF35004F0E9C5E, 09ECD59AADF08E2AA0C1BAF5D3D7CBB0948153E531E1F82ECACD43F14F88106B ] MRESP50         C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
10:11:44.0267 0x36b4  MRESP50 - ok
10:11:44.0295 0x36b4  [ 38BD5B32E0722752BE8465D2A6DA43D9, EE009F141D77A858C84B4294F4FF51ECA400D48B3AD735FAC99EEF4E3E00E9EE ] MRESP50a64      C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS
10:11:44.0299 0x36b4  MRESP50a64 - ok
10:11:44.0404 0x36b4  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:11:44.0412 0x36b4  MRxDAV - ok
10:11:44.0445 0x36b4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:11:44.0453 0x36b4  mrxsmb - ok
10:11:44.0477 0x36b4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:11:44.0500 0x36b4  mrxsmb10 - ok
10:11:44.0522 0x36b4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:11:44.0532 0x36b4  mrxsmb20 - ok
10:11:44.0573 0x36b4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:11:44.0583 0x36b4  msahci - ok
10:11:44.0643 0x36b4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:11:44.0651 0x36b4  msdsm - ok
10:11:44.0706 0x36b4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:11:44.0718 0x36b4  MSDTC - ok
10:11:44.0764 0x36b4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:11:44.0774 0x36b4  Msfs - ok
10:11:44.0814 0x36b4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:11:44.0817 0x36b4  mshidkmdf - ok
10:11:44.0847 0x36b4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:11:44.0850 0x36b4  msisadrv - ok
10:11:44.0889 0x36b4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:11:44.0901 0x36b4  MSiSCSI - ok
10:11:44.0906 0x36b4  msiserver - ok
10:11:44.0934 0x36b4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:11:44.0936 0x36b4  MSKSSRV - ok
10:11:44.0961 0x36b4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:11:44.0964 0x36b4  MSPCLOCK - ok
10:11:44.0977 0x36b4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:11:44.0979 0x36b4  MSPQM - ok
10:11:45.0021 0x36b4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:11:45.0033 0x36b4  MsRPC - ok
10:11:45.0073 0x36b4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:11:45.0079 0x36b4  mssmbios - ok
10:11:45.0107 0x36b4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:11:45.0113 0x36b4  MSTEE - ok
10:11:45.0135 0x36b4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:11:45.0146 0x36b4  MTConfig - ok
10:11:45.0189 0x36b4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:11:45.0194 0x36b4  Mup - ok
10:11:45.0266 0x36b4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:11:45.0318 0x36b4  napagent - ok
10:11:45.0388 0x36b4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:11:45.0398 0x36b4  NativeWifiP - ok
10:11:45.0480 0x36b4  [ E78A365CC3E0FBFC018A33DCE01909F8, 0A414BDD8F8FB4BA493B8FBE9EB63377D9BB0A6800C55B2E3500913CF0F96AC6 ] NAV             C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe
10:11:45.0485 0x36b4  NAV - ok
10:11:45.0567 0x36b4  [ 2DBE90210DE76BE6E1653BB20EC70EC2, E5AB955082084EB2261C801E74C1EEBEC26472DB3EE803C65C5ADF5A92527F07 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20120419.019\ENG64.SYS
10:11:45.0573 0x36b4  NAVENG - ok
10:11:45.0690 0x36b4  [ 346DA70E203B8E2C850277713DE8F71B, 3F9359A3E2CC9B6158A9549E6786C6622BDA6E8851EDE0EF73F9AC8145F86D35 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20120419.019\EX64.SYS
10:11:45.0843 0x36b4  NAVEX15 - ok
10:11:46.0395 0x36b4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:11:46.0477 0x36b4  NDIS - ok
10:11:46.0525 0x36b4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:11:46.0527 0x36b4  NdisCap - ok
10:11:46.0548 0x36b4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:11:46.0551 0x36b4  NdisTapi - ok
10:11:46.0593 0x36b4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:11:46.0596 0x36b4  Ndisuio - ok
10:11:46.0635 0x36b4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:11:46.0643 0x36b4  NdisWan - ok
10:11:46.0685 0x36b4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:11:46.0694 0x36b4  NDProxy - ok
10:11:46.0733 0x36b4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:11:46.0738 0x36b4  NetBIOS - ok
10:11:46.0777 0x36b4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:11:46.0787 0x36b4  NetBT - ok
10:11:46.0865 0x36b4  [ A67C9313FF34D6AD345DC871D0095D88, 0834A0CB3A7A4E953013D0421F4818804EEDF644A1CE818B2546B33CEEA99F19 ] nethfdrv        C:\Windows\system32\drivers\nethfdrv.sys
10:11:46.0869 0x36b4  nethfdrv - ok
10:11:47.0889 0x36b4  [ E21F14CFD4668FFDAC95E750A0230AE0, 3B232DB25A3FA6C80384B52AD6E210268BB4346FA35263E92DE01BFB2644FD34 ] NetHttpService  C:\Windows\SysWOW64\nethtsrv.exe
10:11:47.0898 0x36b4  NetHttpService - ok
10:11:47.0920 0x36b4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
10:11:47.0924 0x36b4  Netlogon - ok
10:11:47.0973 0x36b4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:11:47.0989 0x36b4  Netman - ok
10:11:48.0400 0x36b4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:11:48.0474 0x36b4  NetMsmqActivator - ok
10:11:48.0496 0x36b4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:11:48.0499 0x36b4  NetPipeActivator - ok
10:11:48.0611 0x36b4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:11:48.0635 0x36b4  netprofm - ok
10:11:48.0718 0x36b4  [ 24CF1304D899124336F67F88F3C15E21, B48FF3D4793A39BBC570F6E4840FD3CF5341C988DA9256EA292CA1E6B280163E ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
10:11:48.0797 0x36b4  netr28x - ok
10:11:48.0829 0x36b4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:11:48.0834 0x36b4  NetTcpActivator - ok
10:11:48.0859 0x36b4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:11:48.0863 0x36b4  NetTcpPortSharing - ok
10:11:49.0451 0x36b4  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
10:11:49.0718 0x36b4  netw5v64 - ok
10:11:49.0841 0x36b4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:11:49.0844 0x36b4  nfrd960 - ok
10:11:49.0898 0x36b4  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:11:49.0911 0x36b4  NlaSvc - ok
10:11:50.0366 0x36b4  [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
10:11:50.0551 0x36b4  NOBU - ok
10:11:50.0620 0x36b4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:11:50.0623 0x36b4  Npfs - ok
10:11:50.0652 0x36b4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:11:50.0662 0x36b4  nsi - ok
10:11:50.0682 0x36b4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:11:50.0684 0x36b4  nsiproxy - ok
10:11:50.0804 0x36b4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:11:50.0905 0x36b4  Ntfs - ok
10:11:50.0949 0x36b4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:11:50.0952 0x36b4  Null - ok
10:11:50.0989 0x36b4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:11:50.0996 0x36b4  nvraid - ok
10:11:51.0016 0x36b4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:11:51.0023 0x36b4  nvstor - ok
10:11:51.0044 0x36b4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:11:51.0048 0x36b4  nv_agp - ok
10:11:51.0077 0x36b4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:11:51.0081 0x36b4  ohci1394 - ok
10:11:51.0137 0x36b4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:11:51.0143 0x36b4  ose - ok
10:11:51.0775 0x36b4  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:11:52.0113 0x36b4  osppsvc - ok
10:11:52.0156 0x36b4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:11:52.0181 0x36b4  p2pimsvc - ok
10:11:52.0277 0x36b4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:11:52.0301 0x36b4  p2psvc - ok
10:11:52.0365 0x36b4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:11:52.0370 0x36b4  Parport - ok
10:11:52.0399 0x36b4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:11:52.0403 0x36b4  partmgr - ok
10:11:52.0430 0x36b4  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:11:52.0438 0x36b4  PcaSvc - ok
10:11:52.0491 0x36b4  [ 6D2C447FF3E16F04B3E517426F7840C8, 0138B53B331F921F7FAE3272DB4C6A27CAC16EDD9DF59991BD06BAF4745A7148 ] pcCMService64   C:\Program Files\Common Files\Motive\pcCMService.exe
10:11:52.0509 0x36b4  pcCMService64 - ok
10:11:52.0551 0x36b4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:11:52.0559 0x36b4  pci - ok
10:11:52.0600 0x36b4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:11:52.0602 0x36b4  pciide - ok
10:11:52.0652 0x36b4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:11:52.0659 0x36b4  pcmcia - ok
10:11:52.0682 0x36b4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:11:52.0686 0x36b4  pcw - ok
10:11:52.0769 0x36b4  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:11:52.0823 0x36b4  PEAUTH - ok
10:11:52.0892 0x36b4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:11:52.0895 0x36b4  PerfHost - ok
10:11:53.0113 0x36b4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:11:53.0178 0x36b4  pla - ok
10:11:53.0269 0x36b4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:11:53.0317 0x36b4  PlugPlay - ok
10:11:53.0357 0x36b4  [ A010F13D27C1033A8BE09D5FA9BF348B, 5536A233554C469F270046ADEE12A158F70E2D8BE776BAD0925235B015567D46 ] pneteth         C:\Windows\system32\DRIVERS\pneteth.sys
10:11:53.0364 0x36b4  pneteth - ok
10:11:53.0420 0x36b4  [ 06841F5CD8410B6BDC0B5A631B8F8787, 95CA940AAE0C713C7161899D7DD7109FC985B60A1B3817C4243ED9870DA5FDE0 ] pnetmdm         C:\Windows\system32\DRIVERS\pnetmdm64.sys
10:11:53.0422 0x36b4  pnetmdm - ok
10:11:53.0444 0x36b4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:11:53.0449 0x36b4  PNRPAutoReg - ok
10:11:53.0479 0x36b4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:11:53.0490 0x36b4  PNRPsvc - ok
10:11:53.0545 0x36b4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:11:53.0575 0x36b4  PolicyAgent - ok
10:11:53.0607 0x36b4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:11:53.0617 0x36b4  Power - ok
10:11:53.0766 0x36b4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:11:53.0778 0x36b4  PptpMiniport - ok
10:11:53.0875 0x36b4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:11:53.0880 0x36b4  Processor - ok
10:11:53.0934 0x36b4  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:11:53.0942 0x36b4  ProfSvc - ok
10:11:53.0961 0x36b4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:11:53.0964 0x36b4  ProtectedStorage - ok
10:11:54.0017 0x36b4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:11:54.0023 0x36b4  Psched - ok
10:11:54.0290 0x36b4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:11:54.0394 0x36b4  ql2300 - ok
10:11:54.0464 0x36b4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:11:54.0470 0x36b4  ql40xx - ok
10:11:54.0535 0x36b4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:11:54.0558 0x36b4  QWAVE - ok
10:11:54.0729 0x36b4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:11:54.0753 0x36b4  QWAVEdrv - ok
10:11:54.0829 0x36b4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:11:54.0838 0x36b4  RasAcd - ok
10:11:54.0873 0x36b4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:11:54.0877 0x36b4  RasAgileVpn - ok
10:11:55.0296 0x36b4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:11:55.0301 0x36b4  RasAuto - ok
10:11:55.0383 0x36b4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:11:55.0389 0x36b4  Rasl2tp - ok
10:11:55.0945 0x36b4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:11:55.0975 0x36b4  RasMan - ok
10:11:56.0019 0x36b4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:11:56.0024 0x36b4  RasPppoe - ok
10:11:56.0093 0x36b4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:11:56.0115 0x36b4  RasSstp - ok
10:11:56.0484 0x36b4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:11:56.0496 0x36b4  rdbss - ok
10:11:56.0741 0x36b4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:11:56.0798 0x36b4  rdpbus - ok
10:11:56.0826 0x36b4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:11:56.0828 0x36b4  RDPCDD - ok
10:11:57.0305 0x36b4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:11:57.0311 0x36b4  RDPENCDD - ok
10:11:57.0361 0x36b4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:11:57.0366 0x36b4  RDPREFMP - ok
10:11:57.0492 0x36b4  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:11:57.0501 0x36b4  RDPWD - ok
10:11:58.0381 0x36b4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:11:58.0412 0x36b4  rdyboost - ok
10:11:58.0663 0x36b4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:11:58.0671 0x36b4  RemoteAccess - ok
10:11:58.0775 0x36b4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:11:58.0783 0x36b4  RemoteRegistry - ok
10:11:58.0957 0x36b4  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
10:11:58.0983 0x36b4  ROOTMODEM - ok
10:12:00.0093 0x36b4  [ C1568E17039B2EC2B73A4F880DDD51E5, B193BA01D3EA9EF8052F2053CB70DC528232F21FECBE78C83E8048A7F90E8951 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
10:12:00.0108 0x36b4  RoxioNow Service - ok
10:12:00.0170 0x36b4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:12:00.0175 0x36b4  RpcEptMapper - ok
10:12:00.0620 0x36b4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:12:00.0624 0x36b4  RpcLocator - ok
10:12:00.0805 0x36b4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:12:00.0822 0x36b4  RpcSs - ok
10:12:00.0888 0x36b4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:12:00.0892 0x36b4  rspndr - ok
10:12:00.0964 0x36b4  [ 22D6B47D004A6568C500680BE2972854, 6FDDF4C0CE6211A49D0BE6529253754319D094AF3E306F87C3EE8986FB188671 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
10:12:00.0973 0x36b4  RSUSBSTOR - ok
10:12:01.0007 0x36b4  [ 4FBDA07EF0A3097CE14C5CABF723B278, 6F1E21362F0057E9C6A180D9189AEB51761F4C019A6835E50E4AD19ED1F58FE6 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:12:01.0028 0x36b4  RTL8167 - ok
10:12:01.0083 0x36b4  [ 4EA7E5DF0CB237156176FA0349E6E87F, 542C5291369009FD9B52B5939E3B55E4CC37056E03815986CA1C1EFCFB52F5D6 ] RtVOsdService   C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
10:12:01.0093 0x36b4  RtVOsdService - ok
10:12:01.0115 0x36b4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
10:12:01.0117 0x36b4  SamSs - ok
10:12:01.0204 0x36b4  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
10:12:01.0206 0x36b4  SASDIFSV - ok
10:12:01.0256 0x36b4  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
10:12:01.0259 0x36b4  SASKUTIL - ok
10:12:01.0294 0x36b4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:12:01.0298 0x36b4  sbp2port - ok
10:12:01.0323 0x36b4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:12:01.0331 0x36b4  SCardSvr - ok
10:12:01.0358 0x36b4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:12:01.0362 0x36b4  scfilter - ok
10:12:01.0468 0x36b4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:12:01.0530 0x36b4  Schedule - ok
10:12:01.0587 0x36b4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:12:01.0589 0x36b4  SCPolicySvc - ok
10:12:01.0662 0x36b4  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
10:12:01.0668 0x36b4  sdbus - ok
10:12:01.0683 0x36b4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:12:01.0691 0x36b4  SDRSVC - ok
10:12:01.0716 0x36b4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:12:01.0724 0x36b4  secdrv - ok
10:12:01.0825 0x36b4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:12:01.0832 0x36b4  seclogon - ok
10:12:01.0857 0x36b4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
10:12:01.0868 0x36b4  SENS - ok
10:12:01.0941 0x36b4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:12:01.0945 0x36b4  SensrSvc - ok
10:12:01.0977 0x36b4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:12:01.0980 0x36b4  Serenum - ok
10:12:01.0997 0x36b4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:12:02.0003 0x36b4  Serial - ok
10:12:02.0042 0x36b4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
10:12:02.0045 0x36b4  sermouse - ok
10:12:02.0133 0x36b4  [ B2DC01AEE6913294F927AB04902A2E73, 80D90BB8525848978A0A174409C65F51B331513AB9451D4962082BFBA2B20198 ] ServiceUpdater  C:\Windows\SysWOW64\netupdsrv.exe
10:12:02.0139 0x36b4  ServiceUpdater - ok
10:12:02.0192 0x36b4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:12:02.0198 0x36b4  SessionEnv - ok
10:12:02.0223 0x36b4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:12:02.0228 0x36b4  sffdisk - ok
10:12:02.0251 0x36b4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:12:02.0258 0x36b4  sffp_mmc - ok
10:12:02.0311 0x36b4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:12:02.0313 0x36b4  sffp_sd - ok
10:12:02.0336 0x36b4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:12:02.0338 0x36b4  sfloppy - ok
10:12:02.0410 0x36b4  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
10:12:02.0447 0x36b4  Sftfs - ok
10:12:02.0547 0x36b4  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:12:02.0562 0x36b4  sftlist - ok
10:12:02.0637 0x36b4  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:12:02.0679 0x36b4  Sftplay - ok
10:12:02.0732 0x36b4  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:12:02.0735 0x36b4  Sftredir - ok
10:12:02.0752 0x36b4  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
10:12:02.0756 0x36b4  Sftvol - ok
10:12:02.0809 0x36b4  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:12:02.0818 0x36b4  sftvsa - ok
10:12:02.0869 0x36b4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:12:02.0892 0x36b4  SharedAccess - ok
10:12:02.0936 0x36b4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:12:02.0976 0x36b4  ShellHWDetection - ok
10:12:03.0011 0x36b4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:12:03.0014 0x36b4  SiSRaid2 - ok
10:12:03.0036 0x36b4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
10:12:03.0042 0x36b4  SiSRaid4 - ok
10:12:03.0177 0x36b4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:12:03.0187 0x36b4  Smb - ok
10:12:03.0236 0x36b4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:12:03.0239 0x36b4  SNMPTRAP - ok
10:12:03.0256 0x36b4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:12:03.0260 0x36b4  spldr - ok
10:12:03.0361 0x36b4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
10:12:03.0403 0x36b4  Spooler - ok
10:12:04.0231 0x36b4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:12:04.0469 0x36b4  sppsvc - ok
10:12:04.0606 0x36b4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:12:04.0612 0x36b4  sppuinotify - ok
10:12:05.0054 0x36b4  [ 90EF30C3867BCDE4579C01A6D6E75A7A, 60A02EA23164561E09E783F5AED6016B5E2997667141EB4C7AD0ED64A66C4ADC ] SRTSP           C:\Windows\System32\Drivers\NAVx64\1207010.003\SRTSP64.SYS
10:12:05.0165 0x36b4  SRTSP - ok
10:12:05.0222 0x36b4  [ C513E8A5E7978DA49077F5484344EE1B, EC173DB62B7BADEA5CCB7C13CB46067427A514EA431DFCD124D0833D9E13E094 ] SRTSPX          C:\Windows\system32\drivers\NAVx64\1207010.003\SRTSPX64.SYS
10:12:05.0224 0x36b4  SRTSPX - ok
10:12:05.0266 0x36b4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:12:05.0311 0x36b4  srv - ok
10:12:05.0347 0x36b4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:12:05.0363 0x36b4  srv2 - ok
10:12:05.0398 0x36b4  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
10:12:05.0408 0x36b4  SrvHsfHDA - ok
10:12:05.0562 0x36b4  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
10:12:05.0631 0x36b4  SrvHsfV92 - ok
10:12:06.0153 0x36b4  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
10:12:06.0234 0x36b4  SrvHsfWinac - ok
10:12:06.0281 0x36b4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:12:06.0286 0x36b4  srvnet - ok
10:12:06.0386 0x36b4  [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
10:12:06.0394 0x36b4  ssadbus - ok
10:12:06.0438 0x36b4  [ 58221EFCB74167B73667F0024C661CE0, D9B67A8897B4DC3E4729187F17ABEB4710CF57440D718E17ED828439198D34DB ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
10:12:06.0440 0x36b4  ssadmdfl - ok
10:12:06.0473 0x36b4  [ 4DA7C71BFAC5AD71255B7E4CAB980163, 4CC0F9C8E96ECEF36EEB021E448A9734B63512D030516DC38B1A2EEAA1043AEC ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
10:12:06.0480 0x36b4  ssadmdm - ok
10:12:06.0515 0x36b4  [ D33D1BD3EC0E766211A234F56A12726D, 53EEAA94865554F8422D111D717B548DF553B5B8647D2A45F3718BF4AEEBEC27 ] ssadserd        C:\Windows\system32\DRIVERS\ssadserd.sys
10:12:06.0521 0x36b4  ssadserd - ok
10:12:06.0557 0x36b4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:12:06.0566 0x36b4  SSDPSRV - ok
10:12:06.0584 0x36b4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:12:06.0589 0x36b4  SstpSvc - ok
10:12:06.0610 0x36b4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
10:12:06.0614 0x36b4  stexstor - ok
10:12:06.0681 0x36b4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:12:06.0713 0x36b4  stisvc - ok
10:12:06.0776 0x36b4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:12:06.0779 0x36b4  swenum - ok
10:12:06.0861 0x36b4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:12:06.0893 0x36b4  swprv - ok
10:12:06.0955 0x36b4  [ 6160145C7A87FC7672E8E3B886888176, 16B79AD77C53D5CA3125BE45120BD62097975FEF144DBC681FF3C5D76CF3D7D8 ] SymDS           C:\Windows\system32\drivers\NAVx64\1207010.003\SYMDS64.SYS
10:12:06.0980 0x36b4  SymDS - ok
10:12:07.0054 0x36b4  [ 96AEED40D4D3521568B42027687E69E0, 0BF6E20349EBE7AA9F98D3DEB5C86C77C74CA2FEA5F15FF9A278556C09BFC639 ] SymEFA          C:\Windows\system32\drivers\NAVx64\1207010.003\SYMEFA64.SYS
10:12:07.0123 0x36b4  SymEFA - ok
10:12:07.0170 0x36b4  [ 21A1C2D694C3CF962D31F5E873AB3D6F, 4EB997BFF485A708BAD11C0CC53F750B40F968E69B532B5631840D105EC4344C ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:12:07.0177 0x36b4  SymEvent - ok
10:12:07.0231 0x36b4  [ BD0D711D8CBFCAA19CA123306EAF53A5, 89E76A0BA4C3EF43FE8BF7AD075E4311CF08CEA460B2352C06497BBEC7198849 ] SymIRON         C:\Windows\system32\drivers\NAVx64\1207010.003\Ironx64.SYS
10:12:07.0237 0x36b4  SymIRON - ok
10:12:07.0348 0x36b4  [ A6ADB3D83023F8DAA0F7B6FDA785D83B, 036A355654D2779FF930F863760D9877298D11CFA7DDCFEEFBF44D9466E28598 ] SymNetS         C:\Windows\System32\Drivers\NAVx64\1207010.003\SYMNETS.SYS
10:12:07.0402 0x36b4  SymNetS - ok
10:12:07.0553 0x36b4  [ 961CFAC2A5318E212F459D651F28E0A4, 4FA1C9E3BD527E3B5AE9268955C48FDE8E75F33C333DC0AE768DAFE1F49D0B1B ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
10:12:07.0640 0x36b4  SynTP - ok
10:12:08.0070 0x36b4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:12:08.0158 0x36b4  SysMain - ok
10:12:08.0186 0x36b4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:12:08.0195 0x36b4  TabletInputService - ok
10:12:08.0258 0x36b4  [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
10:12:08.0268 0x36b4  tap0901 - ok
10:12:08.0325 0x36b4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:12:08.0336 0x36b4  TapiSrv - ok
10:12:08.0355 0x36b4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:12:08.0360 0x36b4  TBS - ok
10:12:08.0775 0x36b4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:12:08.0932 0x36b4  Tcpip - ok
10:12:09.0183 0x36b4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:12:09.0292 0x36b4  TCPIP6 - ok
10:12:09.0345 0x36b4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:12:09.0350 0x36b4  tcpipreg - ok
10:12:09.0398 0x36b4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:12:09.0401 0x36b4  TDPIPE - ok
10:12:09.0431 0x36b4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:12:09.0440 0x36b4  TDTCP - ok
10:12:09.0499 0x36b4  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:12:09.0506 0x36b4  tdx - ok
10:12:09.0704 0x36b4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:12:09.0708 0x36b4  TermDD - ok
10:12:09.0970 0x36b4  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
10:12:10.0014 0x36b4  TermService - ok
10:12:10.0045 0x36b4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:12:10.0048 0x36b4  Themes - ok
10:12:10.0072 0x36b4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:12:10.0076 0x36b4  THREADORDER - ok
10:12:10.0089 0x36b4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:12:10.0095 0x36b4  TrkWks - ok
10:12:10.0228 0x36b4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:12:10.0238 0x36b4  TrustedInstaller - ok
10:12:10.0308 0x36b4  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:12:10.0317 0x36b4  tssecsrv - ok
10:12:10.0394 0x36b4  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:12:10.0398 0x36b4  TsUsbFlt - ok
10:12:10.0439 0x36b4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:12:10.0448 0x36b4  tunnel - ok
10:12:10.0476 0x36b4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
10:12:10.0480 0x36b4  uagp35 - ok
10:12:10.0512 0x36b4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:12:10.0535 0x36b4  udfs - ok
10:12:10.0569 0x36b4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:12:10.0573 0x36b4  UI0Detect - ok
10:12:10.0616 0x36b4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:12:10.0619 0x36b4  uliagpkx - ok
10:12:10.0653 0x36b4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
10:12:10.0662 0x36b4  umbus - ok
10:12:10.0695 0x36b4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:12:10.0697 0x36b4  UmPass - ok
10:12:11.0099 0x36b4  [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:12:11.0230 0x36b4  UNS - ok
10:12:11.0424 0x36b4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:12:11.0467 0x36b4  upnphost - ok
10:12:11.0505 0x36b4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:12:11.0510 0x36b4  usbccgp - ok
10:12:11.0599 0x36b4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:12:11.0603 0x36b4  usbcir - ok
10:12:11.0733 0x36b4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
10:12:11.0738 0x36b4  usbehci - ok
10:12:11.0913 0x36b4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:12:11.0955 0x36b4  usbhub - ok
10:12:11.0994 0x36b4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:12:11.0998 0x36b4  usbohci - ok
10:12:12.0047 0x36b4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:12:12.0050 0x36b4  usbprint - ok
10:12:12.0100 0x36b4  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
10:12:12.0103 0x36b4  usbscan - ok
10:12:12.0136 0x36b4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:12:12.0141 0x36b4  USBSTOR - ok
10:12:12.0175 0x36b4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:12:12.0185 0x36b4  usbuhci - ok
10:12:12.0247 0x36b4  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
10:12:12.0255 0x36b4  usbvideo - ok
10:12:12.0281 0x36b4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:12:12.0286 0x36b4  UxSms - ok
10:12:12.0330 0x36b4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
10:12:12.0331 0x36b4  VaultSvc - ok
10:12:12.0377 0x36b4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:12:12.0380 0x36b4  vdrvroot - ok
10:12:12.0679 0x36b4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:12:12.0751 0x36b4  vds - ok
10:12:12.0781 0x36b4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:12:12.0784 0x36b4  vga - ok
10:12:12.0801 0x36b4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:12:12.0805 0x36b4  VgaSave - ok
10:12:12.0844 0x36b4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:12:12.0853 0x36b4  vhdmp - ok
10:12:12.0882 0x36b4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:12:12.0885 0x36b4  viaide - ok
10:12:12.0899 0x36b4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:12:12.0903 0x36b4  volmgr - ok
10:12:13.0039 0x36b4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:12:13.0057 0x36b4  volmgrx - ok
10:12:13.0117 0x36b4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:12:13.0128 0x36b4  volsnap - ok
10:12:13.0162 0x36b4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
10:12:13.0170 0x36b4  vsmraid - ok
10:12:13.0285 0x36b4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:12:13.0366 0x36b4  VSS - ok
10:12:13.0520 0x36b4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:12:13.0531 0x36b4  vwifibus - ok
10:12:13.0676 0x36b4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:12:13.0679 0x36b4  vwififlt - ok
10:12:13.0939 0x36b4  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
10:12:13.0991 0x36b4  vwifimp - ok
10:12:14.0135 0x36b4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:12:14.0170 0x36b4  W32Time - ok
10:12:14.0203 0x36b4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
10:12:14.0206 0x36b4  WacomPen - ok
10:12:14.0258 0x36b4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:12:14.0264 0x36b4  WANARP - ok
10:12:14.0271 0x36b4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:12:14.0274 0x36b4  Wanarpv6 - ok
10:12:14.0590 0x36b4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
10:12:14.0663 0x36b4  WatAdminSvc - ok
10:12:14.0850 0x36b4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:12:14.0932 0x36b4  wbengine - ok
10:12:14.0996 0x36b4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:12:15.0008 0x36b4  WbioSrvc - ok
10:12:15.0142 0x36b4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:12:15.0174 0x36b4  wcncsvc - ok
10:12:15.0220 0x36b4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:12:15.0225 0x36b4  WcsPlugInService - ok
10:12:15.0313 0x36b4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
10:12:15.0316 0x36b4  Wd - ok
10:12:15.0399 0x36b4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:12:15.0465 0x36b4  Wdf01000 - ok
10:12:15.0508 0x36b4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:12:15.0520 0x36b4  WdiServiceHost - ok
10:12:15.0534 0x36b4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:12:15.0540 0x36b4  WdiSystemHost - ok
10:12:15.0585 0x36b4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
10:12:15.0605 0x36b4  WebClient - ok
10:12:15.0711 0x36b4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:12:15.0779 0x36b4  Wecsvc - ok
10:12:15.0803 0x36b4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:12:15.0813 0x36b4  wercplsupport - ok
10:12:15.0849 0x36b4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:12:15.0853 0x36b4  WerSvc - ok
10:12:15.0867 0x36b4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:12:15.0870 0x36b4  WfpLwf - ok
10:12:15.0894 0x36b4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:12:15.0897 0x36b4  WIMMount - ok
10:12:15.0933 0x36b4  WinDefend - ok
10:12:16.0183 0x36b4  [ 6D6ED9E42BA1DEF1EAB2B776EE83A67C, 2026F7036E22D7BD6C90F18221F9E7C92F316AAF5BB4055FBB2CAF912FCA84FA ] WinDevSvc       C:\Users\Peggy\AppData\Roaming\UpdateServ\UpdaterService.exe
10:12:16.0195 0x36b4  WinDevSvc - ok
10:12:16.0229 0x36b4  WinHttpAutoProxySvc - ok
10:12:16.0334 0x36b4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:12:16.0344 0x36b4  Winmgmt - ok
10:12:16.0613 0x36b4  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:12:16.0719 0x36b4  WinRM - ok
10:12:16.0790 0x36b4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:12:16.0795 0x36b4  WinUsb - ok
10:12:16.0868 0x36b4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:12:16.0916 0x36b4  Wlansvc - ok
10:12:16.0933 0x36b4  Have new async UDS detects: 2
10:12:16.0933 0x36b4  nethfdrv - detected UDS:DangerousObject.Multi.Generic ( 0 )
10:12:17.0057 0x36b4  nethfdrv ( UDS:DangerousObject.Multi.Generic ) - infected
10:12:17.0057 0x36b4  Force sending object to P2P due to detect: nethfdrv
10:12:22.0632 0x36b4  Object send P2P result: true
10:12:26.0525 0x36b4  NetHttpService - detected UDS:DangerousObject.Multi.Generic ( 0 )
10:12:26.0525 0x36b4  NetHttpService ( UDS:DangerousObject.Multi.Generic ) - infected
10:12:26.0525 0x36b4  Force sending object to P2P due to detect: NetHttpService
10:12:33.0344 0x36b4  Object send P2P result: true
10:12:39.0465 0x36b4  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:12:39.0580 0x36b4  wlidsvc - ok
10:12:39.0735 0x36b4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:12:39.0746 0x36b4  WmiAcpi - ok
10:12:39.0789 0x36b4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:12:39.0797 0x36b4  wmiApSrv - ok
10:12:39.0848 0x36b4  WMPNetworkSvc - ok
10:12:39.0873 0x36b4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:12:39.0880 0x36b4  WPCSvc - ok
10:12:39.0950 0x36b4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:12:39.0958 0x36b4  WPDBusEnum - ok
10:12:40.0001 0x36b4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:12:40.0003 0x36b4  ws2ifsl - ok
10:12:40.0136 0x36b4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
10:12:40.0142 0x36b4  wscsvc - ok
10:12:40.0147 0x36b4  WSearch - ok
10:12:40.0574 0x36b4  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:12:40.0688 0x36b4  wuauserv - ok
10:12:40.0778 0x36b4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:12:40.0783 0x36b4  WudfPf - ok
10:12:40.0808 0x36b4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:12:40.0817 0x36b4  WUDFRd - ok
10:12:40.0854 0x36b4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:12:40.0861 0x36b4  wudfsvc - ok
10:12:40.0954 0x36b4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:12:40.0965 0x36b4  WwanSvc - ok
10:12:41.0089 0x36b4  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
10:12:41.0110 0x36b4  yukonw7 - ok
10:12:41.0137 0x36b4  ================ Scan global ===============================
10:12:41.0190 0x36b4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:12:41.0432 0x36b4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:12:41.0449 0x36b4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:12:41.0538 0x36b4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:12:42.0266 0x36b4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:12:42.0295 0x36b4  [ Global ] - ok
10:12:42.0295 0x36b4  ================ Scan MBR ==================================
10:12:42.0378 0x36b4  [ 11F1D966A89457DB14CCEEE338B7B92B ] \Device\Harddisk0\DR0
10:12:46.0641 0x36b4  \Device\Harddisk0\DR0 - ok
10:12:46.0641 0x36b4  ================ Scan VBR ==================================
10:12:46.0760 0x36b4  [ 47E942E9F524468B68CA6E36D5224814 ] \Device\Harddisk0\DR0\Partition1
10:12:46.0770 0x36b4  \Device\Harddisk0\DR0\Partition1 - ok
10:12:46.0927 0x36b4  [ EB700DFC7BFACE117DD991097CD21635 ] \Device\Harddisk0\DR0\Partition2
10:12:46.0934 0x36b4  \Device\Harddisk0\DR0\Partition2 - ok
10:12:47.0368 0x36b4  [ 5CEF4E213A0344372C3C83BF5E37BD67 ] \Device\Harddisk0\DR0\Partition3
10:12:47.0374 0x36b4  \Device\Harddisk0\DR0\Partition3 - ok
10:12:47.0423 0x36b4  [ 7D1F437D2123E0AA7C3F027A78F3B1BA ] \Device\Harddisk0\DR0\Partition4
10:12:47.0426 0x36b4  \Device\Harddisk0\DR0\Partition4 - ok
10:12:47.0427 0x36b4  ================ Scan generic autorun ======================
10:12:47.0427 0x36b4  SynTPEnh - ok
10:12:47.0551 0x36b4  [ A0ABBAD8CE99CBF8467D697073B38E87, C71F58580D93F0B78BDA735DA6201A6F1BDA36CC9F72D15B4E6DD62D6C3A43D0 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
10:12:47.0562 0x36b4  HPWirelessAssistant - ok
10:12:47.0563 0x36b4  IgfxTray - ok
10:12:48.0271 0x36b4  [ A9E978F3CFD796B7A7EB989CE4728371, 9F150A9689B36354BD27F516EF2F6B29C4A473296F9A8035901F37A6EF008FA0 ] C:\Windows\system32\hkcmd.exe
10:12:48.0291 0x36b4  HotKeysCmds - ok
10:12:48.0589 0x36b4  [ AEF4B45370DBCF56C29A92F612DDB2E7, DFDEB8FC5136A97DB1A0E459B096D0C554812786FAB40DB9E2E59E5CCFEE3E7C ] C:\Windows\system32\igfxpers.exe
10:12:48.0650 0x36b4  Persistence - ok
10:12:49.0691 0x36b4  [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
10:12:49.0773 0x36b4  NCPluginUpdater - ok
10:12:49.0774 0x36b4  Waiting for KSN requests completion. In queue: 17
10:12:50.0774 0x36b4  Waiting for KSN requests completion. In queue: 17
10:12:51.0774 0x36b4  Waiting for KSN requests completion. In queue: 4
10:12:52.0774 0x36b4  Waiting for KSN requests completion. In queue: 4
10:12:54.0061 0x36b4  AV detected via SS2: Norton AntiVirus, C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\WSCStub.exe ( 18.7.0.0 ), 0x50010 ( disabled : outofdate )
10:12:54.0169 0x36b4  Win FW state via NFP2: enabled
10:12:57.0829 0x36b4  ============================================================
10:12:57.0829 0x36b4  Scan finished
10:12:57.0829 0x36b4  ============================================================
10:12:57.0850 0x1324  Detected object count: 2
10:12:57.0850 0x1324  Actual detected object count: 2
10:14:22.0108 0x1324  C:\Windows\system32\drivers\nethfdrv.sys - copied to quarantine
10:14:22.0120 0x1324  HKLM\SYSTEM\ControlSet001\services\nethfdrv - will be deleted on reboot
10:14:22.0247 0x1324  HKLM\SYSTEM\ControlSet002\services\nethfdrv - will be deleted on reboot
10:14:22.0878 0x1324  C:\Windows\system32\drivers\nethfdrv.sys - will be deleted on reboot
10:14:22.0878 0x1324  nethfdrv ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete
10:14:23.0072 0x1324  C:\Windows\SysWOW64\nethtsrv.exe - copied to quarantine
10:14:23.0072 0x1324  HKLM\SYSTEM\ControlSet001\services\NetHttpService - will be deleted on reboot
10:14:23.0073 0x1324  HKLM\SYSTEM\ControlSet002\services\NetHttpService - will be deleted on reboot
10:14:23.0083 0x1324  C:\Windows\SysWOW64\nethtsrv.exe - will be deleted on reboot
10:14:23.0083 0x1324  NetHttpService ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete
10:14:23.0497 0x1324  KLMD registered as C:\Windows\system32\drivers\86443515.sys
10:15:08.0672 0x3758  Deinitialize success

 

I had to send results in two post because I received the message that it was to long. 
 

 



#4 psiegel

psiegel
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:29 AM

Posted 09 October 2014 - 06:48 PM

Second half of first reply with the rest of the reports:

Report from ADW Cleaner

 

# AdwCleaner v3.311 - Report created 09/10/2014 at 10:33:46
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Peggy - LILY
# Running from : C:\Users\Peggy\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : IePluginService
Service Deleted : ServiceUpdater

***** [ Files / Folders ] *****

Folder Deleted : C:\IePluginService
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\CostMin
Folder Deleted : C:\ProgramData\IePluginService
Folder Deleted : C:\ProgramData\UpdateCommon
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\CostMin
Folder Deleted : C:\Program Files (x86)\internethelper3.1
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Peggy\AppData\Local\torch
Folder Deleted : C:\Users\Peggy\AppData\Local\Temp\AirInstaller
Folder Deleted : C:\Users\Peggy\AppData\Local\Temp\webget
Folder Deleted : C:\Users\Peggy\AppData\Local\Temp\WiseEnhance
Folder Deleted : C:\Users\Peggy\AppData\Local\Temp\CT3289663
Folder Deleted : C:\Users\Peggy\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Peggy\AppData\LocalLow\internethelper3.1
Folder Deleted : C:\Users\Peggy\AppData\Roaming\serv
Folder Deleted : C:\Users\Peggy\AppData\Roaming\SupTab
Folder Deleted : C:\Users\Peggy\AppData\Roaming\UpdaterEX
Folder Deleted : C:\Users\Peggy\AppData\Roaming\v9
Folder Deleted : C:\Users\Peggy\Documents\Optimizer Pro
Folder Deleted : C:\Users\Peggy\Documents\PC Health Kit
Folder Deleted : C:\Users\Peggy\AppData\Roaming\Mozilla\Firefox\Profiles\aixoh1tv.default\CT3289663
Folder Deleted : C:\Users\Peggy\AppData\Roaming\Mozilla\Firefox\Profiles\aixoh1tv.default\Extensions\quick_start@gmail.com
Folder Deleted : C:\Users\Peggy\AppData\Roaming\Mozilla\Firefox\Profiles\aixoh1tv.default\Extensions\m.mqo@rskoziig.net
Folder Deleted : C:\Users\Peggy\AppData\Roaming\Mozilla\Firefox\Profiles\aixoh1tv.default\Extensions\tg-ye@uylfvkbwuqp.org
Folder Deleted : C:\Users\Peggy\AppData\Roaming\Mozilla\Firefox\Profiles\aixoh1tv.default\Extensions\{07cbf788-1359-421b-a4e3-5a8d041b90a3}
Folder Deleted : C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dngmdijkhofmnefihbnhnpnkcgfpjflg
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dngmdijkhofmnefihbnhnpnkcgfpjflg
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dngmdijkhofmnefihbnhnpnkcgfpjflg
Folder Deleted : C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dngmdijkhofmnefihbnhnpnkcgfpjflg
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iloeaaibfcmdkmllibejfampkgpemaem
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iloeaaibfcmdkmllibejfampkgpemaem
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iloeaaibfcmdkmllibejfampkgpemaem
Folder Deleted : C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iloeaaibfcmdkmllibejfampkgpemaem
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dngmdijkhofmnefihbnhnpnkcgfpjflg
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dngmdijkhofmnefihbnhnpnkcgfpjflg
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dngmdijkhofmnefihbnhnpnkcgfpjflg
[!] Folder Deleted : C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dngmdijkhofmnefihbnhnpnkcgfpjflg
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iloeaaibfcmdkmllibejfampkgpemaem
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iloeaaibfcmdkmllibejfampkgpemaem
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iloeaaibfcmdkmllibejfampkgpemaem
[!] Folder Deleted : C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iloeaaibfcmdkmllibejfampkgpemaem
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dngmdijkhofmnefihbnhnpnkcgfpjflg
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dngmdijkhofmnefihbnhnpnkcgfpjflg
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dngmdijkhofmnefihbnhnpnkcgfpjflg
[!] Folder Deleted : C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dngmdijkhofmnefihbnhnpnkcgfpjflg
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iloeaaibfcmdkmllibejfampkgpemaem
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iloeaaibfcmdkmllibejfampkgpemaem
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iloeaaibfcmdkmllibejfampkgpemaem
[!] Folder Deleted : C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iloeaaibfcmdkmllibejfampkgpemaem
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dngmdijkhofmnefihbnhnpnkcgfpjflg
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dngmdijkhofmnefihbnhnpnkcgfpjflg
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dngmdijkhofmnefihbnhnpnkcgfpjflg
[!] Folder Deleted : C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dngmdijkhofmnefihbnhnpnkcgfpjflg
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iloeaaibfcmdkmllibejfampkgpemaem
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iloeaaibfcmdkmllibejfampkgpemaem
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iloeaaibfcmdkmllibejfampkgpemaem
[!] Folder Deleted : C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iloeaaibfcmdkmllibejfampkgpemaem
Folder Deleted : C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim
File Deleted : C:\Users\Peggy\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx
File Deleted : C:\Windows\SysWOW64\hfpapi.dll
File Deleted : C:\Windows\SysWOW64\installd.exe
File Deleted : C:\Windows\SysWOW64\netupdsrv.exe
File Deleted : C:\Users\Peggy\AppData\Roaming\Mozilla\Firefox\Profiles\aixoh1tv.default\invalidprefs.js
File Deleted : C:\Users\Peggy\AppData\Roaming\Mozilla\Firefox\Profiles\aixoh1tv.default\searchplugins\bingp.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\v9.xml
File Deleted : C:\Users\Peggy\AppData\Roaming\Mozilla\Firefox\Profiles\aixoh1tv.default\searchplugins\Web Search.xml
File Deleted : C:\Users\Peggy\AppData\Roaming\Mozilla\Firefox\Profiles\aixoh1tv.default\user.js
File Deleted : C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_continuetosave.info_0.localstorage
File Deleted : C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_continuetosave.info_0.localstorage-journal
File Deleted : C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : AmiUpdXp
Task Deleted : UpdaterEX
Task Deleted : Your File Updater
Task Deleted : FF Watcher {60ABA86E-1A2F-403B-A129-091506FF48A5}
Task Deleted : FF Watcher {6A5FB5F3-6FAD-4A0D-98BB-5204A4E1E85B}

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Key Deleted : HKCU\Software\Google\Chrome\Extensions\nemfjadlboooiffmcelkafilagddogim
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nemfjadlboooiffmcelkafilagddogim
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\strongvaultapp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\strongvaultapp_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3289663
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289663
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6CE83F03-4DFD-4070-A0A7-C46C82E20971}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCEE70C6-FA43-4B67-A889-80AF260D2435}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6CE83F03-4DFD-4070-A0A7-C46C82E20971}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6CE83F03-4DFD-4070-A0A7-C46C82E20971}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0C481C2B-21BA-4CF6-87E5-7A78E4CF4E82}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C402389B-A456-4892-BA6A-B65E4BC86C1B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\UpdaterEX
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\click-n-mark
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\InternetHelper3.1
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Free_soft_today
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\V9Software
Key Deleted : HKLM\SOFTWARE\Wpm
Key Deleted : HKLM\SOFTWARE\InternetHelper3.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F5F003B-C71B-72E3-42B4-DE51AB079EB2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\Peggy\AppData\Roaming\Mozilla\Firefox\Profiles\aixoh1tv.default\prefs.js ]

Line Deleted : user_pref("CT3289663.FF19Solved", "true");
Line Deleted : user_pref("CT3289663.UserID", "UN33657308653108332");
Line Deleted : user_pref("CT3289663.fullUserID", "UN33657308653108332.IN.20130923230709");
Line Deleted : user_pref("CT3289663.installDate", "23/09/2013 23:07:10");
Line Deleted : user_pref("CT3289663.installSessionId", "{17F95FDD-DD8A-4A9D-A836-7965C0064BC5}");
Line Deleted : user_pref("CT3289663.installSp", "TRUE");
Line Deleted : user_pref("CT3289663.installerVersion", "1.7.0.9");
Line Deleted : user_pref("CT3289663.keyword", "true");
Line Deleted : user_pref("CT3289663.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3289663.searchRevert", "false");
Line Deleted : user_pref("CT3289663.searchUserMode", "2");
Line Deleted : user_pref("CT3289663.versionFromInstaller", "10.20.0.13");
Line Deleted : user_pref("CT3289663.xpeMode", "0");
Line Deleted : user_pref("CT3298567.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"ghe classroom\",\"EB_MAIN_FRAME_URL\":\"hxxps%3A%2F%2Fmail.google.com%2Fmail%2Fu%2F0%2F%3Fshva%3D1%23inbox%3Fcompose%3D13fdfcd972c39[...]
Line Deleted : user_pref("CT3303001.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"ghe classroom\",\"EB_MAIN_FRAME_URL\":\"hxxps%3A%2F%2Fmail.google.com%2Fmail%2Fu%2F0%2F%3Fshva%3D1%23inbox%3Fcompose%3D13fdfcd972c39[...]
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.v9.com/?type=hppp&ts=1402726890&from=ymb&uid=ST9500325AS_6VEMFQ6H&i=psd&t=34417232d");
Line Deleted : user_pref("extensions.J63ANtTFikJV.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sum[...]
Line Deleted : user_pref("extensions.crossrider.bic", "1428d5f36bab91b400b8bb389dbe790f");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.InstallationTime", 1385351297);
Line Deleted : user_pref("extensions.crossriderapp26766.26766.active", true);
Line Deleted : user_pref("extensions.crossriderapp26766.26766.addressbar", "NA");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.addressbarenhanced", "");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.asyncdb.was_copied", "true");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.asyncdb_dbWasSet", true);
Line Deleted : user_pref("extensions.crossriderapp26766.26766.asyncdb_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.crossriderapp26766.26766.asyncinternaldb.was_copied", "true");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.asyncinternaldb_dbWasSet", true);
Line Deleted : user_pref("extensions.crossriderapp26766.26766.asyncinternaldb_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.crossriderapp26766.26766.backgroundjs", "\n\n//\n");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.backgroundver", 11);
Line Deleted : user_pref("extensions.crossriderapp26766.26766.can_run_bg_code", true);
Line Deleted : user_pref("extensions.crossriderapp26766.26766.certdomaininstaller", "");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.changeprevious", false);
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie.InstallationTime.value", "1385351297");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylight Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_aoi.value", "1385351297");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_country_code.expiration", "Fri May 02 2014 17:39:35 GMT-0700 (Pacific Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_country_code.value", "%22US%22");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylight Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_crr.value", "1398476247");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylight Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_currenttime.value", "%221391447614%22");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_hotfix20111102645.value", "%221%22");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%220%22%2C%22sub_id%22%3A%220%22%2C%22uzid%22%3A%220%22%7D");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_parent_zoneid.value", "%2214019%22");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_pc_20120828.value", "1385351578709");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_product_id.value", "%221350%22");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylight Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_zoneid.value", "%22436308%22");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.cookie.dbtest.value", "1385351357168");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.crossriderapp26766_dbWasSet", true);
Line Deleted : user_pref("extensions.crossriderapp26766.26766.crossriderapp26766_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.crossriderapp26766.26766.description", "Discount Buddy");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.domain", "");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.enablesearch", false);
Line Deleted : user_pref("extensions.crossriderapp26766.26766.homepage", "");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.iframe", false);
Line Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylight Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%220%22%2C%22sub_id%22%3A%220%22%2C%22uzid%22%3A%220%22%7D");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylight Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_appVer.value", "19");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylight Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_lastVersion.value", "1");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylight Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_meta.value", "%7B%7D");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_nextCheck.expiration", "Fri Apr 25 2014 23:39:35 GMT-0700 (Pacific Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_nextCheck.value", "true");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylight Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_queue.value", "%7B%7D");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylight Time)");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.started||_GPL_PLUGIN.prepare({pid:1350,baseCDN:\"discountbu-a.akamaihd.n[...]
Line Deleted : user_pref("extensions.crossriderapp26766.26766.lastDailyReport", "1398472772184");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.lastUpdate", "1398472765834");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.manifesturl", "");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.name", "Discount Buddy");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.newtab", "");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.opensearch", "");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return appAPI.appInfo.id;}else{return appAPI.appID;}}};$jquery.ex[...]
Line Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_1.name", "base");
Line Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_1.ver", 8);
Line Deleted : user_pref("extensions.enabledAddons", "FirefoxAddon%40similarWeb.com:2.0.9,%7Be968fc70-8f95-4ab9-9e79-304de2a71ee1%7D:0.7.3,quick_start%40gmail.com:3.2.0,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.[...]
Line Deleted : user_pref("extensions.hVB.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.net[...]
Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

-\\ Google Chrome v37.0.2062.124

[ File : C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.v9.com/web/?type=dspp&ts=1409641957&from=ymb&uid=ST9500325AS_6VEMFQ6H&i=psd&t=348364af8&q={searchTerms}
Deleted [Startup_urls] : hxxp://www.v9.com/?type=hppp&ts=1399020713&from=ymb&uid=ST9500325AS_6VEMFQ6H&i=psd&t=341e19e9f
Deleted [Homepage] : hxxp://www.v9.com/?type=hppp&ts=1399020713&from=ymb&uid=ST9500325AS_6VEMFQ6H&i=psd&t=341e19e9f
Deleted [Extension] : dngmdijkhofmnefihbnhnpnkcgfpjflg
Deleted [Extension] : iloeaaibfcmdkmllibejfampkgpemaem
Deleted [Extension] : nemfjadlboooiffmcelkafilagddogim
Deleted [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma

*************************

AdwCleaner[R0].txt - [32548 octets] - [09/10/2014 10:03:11]
AdwCleaner[R1].txt - [32449 octets] - [09/10/2014 10:27:29]
AdwCleaner[S0].txt - [29094 octets] - [09/10/2014 10:33:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [29155 octets] ##########

 

Report from Junkware Removal Tool

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.2 (10.09.2014:1)
OS: Windows 7 Home Premium x64
Ran by Peggy on Thu 10/09/2014 at 10:43:21.97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{52036B6B-B381-493B-A788-36309CB335E6}

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Peggy\appdata\local\cre"

 

~~~ FireFox

Successfully deleted the following from C:\Users\Peggy\AppData\Roaming\mozilla\firefox\profiles\aixoh1tv.default\prefs.js

user_pref("browser.search.defaultenginename", "v9");
user_pref("browser.search.selectedEngine", "v9");
Emptied folder: C:\Users\Peggy\AppData\Roaming\mozilla\firefox\profiles\aixoh1tv.default\minidumps [16 files]

 

~~~ Chrome

Successfully deleted: [Folder] C:\Users\Peggy\appdata\local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 10/09/2014 at 10:52:13.29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Finally is the result from the ESET online scanner

I am not sure if I was doing this correctly but I had to stop the scan after it had scanned 749787 files,
there was a total scan time  of 05:05:47 and it was only 33% completed. It found a lot of information but my computer was getting hot so I had to stop it. If I need to run it again I will.

 

Report from ESET

 

C:\$RECYCLE.BIN\S-1-5-21-1740782002-2028424483-3509234485-1000\$R7OBZAO.exe a variant of Win32/SquareNet.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\CT3289663\plugins\TBVerifier.dll.vir Win32/Toolbar.Conduit.AC potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\internethelper3.1\hk64tbInte.dll.vir Win64/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\internethelper3.1\hktbInte.dll.vir Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\internethelper3.1\InternetHelper3.1ToolbarHelper.exe.vir Win32/Toolbar.Conduit.V potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\internethelper3.1\ldrtbInte.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\internethelper3.1\prxtbInte.dll.vir Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\internethelper3.1\tbInte.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir a variant of Win32/Thinknice.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir Win64/Thinknice.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterfacef32.dll.vir a variant of Win32/Thinknice.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir a variant of Win32/ELEX.AR potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir Win32/Thinknice.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir Win64/Thinknice.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv32.dll.vir Win32/Thinknice.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv64.dll.vir a variant of Win64/Thinknice.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir a variant of Win32/Thinknice.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\ProgramData\Conduit\IE\CT3289663\UninstallerUI.exe.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\ProgramData\IePluginService\PluginService.exe.vir a variant of Win32/ELEX.AV potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx.vir a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.26.0.540_0\APISupport\APISupport.dll.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.26.0.540_0\nativeMessaging\TBMessagingHost.exe.vir Win32/Toolbar.Conduit.AH potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\Local\Temp\CT3289663\chLogic.exe.vir a variant of Win32/Toolbar.Conduit.AJ potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\Local\Temp\CT3289663\CT3289663.xpi.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\Local\Temp\CT3289663\ctbe.exe.vir Win32/Toolbar.Conduit.AF potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\Local\Temp\CT3289663\ffLogic.exe.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\Local\Temp\CT3289663\ieLogic.exe.vir Win32/Conduit.SearchProtect.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\Local\Temp\CT3289663\spch.exe.vir Win32/Conduit.SearchProtect.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\Local\Temp\CT3289663\spff.exe.vir Win32/Conduit.SearchProtect.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\Local\Temp\CT3289663\statisticsStub.exe.vir Win32/Toolbar.Conduit potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\Local\Temp\CT3289663\stub.exe.vir Win32/Toolbar.Conduit.S potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\Local\Temp\CT3289663\plugins\TBVerifier.dll.vir Win32/Toolbar.Conduit.AC potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\LocalLow\internethelper3.1\hk64tbInte.dll.vir Win64/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\LocalLow\internethelper3.1\hktbInte.dll.vir Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\LocalLow\internethelper3.1\ldrtbInte.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\LocalLow\internethelper3.1\tbInte.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\Roaming\Mozilla\Firefox\Profiles\aixoh1tv.default\Extensions\{07cbf788-1359-421b-a4e3-5a8d041b90a3}\Plugins\npFirefoxPlugin.dll.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Peggy\AppData\Roaming\SupTab\SupTab.dll.vir a variant of Win32/Thinknice.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\hfpapi.dll.vir a variant of Win32/RiskWare.NetFilter.B application
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\installd.exe.vir a variant of Win32/Amonetize.BB potentially unwanted application
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\netupdsrv.exe.vir a variant of Win32/Amonetize.AZ potentially unwanted application
C:\ProgramData\InstallMate\{B3F22883-AE78-4FB5-AD5E-E65A68110A75}\Custom.dll Win32/InstalleRex.M potentially unwanted application
C:\ProgramData\kadefendersvctask\vxhost.exe a variant of Win32/SquareNet.D potentially unwanted application
C:\ProgramData\MediaDev\1398496685\mediadev.exe a variant of Win32/SquareNet.A potentially unwanted application
C:\ProgramData\UpdateTask\feedback.exe a variant of Win32/SquareNet.D potentially unwanted application
C:\ProgramData\UpdateTask\vmhost.exe Win32/SquareNet.D potentially unwanted application
C:\ProgramData\UpdateTask\vxhost.exe a variant of Win32/SquareNet.D potentially unwanted application
C:\TDSSKiller_Quarantine\09.10.2014_10.10.07\uds0000\svc0000\tsk0000.dta a variant of Win64/Riskware.NetFilter.C application
C:\TDSSKiller_Quarantine\09.10.2014_10.10.07\uds0001\svc0000\tsk0000.dta a variant of Win32/Amonetize.AZ potentially unwanted application
C:\Users\All Users\InstallMate\{B3F22883-AE78-4FB5-AD5E-E65A68110A75}\Custom.dll Win32/InstalleRex.M potentially unwanted application
C:\Users\All Users\kadefendersvctask\vxhost.exe a variant of Win32/SquareNet.D potentially unwanted application
C:\Users\All Users\MediaDev\1398496685\mediadev.exe a variant of Win32/SquareNet.A potentially unwanted application
C:\Users\All Users\UpdateTask\feedback.exe a variant of Win32/SquareNet.D potentially unwanted application
C:\Users\All Users\UpdateTask\vmhost.exe Win32/SquareNet.D potentially unwanted application
C:\Users\All Users\UpdateTask\vxhost.exe a variant of Win32/SquareNet.D potentially unwanted application
C:\Users\Peggy\AppData\Local\16475\Updater.exe a variant of Win32/Amonetize.BS potentially unwanted application
C:\Users\Peggy\AppData\Local\30438\a30496.exe a variant of Win32/Amonetize.BE potentially unwanted application
C:\Users\Peggy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FD8M9UV0\flv_installer (1).exe a variant of Win32/SquareNet.A potentially unwanted application
C:\Users\Peggy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FD8M9UV0\flv_installer.exe a variant of Win32/SquareNet.A potentially unwanted application
C:\Users\Peggy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HLXZTDZ1\c0dp6thugh0h2qvovv2a87fk6v436jonmjm8t5e68niv7doiigq0[1].htm HTML/Iframe.B.Gen virus
C:\Users\Peggy\AppData\Local\PlayFree Browser\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\PlayFree Browser\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\18be6784_.exe a variant of Win32/SProtector.H potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\2869.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\294823_.exe Win32/AdWare.MultiPlug.V application
C:\Users\Peggy\AppData\Local\Temp\2A5A.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\2ACA.tmp a variant of Win32/Toolbar.Conduit.AA potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\5148.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\5A0A.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\73C2.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\749D.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\7BB5.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\8044.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\8961.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\9C6F.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\9D1C.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\A68.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\air2904.exe a variant of Win32/AirAdInstaller.A potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\airBBB0.exe a variant of Win32/SpeedingUpMyPC.F application
C:\Users\Peggy\AppData\Local\Temp\airE24F.exe Win32/Toolbar.Conduit.S potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\B603.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\B74A.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\C832.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\CB0E.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\DB3.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\dBSZqSN1.exe.part a variant of Win32/SoftPulse.B potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\drv15889.exe a variant of Win32/Amonetize.BR potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\F0BC.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\F484.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\nsa16ED.exe Win32/Conduit.SearchProtect.S potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\nsa5581.exe Win32/Conduit.SearchProtect.S potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\nsf1E5F.exe Win32/Conduit.SearchProtect.S potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\nsf5A24.exe Win32/Conduit.SearchProtect.S potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\nslA7E6.exe Win32/Conduit.SearchProtect.S potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\nslAF39.exe Win32/Conduit.SearchProtect.S potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\nsp8165.exe Win32/Conduit.SearchProtect.S potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\SPStub.exe Win32/Conduit.SearchProtect.J potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\v-bates.exe a variant of Win32/Toolbar.BitCocktail.B potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\fullpackage_temp1399018879\tmp\SupTab.exe a variant of Win32/ELEX.AV potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_10128_12136\nemfjadlboooiffmcelkafilagddogim.crx a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_10696_22336\5A0A.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_1148_24154\nemfjadlboooiffmcelkafilagddogim.crx a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_12356_31524\B74A.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_25172_6354\F484.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_27408_27633\B603.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_27408_27633\CRX_INSTALL\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_27408_27633\CRX_INSTALL\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_27408_27633\CRX_INSTALL\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_3688_31328\5148.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_3688_31328\CRX_INSTALL\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_3688_31328\CRX_INSTALL\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_3888_26839\nemfjadlboooiffmcelkafilagddogim.crx a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_3976_17835\DB3.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_4320_7050\8044.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_4388_21127\73C2.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_4388_21127\CRX_INSTALL\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_4388_21127\CRX_INSTALL\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_4388_21127\CRX_INSTALL\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_4700_27089\nemfjadlboooiffmcelkafilagddogim.crx a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_5428_31171\9D1C.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_5504_9741\2869.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_5964_21210\C832.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_5964_21210\CRX_INSTALL\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_5964_21210\CRX_INSTALL\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_5964_21210\CRX_INSTALL\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_6192_707\F0BC.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_7316_3268\9C6F.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_7736_17983\A68.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\scoped_dir_8516_3386\749D.tmp a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{1172D76A-1857-4D5B-8661-BCDEF1B4014B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{1172D76A-1857-4D5B-8661-BCDEF1B4014B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{1ED33E39-70F9-42E0-BC36-6BF4ED6091DC}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{1ED33E39-70F9-42E0-BC36-6BF4ED6091DC}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{1ED33E39-70F9-42E0-BC36-6BF4ED6091DC}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{1ED33E39-70F9-42E0-BC36-6BF4ED6091DC}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{1ED33E39-70F9-42E0-BC36-6BF4ED6091DC}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{22CFD873-EFE2-44DB-8536-B7A40D96165E}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{22CFD873-EFE2-44DB-8536-B7A40D96165E}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{22CFD873-EFE2-44DB-8536-B7A40D96165E}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{22CFD873-EFE2-44DB-8536-B7A40D96165E}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{22CFD873-EFE2-44DB-8536-B7A40D96165E}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{2341AC17-AE7B-428A-A3BC-A6AE3F296910}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{2341AC17-AE7B-428A-A3BC-A6AE3F296910}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{26929067-6BBE-4E29-A949-EF789C5964F7}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{26929067-6BBE-4E29-A949-EF789C5964F7}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{28E4612A-D401-44C5-AF9D-E163D62E4AE6}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{28E4612A-D401-44C5-AF9D-E163D62E4AE6}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{2C1F3AFB-C0AD-4156-B595-968C32AFE8AE}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{2C1F3AFB-C0AD-4156-B595-968C32AFE8AE}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{2ED8620C-AEF2-4B3C-BAC8-D46FDF765782}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{2ED8620C-AEF2-4B3C-BAC8-D46FDF765782}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{2F45003E-C920-4B3D-9700-6CF61550738A}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{2F45003E-C920-4B3D-9700-6CF61550738A}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{3822FDA6-DE27-461B-9B2E-95F1509874F3}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{3822FDA6-DE27-461B-9B2E-95F1509874F3}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{389D7753-76B5-48AC-95D3-E7CB81D21F45}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{389D7753-76B5-48AC-95D3-E7CB81D21F45}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{38A2B898-D8D4-4EFD-A996-3817BC0AA757}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{38A2B898-D8D4-4EFD-A996-3817BC0AA757}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{38A2B898-D8D4-4EFD-A996-3817BC0AA757}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{38A2B898-D8D4-4EFD-A996-3817BC0AA757}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{38A2B898-D8D4-4EFD-A996-3817BC0AA757}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{3C402C9E-540F-4B03-B59D-54A3AD7415A3}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{3C402C9E-540F-4B03-B59D-54A3AD7415A3}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{3D7D50FF-467A-44A4-BD07-71A1DF82C5A9}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{3D7D50FF-467A-44A4-BD07-71A1DF82C5A9}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{3D7D50FF-467A-44A4-BD07-71A1DF82C5A9}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{3D7D50FF-467A-44A4-BD07-71A1DF82C5A9}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{3D7D50FF-467A-44A4-BD07-71A1DF82C5A9}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{3EE649D2-E09E-472A-9D38-A9B3A1171126}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{3EE649D2-E09E-472A-9D38-A9B3A1171126}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{3F1AC3D8-4628-4A6B-B1EC-4A77BFFED544}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{3F1AC3D8-4628-4A6B-B1EC-4A77BFFED544}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{407B9651-476E-4D7F-BD95-751062131E57}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{407B9651-476E-4D7F-BD95-751062131E57}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{447B47C3-F42B-4FD8-B12E-FF854B86BCED}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{447B47C3-F42B-4FD8-B12E-FF854B86BCED}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{447B47C3-F42B-4FD8-B12E-FF854B86BCED}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{447B47C3-F42B-4FD8-B12E-FF854B86BCED}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{447B47C3-F42B-4FD8-B12E-FF854B86BCED}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{451C37DD-B80C-4A2F-9D2A-EFD623C41153}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{451C37DD-B80C-4A2F-9D2A-EFD623C41153}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{498276A1-D2A4-4103-8E39-5000664469AD}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{498276A1-D2A4-4103-8E39-5000664469AD}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{4B0D5293-7890-4536-8A9D-BC8F5F8A1080}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{4B0D5293-7890-4536-8A9D-BC8F5F8A1080}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{4FF6D7A5-8CE5-49E3-8204-2571BBD911B3}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{4FF6D7A5-8CE5-49E3-8204-2571BBD911B3}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{55BB834F-136D-4243-870A-9CA116175BDA}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{55BB834F-136D-4243-870A-9CA116175BDA}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5645BDCA-B8DB-493A-AF23-F61500818D2C}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5645BDCA-B8DB-493A-AF23-F61500818D2C}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5645BDCA-B8DB-493A-AF23-F61500818D2C}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5645BDCA-B8DB-493A-AF23-F61500818D2C}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5645BDCA-B8DB-493A-AF23-F61500818D2C}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5733154D-CAF6-49D1-83BE-D286F05EDB03}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5733154D-CAF6-49D1-83BE-D286F05EDB03}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5756D6E4-818D-4E8E-8F3D-014666ED859E}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5756D6E4-818D-4E8E-8F3D-014666ED859E}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5756D6E4-818D-4E8E-8F3D-014666ED859E}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5756D6E4-818D-4E8E-8F3D-014666ED859E}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5756D6E4-818D-4E8E-8F3D-014666ED859E}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{57D3D738-824F-4444-8149-923A93767763}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{57D3D738-824F-4444-8149-923A93767763}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5B61E4A6-C5DC-40B9-9BD3-6705449CF13D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5B61E4A6-C5DC-40B9-9BD3-6705449CF13D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5B61E4A6-C5DC-40B9-9BD3-6705449CF13D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5B61E4A6-C5DC-40B9-9BD3-6705449CF13D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5B61E4A6-C5DC-40B9-9BD3-6705449CF13D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5BD92171-E2A2-4A7E-966C-2193C9806513}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5BD92171-E2A2-4A7E-966C-2193C9806513}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5BFF7C77-D506-4683-9C77-31123F5085BF}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5BFF7C77-D506-4683-9C77-31123F5085BF}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5CD387F5-4563-481C-8C3E-14ACCEEC9D58}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{5CD387F5-4563-481C-8C3E-14ACCEEC9D58}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{628A3C74-FD36-42E1-8058-7F15171533B3}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{628A3C74-FD36-42E1-8058-7F15171533B3}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{654A1545-28E8-45D8-9ACD-C52518AB1F32}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{654A1545-28E8-45D8-9ACD-C52518AB1F32}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{6573CD1C-533E-41E3-AF60-A9A5FBDB227A}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{6573CD1C-533E-41E3-AF60-A9A5FBDB227A}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{66099F9B-5CAA-46A7-B661-2999974A3D9B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{66099F9B-5CAA-46A7-B661-2999974A3D9B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{66647C97-63A3-49E1-985C-B05042D47F43}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{66647C97-63A3-49E1-985C-B05042D47F43}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{67E9D3CE-CAB6-4404-B907-FBFA91B59A0B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{67E9D3CE-CAB6-4404-B907-FBFA91B59A0B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{67E9D3CE-CAB6-4404-B907-FBFA91B59A0B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{67E9D3CE-CAB6-4404-B907-FBFA91B59A0B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{67E9D3CE-CAB6-4404-B907-FBFA91B59A0B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{6817FC36-22D1-471C-B0BF-94DDDE80B499}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{6817FC36-22D1-471C-B0BF-94DDDE80B499}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{699C54C5-4C66-4612-B383-90ADFA99BEF6}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{699C54C5-4C66-4612-B383-90ADFA99BEF6}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{69DA8651-1F04-4F88-B5A4-3107F8E5BBE0}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{69DA8651-1F04-4F88-B5A4-3107F8E5BBE0}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{69EAFA97-90EF-4E87-BDAC-9B10BB5CEF29}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{69EAFA97-90EF-4E87-BDAC-9B10BB5CEF29}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{6AC9A135-CC91-4BD9-A624-22374D0D30BC}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{6AC9A135-CC91-4BD9-A624-22374D0D30BC}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{6AC9A135-CC91-4BD9-A624-22374D0D30BC}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{6AC9A135-CC91-4BD9-A624-22374D0D30BC}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{6AC9A135-CC91-4BD9-A624-22374D0D30BC}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{6BEF503E-11F6-440B-9449-4EA23DB91ED6}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{6BEF503E-11F6-440B-9449-4EA23DB91ED6}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{6BEF503E-11F6-440B-9449-4EA23DB91ED6}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{6BEF503E-11F6-440B-9449-4EA23DB91ED6}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{6BEF503E-11F6-440B-9449-4EA23DB91ED6}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{6F2D6163-99FB-4D9B-BE9D-922D7D983A2F}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{6F2D6163-99FB-4D9B-BE9D-922D7D983A2F}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{702A14D1-CA2A-48CE-98B7-C3DE71E0C783}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{702A14D1-CA2A-48CE-98B7-C3DE71E0C783}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{7085B580-4F95-4D08-9899-7FD1FEA25962}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{7085B580-4F95-4D08-9899-7FD1FEA25962}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{7441C2A1-68A4-4281-BB09-1067EF8A7AB2}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{7441C2A1-68A4-4281-BB09-1067EF8A7AB2}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{755F5DAD-EC74-4A25-B499-AB8ED7921467}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{755F5DAD-EC74-4A25-B499-AB8ED7921467}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{771CCAC8-038B-4EC8-8DFE-D493BF8A28CE}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{771CCAC8-038B-4EC8-8DFE-D493BF8A28CE}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{77F232C5-7678-4BCF-B9E6-456C25AE8594}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{77F232C5-7678-4BCF-B9E6-456C25AE8594}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{77F232C5-7678-4BCF-B9E6-456C25AE8594}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{77F232C5-7678-4BCF-B9E6-456C25AE8594}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{77F232C5-7678-4BCF-B9E6-456C25AE8594}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{79C7FF49-A001-41EF-BF16-8A5932EF1D35}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{79C7FF49-A001-41EF-BF16-8A5932EF1D35}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{7CC420D5-DCB4-4948-9894-F601C5BB9CB0}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{7CC420D5-DCB4-4948-9894-F601C5BB9CB0}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{81CA17D4-41AC-4DA8-8067-347011DA8D93}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{81CA17D4-41AC-4DA8-8067-347011DA8D93}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{81CA17D4-41AC-4DA8-8067-347011DA8D93}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{81CA17D4-41AC-4DA8-8067-347011DA8D93}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{81CA17D4-41AC-4DA8-8067-347011DA8D93}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{822A60FD-0912-4806-941D-18E94529234D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{822A60FD-0912-4806-941D-18E94529234D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{83B09EB2-8A30-4F0A-A73E-C0BC54EA1FC4}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{83B09EB2-8A30-4F0A-A73E-C0BC54EA1FC4}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{83B09EB2-8A30-4F0A-A73E-C0BC54EA1FC4}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{83B09EB2-8A30-4F0A-A73E-C0BC54EA1FC4}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{83B09EB2-8A30-4F0A-A73E-C0BC54EA1FC4}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{8764F517-E550-4A6F-A38B-80F289297543}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{8764F517-E550-4A6F-A38B-80F289297543}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{880762DB-D3B1-4BED-8D51-C33027235D38}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{880762DB-D3B1-4BED-8D51-C33027235D38}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{880762DB-D3B1-4BED-8D51-C33027235D38}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{880762DB-D3B1-4BED-8D51-C33027235D38}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{880762DB-D3B1-4BED-8D51-C33027235D38}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{8955B675-88C2-48B1-A68A-920901D03724}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{8955B675-88C2-48B1-A68A-920901D03724}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{8A8A6BDB-F936-4689-BF1E-BF3B67E857AC}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{8A8A6BDB-F936-4689-BF1E-BF3B67E857AC}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{8B3072F4-4245-4EFE-B914-A4CAEC0AA18E}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{8B3072F4-4245-4EFE-B914-A4CAEC0AA18E}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{8CE3E923-1A55-4955-AA1C-C442365B5978}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{8CE3E923-1A55-4955-AA1C-C442365B5978}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{8EA6C97B-0F2A-4804-873B-DC3F79F43873}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{8EA6C97B-0F2A-4804-873B-DC3F79F43873}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{9175F75E-A059-4A7E-AD58-5B27A0A1B098}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{9175F75E-A059-4A7E-AD58-5B27A0A1B098}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{91A51B1B-ADA8-47BE-9752-24D3D9183AB0}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{91A51B1B-ADA8-47BE-9752-24D3D9183AB0}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{92F5322F-64FB-42CF-A945-AA3DC2B159D2}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{92F5322F-64FB-42CF-A945-AA3DC2B159D2}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{92F5322F-64FB-42CF-A945-AA3DC2B159D2}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{92F5322F-64FB-42CF-A945-AA3DC2B159D2}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{92F5322F-64FB-42CF-A945-AA3DC2B159D2}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{95176520-7CAE-4AB5-9828-2CDF1256CA5F}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{95176520-7CAE-4AB5-9828-2CDF1256CA5F}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{960C0D3C-8D18-41B4-AA7B-9B3BEEFE5BFA}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{960C0D3C-8D18-41B4-AA7B-9B3BEEFE5BFA}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{962B9CDE-E8C6-4A59-9ED6-647559C3FFD7}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{962B9CDE-E8C6-4A59-9ED6-647559C3FFD7}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{962B9CDE-E8C6-4A59-9ED6-647559C3FFD7}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{962B9CDE-E8C6-4A59-9ED6-647559C3FFD7}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{962B9CDE-E8C6-4A59-9ED6-647559C3FFD7}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{9A712C86-FF5E-45E1-9DEA-D712F1E0D75A}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{9A712C86-FF5E-45E1-9DEA-D712F1E0D75A}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{9A712C86-FF5E-45E1-9DEA-D712F1E0D75A}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{9A712C86-FF5E-45E1-9DEA-D712F1E0D75A}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{9A712C86-FF5E-45E1-9DEA-D712F1E0D75A}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{9F927FEC-B0ED-417E-A5EA-C405F139081B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{9F927FEC-B0ED-417E-A5EA-C405F139081B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{9F927FEC-B0ED-417E-A5EA-C405F139081B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{9F927FEC-B0ED-417E-A5EA-C405F139081B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{9F927FEC-B0ED-417E-A5EA-C405F139081B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{A0C7F322-CD2F-44D0-AD2C-7DC5CCF9BA8C}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{A0C7F322-CD2F-44D0-AD2C-7DC5CCF9BA8C}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{A0C7F322-CD2F-44D0-AD2C-7DC5CCF9BA8C}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{A0C7F322-CD2F-44D0-AD2C-7DC5CCF9BA8C}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{A0C7F322-CD2F-44D0-AD2C-7DC5CCF9BA8C}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{A57EF37B-00C2-4DD6-9926-A802C081068B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{A57EF37B-00C2-4DD6-9926-A802C081068B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{A9002222-19DF-4891-A9D5-0E1F00E1681B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{A9002222-19DF-4891-A9D5-0E1F00E1681B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{ABAAC0FD-46B8-4771-AA68-4EB65A2986E9}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{ABAAC0FD-46B8-4771-AA68-4EB65A2986E9}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{AC0E9C74-FF33-4ADA-9EE3-617A0206E51B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{AC0E9C74-FF33-4ADA-9EE3-617A0206E51B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{AC967FE0-175E-44F2-AFF5-8DEE2D85108D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{AC967FE0-175E-44F2-AFF5-8DEE2D85108D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{B1CE3722-EECC-4367-A5C1-0CDFE54EFCEB}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{B1CE3722-EECC-4367-A5C1-0CDFE54EFCEB}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{B4736BE7-CB91-4A4F-809D-0FEBBBC79560}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{B4736BE7-CB91-4A4F-809D-0FEBBBC79560}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{B508D504-1794-4EF2-9714-A18D23346A51}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{B508D504-1794-4EF2-9714-A18D23346A51}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{B5BD8096-0437-461E-8C62-4342303442ED}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{B5BD8096-0437-461E-8C62-4342303442ED}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{B732CFD0-EE9B-40B6-AC98-3E329B23E71D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{B732CFD0-EE9B-40B6-AC98-3E329B23E71D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{B732CFD0-EE9B-40B6-AC98-3E329B23E71D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{B732CFD0-EE9B-40B6-AC98-3E329B23E71D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{B732CFD0-EE9B-40B6-AC98-3E329B23E71D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{BB144FD2-BB45-4A21-BA41-566E91E07C22}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{BB144FD2-BB45-4A21-BA41-566E91E07C22}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{BE7A8A71-8CEC-46B2-8E53-FE3F678FCC2A}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{BE7A8A71-8CEC-46B2-8E53-FE3F678FCC2A}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{BF22D723-D109-4105-8CD4-8A55C9D92E3C}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{BF22D723-D109-4105-8CD4-8A55C9D92E3C}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{C7DF491D-FA4C-4E9F-8567-6F418A4283DB}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{C7DF491D-FA4C-4E9F-8567-6F418A4283DB}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{C7DF491D-FA4C-4E9F-8567-6F418A4283DB}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{C7DF491D-FA4C-4E9F-8567-6F418A4283DB}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{C7DF491D-FA4C-4E9F-8567-6F418A4283DB}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{CAFE801B-7892-40F4-8558-DAFDE374538D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{CAFE801B-7892-40F4-8558-DAFDE374538D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{CB7A8288-D924-499D-B119-A9D578CB05CE}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{CB7A8288-D924-499D-B119-A9D578CB05CE}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{CCF775B9-E0F4-491D-9671-3DFFC450C88C}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{CCF775B9-E0F4-491D-9671-3DFFC450C88C}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{CD28CC02-3E21-4BD3-8F66-2BE893AFFACA}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{CD28CC02-3E21-4BD3-8F66-2BE893AFFACA}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{CD4B4C73-1E6A-4FF8-92C5-6EE21500F107}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{CD4B4C73-1E6A-4FF8-92C5-6EE21500F107}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{CD631C18-46A6-49B4-8464-C559E2DDC4E3}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{CD631C18-46A6-49B4-8464-C559E2DDC4E3}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{CE89CD9A-914A-43F8-B901-28EB2A3F7969}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{CE89CD9A-914A-43F8-B901-28EB2A3F7969}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{D3B376AE-17BD-445E-B1AD-C40C4DB50E42}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{D3B376AE-17BD-445E-B1AD-C40C4DB50E42}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{D46E97C5-4EB0-4952-8C38-FEC615AD2377}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{D46E97C5-4EB0-4952-8C38-FEC615AD2377}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{D6684DE7-4612-4F24-B381-69942A95AE8C}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{D6684DE7-4612-4F24-B381-69942A95AE8C}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{D75F178B-FAD4-4ED6-8134-D5D9B29A34E0}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{D75F178B-FAD4-4ED6-8134-D5D9B29A34E0}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{D7B8391E-1744-406E-92BA-6FF568F5E025}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{D7B8391E-1744-406E-92BA-6FF568F5E025}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{D80569E2-8977-4E00-8FD3-6E55DABA6045}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{D80569E2-8977-4E00-8FD3-6E55DABA6045}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{D92180DB-4113-44EC-84F6-FDA53B9ED4F7}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{D92180DB-4113-44EC-84F6-FDA53B9ED4F7}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{DA2FAAF5-EBB4-48A0-81CD-ABFEE1AC22E7}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{DA2FAAF5-EBB4-48A0-81CD-ABFEE1AC22E7}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{DB50FEF8-3223-4173-9F9C-A36FD7549A14}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{DB50FEF8-3223-4173-9F9C-A36FD7549A14}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{DBB597F1-A765-4580-A14F-D22993B4164F}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{DBB597F1-A765-4580-A14F-D22993B4164F}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{DDC434CA-5BB1-47D1-9864-3A000F9FAE46}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{DDC434CA-5BB1-47D1-9864-3A000F9FAE46}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{DDEA4879-4E81-41A7-87B5-8B7C28AA7F2F}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{DDEA4879-4E81-41A7-87B5-8B7C28AA7F2F}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{DE6F77BE-CDC8-4C81-A25A-07013C4527CD}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{DE6F77BE-CDC8-4C81-A25A-07013C4527CD}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{DEBF9F3F-FFCB-4D43-B5CE-73E6E683EE96}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{DEBF9F3F-FFCB-4D43-B5CE-73E6E683EE96}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E1CFE0AA-3DB3-436D-8326-B01FC3006BD8}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E1CFE0AA-3DB3-436D-8326-B01FC3006BD8}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E30BB794-7D4F-4E16-ADC1-A66E305FF4A6}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E30BB794-7D4F-4E16-ADC1-A66E305FF4A6}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E3C81666-C402-4AF3-952F-7ED629F99921}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E3C81666-C402-4AF3-952F-7ED629F99921}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E3C81666-C402-4AF3-952F-7ED629F99921}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E3C81666-C402-4AF3-952F-7ED629F99921}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E3C81666-C402-4AF3-952F-7ED629F99921}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E46CF5AA-77F2-4FB0-BE76-C77841473401}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E46CF5AA-77F2-4FB0-BE76-C77841473401}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E4B20F40-8586-4DEE-B714-8DE9636DBC6D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E4B20F40-8586-4DEE-B714-8DE9636DBC6D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E4B20F40-8586-4DEE-B714-8DE9636DBC6D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E4B20F40-8586-4DEE-B714-8DE9636DBC6D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E4B20F40-8586-4DEE-B714-8DE9636DBC6D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E507AC96-78A2-4AB0-8017-35BE357660DD}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E507AC96-78A2-4AB0-8017-35BE357660DD}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E66FEC06-1A1A-404C-9709-A0BAD7AD0103}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E66FEC06-1A1A-404C-9709-A0BAD7AD0103}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E75FEFFB-F229-41D3-8DCF-5D8A16D8546F}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E75FEFFB-F229-41D3-8DCF-5D8A16D8546F}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E75FEFFB-F229-41D3-8DCF-5D8A16D8546F}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E75FEFFB-F229-41D3-8DCF-5D8A16D8546F}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E75FEFFB-F229-41D3-8DCF-5D8A16D8546F}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E85B7892-348F-495F-807C-657D25A413AE}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E85B7892-348F-495F-807C-657D25A413AE}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E85B7892-348F-495F-807C-657D25A413AE}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E85B7892-348F-495F-807C-657D25A413AE}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{E85B7892-348F-495F-807C-657D25A413AE}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{EA2B1B83-50FD-4119-9C31-E4A2EE7134B1}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{EA2B1B83-50FD-4119-9C31-E4A2EE7134B1}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{EC4273AD-E118-4BCC-B9A7-E690BC0A5A09}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{EC4273AD-E118-4BCC-B9A7-E690BC0A5A09}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{EE16D4DC-755C-49AE-9B50-8A5B236CAE5F}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{EE16D4DC-755C-49AE-9B50-8A5B236CAE5F}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{EE16D4DC-755C-49AE-9B50-8A5B236CAE5F}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{EE16D4DC-755C-49AE-9B50-8A5B236CAE5F}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{EE16D4DC-755C-49AE-9B50-8A5B236CAE5F}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{EEE9F8EC-75A5-42E7-A254-D044DB9858E3}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{EEE9F8EC-75A5-42E7-A254-D044DB9858E3}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{EFC22F31-2FA6-47A4-91C3-F8D181E228E8}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{EFC22F31-2FA6-47A4-91C3-F8D181E228E8}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{F149C42A-7A47-4EFB-8D13-F410E50E8C2B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{F149C42A-7A47-4EFB-8D13-F410E50E8C2B}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{F1DC6DF2-9FE1-450D-AF8F-BFB8EBDF1D14}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{F1DC6DF2-9FE1-450D-AF8F-BFB8EBDF1D14}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{F3863C90-2028-4867-89C9-2BB12255AFBC}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{F3863C90-2028-4867-89C9-2BB12255AFBC}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{F422A690-6918-44CD-A323-0524C4A80AE1}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{F422A690-6918-44CD-A323-0524C4A80AE1}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{F422A690-6918-44CD-A323-0524C4A80AE1}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{F422A690-6918-44CD-A323-0524C4A80AE1}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{F422A690-6918-44CD-A323-0524C4A80AE1}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{F73D859E-6459-44F1-B1D8-1C8157645D8D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{F73D859E-6459-44F1-B1D8-1C8157645D8D}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{F8CDA509-7DD4-44F4-BB0B-19E1F430A386}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{F8CDA509-7DD4-44F4-BB0B-19E1F430A386}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{FAD2D4F2-987A-44D8-A901-55F7BD35A5AF}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{FAD2D4F2-987A-44D8-A901-55F7BD35A5AF}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{FB6E0621-B829-49F3-9107-D981A3182EAA}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{FB6E0621-B829-49F3-9107-D981A3182EAA}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{FC0EF291-A51F-4A15-AEC8-226997E57DD4}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{FC0EF291-A51F-4A15-AEC8-226997E57DD4}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{FC0EF291-A51F-4A15-AEC8-226997E57DD4}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\APISupport\APISupport.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{FC0EF291-A51F-4A15-AEC8-226997E57DD4}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{FC0EF291-A51F-4A15-AEC8-226997E57DD4}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.4.510_0\plugins\ChromeApiPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{FCD49AD5-4ABB-4D3A-8438-4BAC5E766BDE}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{FCD49AD5-4ABB-4D3A-8438-4BAC5E766BDE}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{FD82EE15-56D5-4C2F-AEF1-1183E7B2F9CD}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{FD82EE15-56D5-4C2F-AEF1-1183E7B2F9CD}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{FD8BB515-1B62-4372-BB60-D37339BD2EC9}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Peggy\AppData\Local\Temp\{D3128BAA-550C-4CFB-A01D-93B0B0E18098}\{FD8BB515-1B62-4372-BB60-D37339BD2EC9}\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.19.2.5_0\plugins\TBVerifier.dll Win32/Toolbar.Conduit.AC potentially unwanted application
C:\Users\Peggy\AppData\Roaming\UpdateServ\ClickAndMark_2040-5250.exe multiple threats
C:\Users\Peggy\AppData\Roaming\UpdateServ\Cloud_Backup.exe MSIL/MyPCBackup.B potentially unwanted application
C:\Users\Peggy\AppData\Roaming\UpdateServ\CostMin.exe a variant of Win32/TrojanDownloader.Agent.ALF trojan
C:\Users\Peggy\AppData\Roaming\UpdateServ\FralimboSetup.exe Win32/BrowseFox.C potentially unwanted application
C:\Users\Peggy\AppData\Roaming\UpdateServ\installer.exe a variant of Win32/Toolbar.Linkury.E potentially unwanted application
C:\Users\Peggy\AppData\Roaming\UpdateServ\isharp_installer.exe Win32/AdWare.SmartPCFix.B application
C:\Users\Peggy\AppData\Roaming\UpdateServ\ISTCleaner.exe Win32/AdWare.SmartPCFix.B application
C:\Users\Peggy\AppData\Roaming\UpdateServ\key-find.exe a variant of Win32/ELEX.AF potentially unwanted application
C:\Users\Peggy\AppData\Roaming\UpdateServ\Launcher.exe a variant of Win32/Amonetize.AG potentially unwanted application
C:\Users\Peggy\AppData\Roaming\UpdateServ\SafeWeb.exe a variant of Win32/InstalleRex.P potentially unwanted application
C:\Users\Peggy\AppData\Roaming\UpdateServ\Setup_1017.exe Win32/AdWare.HighliteApp.A application
C:\Users\Peggy\AppData\Roaming\UpdateServ\setup_fst_us.exe multiple threats
C:\Users\Peggy\AppData\Roaming\UpdateServ\UpdaterService.exe a variant of Win32/SquareNet.A potentially unwanted application
C:\Users\Peggy\AppData\Roaming\UpdateServ\VoPackage.exe Win32/VOPackage.F potentially unwanted application
C:\Users\Peggy\Desktop\ccsetup320.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application
C:\Users\Peggy\Desktop\FoxitReader605.0618_enu_Setup.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Peggy\Documents\Flash Player 12.exe a variant of Win32/AirAdInstaller.A potentially unwanted application
C:\Users\Peggy\Downloads\Adobe_Flash_IE_Setup.exe Win32/InstallCore.MM potentially unwanted application
C:\Users\Peggy\Downloads\Coming of Age in Mississippi pdf.exe a variant of Win32/AdWare.MultiPlug.CB application
C:\Users\Peggy\Downloads\downloadactivation_com%2fthanks%3fsource%3dpropeller_lightspark-us%26subid1%3d36478%26userid%3d15ad3a66- a variant of Win32/AdWare.iBryte.BG application
C:\Users\Peggy\Downloads\give me liberty foner pdf__3516_i1341182239_il1832916.exe a variant of Win32/Amonetize.BR potentially unwanted application
C:\Users\Peggy\Downloads\installicon_png&product_image=http a variant of Win32/AirAdInstaller.A potentially unwanted application
C:\Users\Peggy\Downloads\Molly's Chambers-Kings Of Leon_mp3 a variant of Win32/AdWare.MultiPlug.CN application
C:\Users\Peggy\Downloads\winzip18-home_exe a variant of Win32/InstallCore.QC potentially unwanted application
C:\Windows\System32\hfnapi.dll a variant of Win32/RiskWare.NetFilter.B application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[1].exe a variant of Win32/Amonetize.BR potentially unwanted application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[2].exe a variant of Win32/Amonetize.BR potentially unwanted application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[3].exe a variant of Win32/Amonetize.BS potentially unwanted application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[4].exe a variant of Win32/Amonetize.BS potentially unwanted application
C:\Windows\SysWOW64\hfnapi.dll a variant of Win32/RiskWare.NetFilter.B application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[1].exe a variant of Win32/Amonetize.BR potentially unwanted application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[2].exe a variant of Win32/Amonetize.BR potentially unwanted application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[3].exe a variant of Win32/Amonetize.BS potentially unwanted application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[4].exe a variant of Win32/Amonetize.BS potentially unwanted application
C:\Windows\temp\1bb5370d-4a45-4a96-534b-6ce9f07e7b44.exe a variant of Win32/Amonetize.BR potentially unwanted application
C:\Windows\temp\af440eca-b283-436e-6cbf-b1108d2e1302.exe a variant of Win32/Amonetize.BR potentially unwanted application
C:\Windows\temp\b1f7a2d0-c66b-4c59-6e9e-cb765a595c1d.exe a variant of Win32/Amonetize.BS potentially unwanted application
C:\Windows\temp\f33193c6-f8ac-4715-1912-38b69ddf21f9.exe a variant of Win32/Amonetize.BS potentially unwanted application
C:\Windows\temp\Updater.exe a variant of Win32/Amonetize.BS potentially unwanted application

In addition, there is a pop-up that keeps showing up which says

 

Cannot continue. The application is improperly formatted. Contact the application vendor for assistance.

 

Thanks,

Peggy

 



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:29 AM

Posted 09 October 2014 - 08:09 PM

OK,  Restart the machine and we do these next. This machine was very infected.
 
Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.
Download 51a46ae42d560-malwarebytes_anti_malware.MalwareBytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.exe to start the installation of Malwarebytes Anti-Malware.
  • Follow the instructions on your screen to complete the installation. You can find the complete installation procedure here.
  • Click the Scan Now button, a threat scan will start automatically.
  • MalwareBytes Anti-Malware will now check for the latest updates. Click Update Now if new updates are available.
  • Your computer is now being scanned, please do not use your computer during the scan.
    • If no threats were found, click View detailed log.
      • Click Export and save the log as a .txt file on your Desktop or another location.
    • If the scan detected any threats, click Apply Actions.
      • To complete any actions taken you will be prompted to restart your computer...click on Yes.
      • After reboot, start Malwarebytes Anti-Malware again and click the History Tab at the top and select Application Logs.
      • Check the box next to Scan Log. Choose the most current scan and click View.
      • Click Export and save the log as a .txt file on your Desktop or another location.
  • Providing the MalwareBytes' Anti-Malware log file
    • Copy/Paste the log file you just saved to your next reply for further review.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 psiegel

psiegel
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:29 AM

Posted 10 October 2014 - 04:20 AM

Hello,

Here is the log file from the mbam scan

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10/10/2014
Scan Time: 1:40:48 AM
Logfile: mbam log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.10.03
Rootkit Database: v2014.10.08.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Peggy

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 373957
Time Elapsed: 21 min, 15 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 3
PUP.Optional.UpdateService.A, C:\ProgramData\MediaDev\1398496685\mediadev.exe, 1892, Delete-on-Reboot, [a56672a1cdafd06654c2c0b89e63f60a]
PUP.Optional.UpdateService.A, C:\Users\Peggy\AppData\Roaming\UpdateServ\UpdaterService.exe, 2532, Delete-on-Reboot, [24e7d73c2d4f2214e72f10681ae732ce]
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\I~..C~..Runner.exe, 4404, Delete-on-Reboot, [3fcc0211017b0630a110a4692cd9ff01]

Modules: 9
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\msvcp110.dll, Delete-on-Reboot, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\msvcr110.dll, Delete-on-Reboot, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\CmdProc.dll, Delete-on-Reboot, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\CmnUtls.dll, Delete-on-Reboot, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\ManXec.dll, Delete-on-Reboot, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\PrfIns.dll, Delete-on-Reboot, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\WblSupp.dll, Delete-on-Reboot, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\WbSes.dll, Delete-on-Reboot, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\WdcMan.dll, Delete-on-Reboot, [9576779cf38988ae3e83759a1ae9e719],

Registry Keys: 9
PUP.Optional.UpdateService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MediaDevSrv, Quarantined, [a56672a1cdafd06654c2c0b89e63f60a],
PUP.Optional.UpdateService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinDevSvc, Quarantined, [24e7d73c2d4f2214e72f10681ae732ce],
PUP.Optional.TopArcadeHits.A, HKU\S-1-5-21-1740782002-2028424483-3509234485-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CF190686-9E72-403C-B99D-682ABDB63C5B}, Quarantined, [99726ba8a9d344f2e48ee6ec0df5e719],
PUP.Optional.TopArcadeHits.A, HKU\S-1-5-21-1740782002-2028424483-3509234485-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CF190686-9E72-403C-B99D-682ABDB63C5B}, Quarantined, [99726ba8a9d344f2e48ee6ec0df5e719],
PUP.Optional.IdleCrawler.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r, Quarantined, [66a5a66da0dc9e981432bf8cde271be5],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-1740782002-2028424483-3509234485-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TidyNetwork, Quarantined, [8e7d6ba84b31c86e6c3d86bb5ea5ec14],
PUP.Optional.UpdateServer.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCBE70E6-FF43-4B37-A879-80CF2F0D2E35}, Quarantined, [4ebda46ffb811f171012ec148a799070],
PUP.Optional.UpdateServer.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCBE70E6-FF43-4B37-A879-80CF2F0D2E35}, Quarantined, [4ebda46ffb811f171012ec148a799070],
PUP.Optional.UpdateServer.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\kadefender, Quarantined, [4ebda46ffb811f171012ec148a799070],

Registry Values: 2
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_us_51, Quarantined, [cc3f63b0d3a939fdec4891a5eb18b947],
PUP.Optional.QuickStart.A, HKU\S-1-5-21-1740782002-2028424483-3509234485-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, quick_start@gmail.com, Quarantined, [30db55beb0cc90a6f2ec240323e037c9]

Registry Data: 2
PUP.Optional.V9.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, http://search.v9.com/web/?type=ds&ts=1399018951&from=ymb&uid=ST9500325AS_6VEMFQ6H&i=psd&t=341e159cc&q={searchTerms}, Good: (www.google.com), Bad: (http://search.v9.com/web/?type=ds&ts=1399018951&from=ymb&uid=ST9500325AS_6VEMFQ6H&i=psd&t=341e159cc&q={searchTerms}),Replaced,[fb101cf7ff7d6ec8b3c0808f49bc44bc]
PUP.Optional.V9.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://search.v9.com/web/?type=ds&ts=1399018951&from=ymb&uid=ST9500325AS_6VEMFQ6H&i=psd&t=341e159cc&q={searchTerms}, Good: (www.google.com), Bad: (http://search.v9.com/web/?type=ds&ts=1399018951&from=ymb&uid=ST9500325AS_6VEMFQ6H&i=psd&t=341e159cc&q={searchTerms}),Replaced,[1eed3cd7007cbc7aafc53fd0b451d52b]

Folders: 14
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config, Quarantined, [57b470a30f6d2d09cb973de511f2ce32],
PUP.Optional.UpdateService.A, C:\Users\Peggy\AppData\Roaming\UpdateServ, Delete-on-Reboot, [bd4e03100d6fa492e367132d9d66b947],
PUP.Optional.UpdateServer.A, C:\ProgramData\UpdateServer\1412877244, Quarantined, [4ebda46ffb811f171012ec148a799070],
PUP.Optional.MediaDev.A, C:\ProgramData\MediaDev\1398496685, Delete-on-Reboot, [7794749f0e6eac8afa2a06fa7390936d],
PUP.Optional.MixiDJ.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nmaikkamgfhkjbadgihldfmkpngkhgbb, Quarantined, [5dae2de6b5c746f04098e924a85bc33d],
PUP.Optional.MixiDJ.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_nmaikkamgfhkjbadgihldfmkpngkhgbb_0, Quarantined, [ba51f122d8a4af87f4e53cd15da60cf4],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r, Delete-on-Reboot, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin, Delete-on-Reboot, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\Dictionaries, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\extensions, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\PepperFlash, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Data, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules, Quarantined, [9576779cf38988ae3e83759a1ae9e719],

Files: 185
PUP.Optional.UpdateService.A, C:\ProgramData\MediaDev\1398496685\mediadev.exe, Delete-on-Reboot, [a56672a1cdafd06654c2c0b89e63f60a],
PUP.Optional.UpdateService.A, C:\Users\Peggy\AppData\Roaming\UpdateServ\UpdaterService.exe, Delete-on-Reboot, [24e7d73c2d4f2214e72f10681ae732ce],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\I~..C~..Runner.exe, Quarantined, [3fcc0211017b0630a110a4692cd9ff01],
PUP.Optional.SquareNet, C:\ProgramData\kadefendersvctask\vxhost.exe, Quarantined, [0803fc17bbc169cd73474e73f40d08f8],
PUP.Optional.SquareNet, C:\ProgramData\UpdateTask\vmhost.exe, Quarantined, [0b001ef5cab27db9e1e5dfd44ab7827e],
PUP.Optional.SquareNet, C:\ProgramData\UpdateTask\vxhost.exe, Quarantined, [2cdf9380502c8aacd1e94d7421e042be],
PUP.Optional.AddLyrics, C:\Users\Peggy\AppData\Roaming\UpdateServ\ClickAndMark_2040-5250.exe, Quarantined, [e724e82b6f0dc4720c7bd7b2d52c4db3],
Trojan.Sctmp, C:\Users\Peggy\AppData\Roaming\UpdateServ\CostMin.exe, Quarantined, [5caf7e957903280ea8d61b695da4af51],
PUP.Optional.Fralimbo.A, C:\Users\Peggy\AppData\Roaming\UpdateServ\FralimboSetup.exe, Quarantined, [22e9769d4f2d14228fa2e11136cee21e],
PUP.Optional.SkyTech.A, C:\Users\Peggy\AppData\Roaming\UpdateServ\key-find.exe, Quarantined, [63a846cd1f5d53e38e0a2b3e778a0cf4],
PUP.Optional.Amonetize, C:\Users\Peggy\AppData\Roaming\UpdateServ\Launcher.exe, Quarantined, [f813b261e99360d6fc1244f17b856c94],
PUP.Optional.InstalleRex, C:\Users\Peggy\AppData\Roaming\UpdateServ\SafeWeb.exe, Quarantined, [a8635eb52d4f46f0a1d733560ff212ee],
PUP.Optional.HighliteApp.A, C:\Users\Peggy\AppData\Roaming\UpdateServ\Setup_1017.exe, Quarantined, [15f6868d0f6d15212623f595738e28d8],
Adware.EoRezo, C:\Users\Peggy\AppData\Roaming\UpdateServ\setup_fst_us.exe, Quarantined, [20ebc64d4c3054e26e7f2163cd34cf31],
PUP.Optional.TidyNetwork.A, C:\Users\Peggy\AppData\Roaming\UpdateServ\TidyNetwork.exe, Quarantined, [23e81ff48fed71c5e75603969b66c63a],
PUP.Optional.VBates.A, C:\Users\Peggy\AppData\Roaming\UpdateServ\v-bates.exe, Quarantined, [53b84fc44438bb7bdd56787a0cf810f0],
PUP.Optional.NetFilter, C:\Windows\SysWOW64\hfnapi.dll, Quarantined, [9675a56e88f4e74f48dca11d629f9a66],
PUP.Optional.Conduit.A, C:\Users\Peggy\AppData\Local\Temp\nsa16ED.exe, Quarantined, [d23923f03e3e95a18837af82a45df40c],
PUP.Optional.Conduit.A, C:\Users\Peggy\AppData\Local\Temp\nsa5581.exe, Quarantined, [16f51ef5e696e74f338cb67bf50ccb35],
PUP.Optional.VBates.A, C:\Users\Peggy\AppData\Local\Temp\v-bates.exe, Quarantined, [0efda96afa824cea5c5e0b3a03fd8977],
PUP.Optional.Amonetize, C:\Users\Peggy\AppData\Local\Temp\drv15889.exe, Quarantined, [d23946cde696d85ebfc3ccfabf4240c0],
PUP.Optional.AirInstaller, C:\Users\Peggy\AppData\Local\Temp\air2904.exe, Quarantined, [ef1c18fb512b6cca1d790e1138c9b44c],
PUP.Optional.Conduit.A, C:\Users\Peggy\AppData\Local\Temp\airE24F.exe, Quarantined, [cd3ec053a8d457df8528d965f50b9f61],
PUP.Optional.Conduit.A, C:\Users\Peggy\AppData\Local\Temp\nsf1E5F.exe, Quarantined, [1eed47cce399c86e3d82eb46d22f41bf],
PUP.Optional.Conduit.A, C:\Users\Peggy\AppData\Local\Temp\nsf5A24.exe, Quarantined, [36d5858e2b51e452e7d876bb6b96e41c],
PUP.Optional.Conduit.A, C:\Users\Peggy\AppData\Local\Temp\nslA7E6.exe, Quarantined, [f01b29ea1f5d67cfd9e6a19034cd54ac],
PUP.Optional.Conduit.A, C:\Users\Peggy\AppData\Local\Temp\nslAF39.exe, Quarantined, [e52665ae81fb3cfa3e8136fbc43dcc34],
PUP.Optional.Conduit.A, C:\Users\Peggy\AppData\Local\Temp\nsp8165.exe, Quarantined, [4cbf0b085e1e88ae6b54121ff60b17e9],
PUP.Optional.DomaIQ, C:\Users\Peggy\AppData\Local\Temp\dBSZqSN1.exe.part, Quarantined, [7695c74c0b71cd692ef3dfdb36cbf709],
Trojan.SProtector, C:\Users\Peggy\AppData\Local\Temp\18be6784_.exe, Quarantined, [a66555be4c3030063c645013e31e0af6],
PUP.Optional.MultiPlug, C:\Users\Peggy\AppData\Local\Temp\294823_.exe, Quarantined, [cf3c6da6512b47ef809a09ab29d80ef2],
PUP.Optional.Conduit.A, C:\Users\Peggy\AppData\Local\Temp\SPStub.exe, Quarantined, [aa61cb486f0dea4cc03b5bd4a25ff50b],
PUP.Optional.SkyTech.A, C:\Users\Peggy\AppData\Local\Temp\fullpackage_temp1399018879\alilog.dll, Quarantined, [3bd09f74413bde586be31f13f50b0ef2],
PUP.Optional.V9.A, C:\Users\Peggy\AppData\Local\Temp\fullpackage_temp1399018879\qSE.exe, Quarantined, [39d2a0738defd561b93bef5908f8ea16],
PUP.Optional.IePluginService.A, C:\Users\Peggy\AppData\Local\Temp\fullpackage_temp1399018879\tmp\SupTab.exe, Quarantined, [ff0c65aee29ac1759721eb7e56ab2cd4],
PUP.Optional.ClientConnect, C:\Users\Peggy\AppData\Local\Temp\scoped_dir_27408_27633\CRX_INSTALL\APISupport\APISupport.dll, Quarantined, [3ccf6ea5d7a555e124b1634ff30ef60a],
PUP.Optional.ClientConnect, C:\Users\Peggy\AppData\Local\Temp\scoped_dir_27408_27633\CRX_INSTALL\nativeMessaging\TBMessagingHost.exe, Quarantined, [0a015db6d0ac3bfb696c1e948d74a45c],
PUP.Optional.ClientConnect, C:\Users\Peggy\AppData\Local\Temp\scoped_dir_27408_27633\CRX_INSTALL\plugins\ChromeApiPlugin.dll, Quarantined, [4dbeb75c0d6f9d999a3b2a88df22b54b],
PUP.Optional.ClientConnect, C:\Users\Peggy\AppData\Local\Temp\scoped_dir_3688_31328\CRX_INSTALL\nativeMessaging\TBMessagingHost.exe, Quarantined, [26e5db3896e6fb3b21b42f83ba47926e],
PUP.Optional.ClientConnect, C:\Users\Peggy\AppData\Local\Temp\scoped_dir_3688_31328\CRX_INSTALL\plugins\ChromeApiPlugin.dll, Quarantined, [4ebd10031468e155e8edbff3f40d7f81],
PUP.Optional.ClientConnect, C:\Users\Peggy\AppData\Local\Temp\scoped_dir_4388_21127\CRX_INSTALL\APISupport\APISupport.dll, Quarantined, [19f243d0b6c60234e7ee9a18847d6b95],
PUP.Optional.ClientConnect, C:\Users\Peggy\AppData\Local\Temp\scoped_dir_4388_21127\CRX_INSTALL\nativeMessaging\TBMessagingHost.exe, Quarantined, [4bc064af7309c6704590efc3a06128d8],
PUP.Optional.ClientConnect, C:\Users\Peggy\AppData\Local\Temp\scoped_dir_4388_21127\CRX_INSTALL\plugins\ChromeApiPlugin.dll, Quarantined, [e12a4cc7afcd68ce765f0da5d32e9e62],
PUP.Optional.ClientConnect, C:\Users\Peggy\AppData\Local\Temp\scoped_dir_5964_21210\CRX_INSTALL\APISupport\APISupport.dll, Quarantined, [15f6060d611b3afca82d6f439b66ed13],
PUP.Optional.ClientConnect, C:\Users\Peggy\AppData\Local\Temp\scoped_dir_5964_21210\CRX_INSTALL\nativeMessaging\TBMessagingHost.exe, Quarantined, [cb40040ff98351e5488daf0360a124dc],
PUP.Optional.ClientConnect, C:\Users\Peggy\AppData\Local\Temp\scoped_dir_5964_21210\CRX_INSTALL\plugins\ChromeApiPlugin.dll, Quarantined, [6e9d0b083a42b08617be278bb34e4fb1],
PUP.Optional.Amonetize, C:\Windows\temp\1bb5370d-4a45-4a96-534b-6ce9f07e7b44.exe, Quarantined, [6f9c13005329c6708200b412f30eca36],
PUP.Optional.Amonetize, C:\Windows\temp\af440eca-b283-436e-6cbf-b1108d2e1302.exe, Quarantined, [749766ad0478b284c9b9b0165ca55ca4],
PUP.Optional.Amonetize, C:\Windows\temp\f33193c6-f8ac-4715-1912-38b69ddf21f9.exe, Quarantined, [5ab19d76710b270f86fc299da75a857b],
PUP.Optional.Amonetize, C:\Windows\temp\Updater.exe, Quarantined, [e229be555b21092d4b37398d43be13ed],
PUP.Optional.Amonetize, C:\Windows\temp\b1f7a2d0-c66b-4c59-6e9e-cb765a595c1d.exe, Quarantined, [d239b261f5875fd7a8daad19df22748c],
PUP.Optional.AirInstaller, C:\Users\Peggy\Documents\Flash Player 12.exe, Quarantined, [8b80878ca6d6d95d0e880e11f908fc04],
PUP.Optional.AirInstaller, C:\Users\Peggy\Downloads\installicon_png&product_image=http, Quarantined, [3bd028eb562626104a2919ab629f8e72],
PUP.Optional.IBryte, C:\Users\Peggy\Downloads\downloadactivation_comQuarantinedfthanks[ac5fec27b6c62412780d2b9bc041e719]fsource[ac5fec27b6c62412780d2b9bc041e719]dpropeller_lightspark-us%26subid1[ac5fec27b6c62412780d2b9bc041e719]d36478%26userid[ac5fec27b6c62412780d2b9bc041e719]d15ad3a66-, [ac5fec27b6c62412780d2b9bc041e719], , %5
PUP.Optional.Multiplug, C:\Users\Peggy\Downloads\Coming of Age in Mississippi pdf.exe, Quarantined, [0902759eb5c782b4d3a19625d72a4eb2],
PUP.Optional.Amonetize, C:\Users\Peggy\Downloads\give me liberty foner pdf__3516_i1341182239_il1832916.exe, Quarantined, [927954bf2f4d77bf3eeba416877a05fb],
PUP.Optional.Multiplug, C:\Users\Peggy\Downloads\Molly's Chambers-Kings Of Leon_mp3, Quarantined, [3dceb75c7903cc6abdb75467c63bf010],
PUP.Optional.Amonetize, C:\Users\Peggy\AppData\Local\16475\Updater.exe, Quarantined, [0cffae65e19b1b1b2b57f7cf857cb050],
PUP.Optional.Amonetize.A, C:\Users\Peggy\AppData\Local\30438\a30496.exe, Quarantined, [6c9fbe55215b989e1b0cbe9924dc3fc1],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\uninstall.exe, Quarantined, [66a5a66da0dc9e981432bf8cde271be5],
PUP.Optional.IdleCrawler.A, C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\IC Update Procedure, Quarantined, [13f8d43ff884b482a5b133de956e13ed],
PUP.Optional.IdleCrawler.A, C:\Windows\System32\Tasks\IC Running Procedure, Quarantined, [a566e231c4b83204193ff21ffa09847c],
PUP.Optional.MixiDJ.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nmaikkamgfhkjbadgihldfmkpngkhgbb_0.localstorage, Quarantined, [769541d2c9b3c86ed7b6df3521e22fd1],
PUP.Optional.MixiDJ.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nmaikkamgfhkjbadgihldfmkpngkhgbb_0.localstorage-journal, Quarantined, [ed1e54bf4f2d9e982766bd57bc47fc04],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\ver.xml, Quarantined, [57b470a30f6d2d09cb973de511f2ce32],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\data.xml, Quarantined, [57b470a30f6d2d09cb973de511f2ce32],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\uninstinethnfd.exe, Quarantined, [57b470a30f6d2d09cb973de511f2ce32],
PUP.Optional.Vbates.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ljmibnagodajacnnbifpamhggcohblip_0.localstorage, Quarantined, [3fcc3ad93943f046922fe141b64dcd33],
PUP.Optional.Vbates.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ljmibnagodajacnnbifpamhggcohblip_0.localstorage-journal, Quarantined, [69a2997a215bc86ea41dc16139ca9868],
PUP.Optional.Conduit.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_facebook.conduitapps.com_0.localstorage, Quarantined, [63a89a79720a3afcb454919eae55aa56],
PUP.Optional.Conduit.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_facebook.conduitapps.com_0.localstorage-journal, Quarantined, [20eb11022c50f73f37d11718b84beb15],
PUP.Optional.Conduit.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.vaccint.com_0.localstorage, Quarantined, [9873a172106c6bcb5a71de53a95abb45],
PUP.Optional.Conduit.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.vaccint.com_0.localstorage-journal, Quarantined, [e427759e6b114aec894249e8fd0645bb],
PUP.Optional.HighLiteApp.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.highliteapp00.highliteapp.com_0.localstorage, Quarantined, [0605749f324a4ee86e2ed45ef40fd828],
PUP.Optional.HighLiteApp.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.highliteapp00.highliteapp.com_0.localstorage-journal, Quarantined, [709b47cc017bd660bfdd78ba4cb72ad6],
PUP.Optional.CrossRider.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fjbgonfbgjdmlkjofohofdjnakkfppge_0.localstorage, Quarantined, [44c71300403c66d067b51c1a27dcc23e],
PUP.Optional.CrossRider.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fjbgonfbgjdmlkjofohofdjnakkfppge_0.localstorage-journal, Quarantined, [4ebdeb28b7c585b17e9eb086946fb848],
PUP.Optional.UpdateService.A, C:\Users\Peggy\AppData\Roaming\UpdateServ\download.dat, Quarantined, [bd4e03100d6fa492e367132d9d66b947],
PUP.Optional.UpdateService.A, C:\Users\Peggy\AppData\Roaming\UpdateServ\Cloud_Backup.exe, Quarantined, [bd4e03100d6fa492e367132d9d66b947],
PUP.Optional.UpdateService.A, C:\Users\Peggy\AppData\Roaming\UpdateServ\CostMin.exe, Quarantined, [bd4e03100d6fa492e367132d9d66b947],
PUP.Optional.UpdateService.A, C:\Users\Peggy\AppData\Roaming\UpdateServ\execurl.exe, Quarantined, [bd4e03100d6fa492e367132d9d66b947],
PUP.Optional.UpdateService.A, C:\Users\Peggy\AppData\Roaming\UpdateServ\fb_info.dat, Quarantined, [bd4e03100d6fa492e367132d9d66b947],
PUP.Optional.UpdateService.A, C:\Users\Peggy\AppData\Roaming\UpdateServ\flv.exe, Quarantined, [bd4e03100d6fa492e367132d9d66b947],
PUP.Optional.UpdateService.A, C:\Users\Peggy\AppData\Roaming\UpdateServ\installer.exe, Quarantined, [bd4e03100d6fa492e367132d9d66b947],
PUP.Optional.UpdateService.A, C:\Users\Peggy\AppData\Roaming\UpdateServ\isharp_installer.exe, Quarantined, [bd4e03100d6fa492e367132d9d66b947],
PUP.Optional.UpdateService.A, C:\Users\Peggy\AppData\Roaming\UpdateServ\ISTCleaner.exe, Quarantined, [bd4e03100d6fa492e367132d9d66b947],
PUP.Optional.UpdateService.A, C:\Users\Peggy\AppData\Roaming\UpdateServ\setup_fst_us.exe, Quarantined, [bd4e03100d6fa492e367132d9d66b947],
PUP.Optional.UpdateService.A, C:\Users\Peggy\AppData\Roaming\UpdateServ\VoPackage.exe, Quarantined, [bd4e03100d6fa492e367132d9d66b947],
PUP.Optional.UpdateServer.A, C:\ProgramData\UpdateServer\1412877244\webdev.exe, Quarantined, [4ebda46ffb811f171012ec148a799070],
PUP.Optional.MixiDJ.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nmaikkamgfhkjbadgihldfmkpngkhgbb\000018.sst, Quarantined, [5dae2de6b5c746f04098e924a85bc33d],
PUP.Optional.MixiDJ.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nmaikkamgfhkjbadgihldfmkpngkhgbb\000023.sst, Quarantined, [5dae2de6b5c746f04098e924a85bc33d],
PUP.Optional.MixiDJ.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nmaikkamgfhkjbadgihldfmkpngkhgbb\000024.log, Quarantined, [5dae2de6b5c746f04098e924a85bc33d],
PUP.Optional.MixiDJ.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nmaikkamgfhkjbadgihldfmkpngkhgbb\CURRENT, Quarantined, [5dae2de6b5c746f04098e924a85bc33d],
PUP.Optional.MixiDJ.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nmaikkamgfhkjbadgihldfmkpngkhgbb\LOCK, Quarantined, [5dae2de6b5c746f04098e924a85bc33d],
PUP.Optional.MixiDJ.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nmaikkamgfhkjbadgihldfmkpngkhgbb\LOG, Quarantined, [5dae2de6b5c746f04098e924a85bc33d],
PUP.Optional.MixiDJ.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nmaikkamgfhkjbadgihldfmkpngkhgbb\LOG.old, Quarantined, [5dae2de6b5c746f04098e924a85bc33d],
PUP.Optional.MixiDJ.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nmaikkamgfhkjbadgihldfmkpngkhgbb\MANIFEST-000022, Quarantined, [5dae2de6b5c746f04098e924a85bc33d],
PUP.Optional.MixiDJ.A, C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_nmaikkamgfhkjbadgihldfmkpngkhgbb_0\6, Quarantined, [ba51f122d8a4af87f4e53cd15da60cf4],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\msvcp110.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\msvcr110.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\icudt.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Delete-on-Reboot, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome_100_percent.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome_child.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\content_resources.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\d3dcompiler_46.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\debug.log, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\ffmpegsumo.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\First Run, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\libEGL.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\libGLESv2.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\metro_driver.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\nacl64.exe, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\nacl_irt_x86_32.nexe, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\nacl_irt_x86_64.nexe, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\ppGoogleNaClPluginChrome.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\resources.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\Dictionaries\en-US-3-0.bdic, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\hi.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\am.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ar.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\bg.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\bn.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ca.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\cs.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\da.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\de.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\el.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\en-GB.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\en-US.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\es-419.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\es.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\et.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\fa.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\fi.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\fil.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\fr.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\gu.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\he.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\hr.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\hu.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\id.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\it.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ja.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\kn.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ko.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\lt.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\lv.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ml.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\mr.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ms.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\nb.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\nl.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\pl.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\pt-BR.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\pt-PT.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ro.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ru.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\sk.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\sl.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\sr.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\sv.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\sw.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ta.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\te.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\th.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\tr.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\uk.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\vi.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\zh-CN.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\zh-TW.pak, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\PepperFlash\manifest.json, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\PepperFlash\pepflashplayer.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Data\ResPack2.bin, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\CmdProc.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\CmlProc.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\CmnUtls.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\InSes.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\ManXec.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\NavSupp.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\PrfIns.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\WblSupp.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\WbSes.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],
PUP.Optional.IdleCrawler.A, C:\Users\Peggy\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\WdcMan.dll, Quarantined, [9576779cf38988ae3e83759a1ae9e719],

Physical Sectors: 0
(No malicious items detected)

(end)

 



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:29 AM

Posted 10 October 2014 - 11:28 AM

OK Better...Please re run TDSSKiller post that log.

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 psiegel

psiegel
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:29 AM

Posted 10 October 2014 - 12:40 PM

Here are the log files

 

TDSSKiller

10:05:30.0680 0x12bc  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
10:05:38.0589 0x12bc  ============================================================
10:05:38.0589 0x12bc  Current date / time: 2014/10/10 10:05:38.0589
10:05:38.0589 0x12bc  SystemInfo:
10:05:38.0589 0x12bc 
10:05:38.0589 0x12bc  OS Version: 6.1.7601 ServicePack: 1.0
10:05:38.0589 0x12bc  Product type: Workstation
10:05:38.0589 0x12bc  ComputerName: LILY
10:05:38.0589 0x12bc  UserName: Peggy
10:05:38.0589 0x12bc  Windows directory: C:\Windows
10:05:38.0589 0x12bc  System windows directory: C:\Windows
10:05:38.0589 0x12bc  Running under WOW64
10:05:38.0589 0x12bc  Processor architecture: Intel x64
10:05:38.0589 0x12bc  Number of processors: 4
10:05:38.0589 0x12bc  Page size: 0x1000
10:05:38.0589 0x12bc  Boot type: Normal boot
10:05:38.0589 0x12bc  ============================================================
10:05:39.0198 0x12bc  KLMD registered as C:\Windows\system32\drivers\11386373.sys
10:05:39.0541 0x12bc  System UUID: {008A9AB1-18E6-FBCB-4CB8-8FEFD4439CB3}
10:05:40.0415 0x12bc  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:05:40.0415 0x12bc  ============================================================
10:05:40.0415 0x12bc  \Device\Harddisk0\DR0:
10:05:40.0415 0x12bc  MBR partitions:
10:05:40.0415 0x12bc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
10:05:40.0415 0x12bc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37CD3000
10:05:40.0415 0x12bc  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37D37000, BlocksNum 0x261B000
10:05:40.0415 0x12bc  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
10:05:40.0415 0x12bc  ============================================================
10:05:40.0446 0x12bc  C: <-> \Device\Harddisk0\DR0\Partition2
10:05:40.0555 0x12bc  D: <-> \Device\Harddisk0\DR0\Partition3
10:05:40.0555 0x12bc  ============================================================
10:05:40.0555 0x12bc  Initialize success
10:05:40.0555 0x12bc  ============================================================
10:05:51.0069 0x0fec  ============================================================
10:05:51.0069 0x0fec  Scan started
10:05:51.0069 0x0fec  Mode: Manual;
10:05:51.0069 0x0fec  ============================================================
10:05:51.0069 0x0fec  KSN ping started
10:05:54.0221 0x0fec  KSN ping finished: true
10:05:55.0001 0x0fec  ================ Scan system memory ========================
10:05:55.0001 0x0fec  System memory - ok
10:05:55.0001 0x0fec  ================ Scan services =============================
10:05:55.0125 0x0fec  [ 7D9D615201A483D6FA99491C2E655A5A, EF24EBC4E08B555E5A90E6D560F375267137064AED1A9DC5251BB1FF2B65BA37 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
10:05:55.0141 0x0fec  !SASCORE - ok
10:05:55.0391 0x0fec  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:05:55.0406 0x0fec  1394ohci - ok
10:05:55.0453 0x0fec  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:05:55.0469 0x0fec  ACPI - ok
10:05:55.0484 0x0fec  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:05:55.0500 0x0fec  AcpiPmi - ok
10:05:55.0609 0x0fec  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:05:55.0609 0x0fec  AdobeARMservice - ok
10:05:55.0749 0x0fec  [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:05:55.0765 0x0fec  AdobeFlashPlayerUpdateSvc - ok
10:05:55.0843 0x0fec  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:05:55.0890 0x0fec  adp94xx - ok
10:05:55.0921 0x0fec  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:05:55.0937 0x0fec  adpahci - ok
10:05:55.0952 0x0fec  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:05:55.0952 0x0fec  adpu320 - ok
10:05:55.0983 0x0fec  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:05:55.0999 0x0fec  AeLookupSvc - ok
10:05:56.0030 0x0fec  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
10:05:56.0046 0x0fec  AERTFilters - ok
10:05:56.0124 0x0fec  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
10:05:56.0155 0x0fec  AFD - ok
10:05:56.0202 0x0fec  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:05:56.0202 0x0fec  agp440 - ok
10:05:56.0233 0x0fec  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:05:56.0233 0x0fec  ALG - ok
10:05:56.0280 0x0fec  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:05:56.0280 0x0fec  aliide - ok
10:05:56.0295 0x0fec  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:05:56.0295 0x0fec  amdide - ok
10:05:56.0327 0x0fec  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:05:56.0342 0x0fec  AmdK8 - ok
10:05:56.0342 0x0fec  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:05:56.0358 0x0fec  AmdPPM - ok
10:05:56.0389 0x0fec  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:05:56.0405 0x0fec  amdsata - ok
10:05:56.0420 0x0fec  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:05:56.0420 0x0fec  amdsbs - ok
10:05:56.0436 0x0fec  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:05:56.0436 0x0fec  amdxata - ok
10:05:56.0498 0x0fec  [ 4DE0D5D747A73797C95A97DCCE5018B5, 17EC669675C2E43515EFE2D8BCC9DDFFBE64F99EBFB9A6DAB429F65A2B504560 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
10:05:56.0498 0x0fec  androidusb - ok
10:05:56.0545 0x0fec  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
10:05:56.0545 0x0fec  AppID - ok
10:05:56.0576 0x0fec  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:05:56.0576 0x0fec  AppIDSvc - ok
10:05:56.0607 0x0fec  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
10:05:56.0607 0x0fec  Appinfo - ok
10:05:56.0654 0x0fec  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:05:56.0670 0x0fec  arc - ok
10:05:56.0685 0x0fec  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:05:56.0685 0x0fec  arcsas - ok
10:05:56.0857 0x0fec  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:05:56.0857 0x0fec  aspnet_state - ok
10:05:56.0904 0x0fec  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:05:56.0904 0x0fec  AsyncMac - ok
10:05:56.0951 0x0fec  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:05:56.0951 0x0fec  atapi - ok
10:05:56.0997 0x0fec  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:05:57.0122 0x0fec  AudioEndpointBuilder - ok
10:05:57.0153 0x0fec  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:05:57.0153 0x0fec  AudioSrv - ok
10:05:57.0200 0x0fec  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:05:57.0216 0x0fec  AxInstSV - ok
10:05:57.0278 0x0fec  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:05:57.0309 0x0fec  b06bdrv - ok
10:05:57.0341 0x0fec  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:05:57.0356 0x0fec  b57nd60a - ok
10:05:57.0403 0x0fec  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:05:57.0403 0x0fec  BDESVC - ok
10:05:57.0434 0x0fec  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:05:57.0434 0x0fec  Beep - ok
10:05:57.0512 0x0fec  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:05:57.0512 0x0fec  BFE - ok
10:05:57.0762 0x0fec  [ 5B1FE9D351C284701C8051DA2AA81DF6, 6D5069EEF071E993E226C725D71703909730B50BA5E754C33E8B7D4FABABEF7D ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\BASHDefs\20120413.001\BHDrvx64.sys
10:05:57.0840 0x0fec  BHDrvx64 - ok
10:05:57.0902 0x0fec  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:05:57.0949 0x0fec  BITS - ok
10:05:57.0980 0x0fec  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:05:57.0980 0x0fec  blbdrive - ok
10:05:58.0027 0x0fec  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:05:58.0043 0x0fec  bowser - ok
10:05:58.0058 0x0fec  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:05:58.0058 0x0fec  BrFiltLo - ok
10:05:58.0074 0x0fec  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:05:58.0074 0x0fec  BrFiltUp - ok
10:05:58.0121 0x0fec  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
10:05:58.0121 0x0fec  BridgeMP - ok
10:05:58.0183 0x0fec  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:05:58.0183 0x0fec  Browser - ok
10:05:58.0230 0x0fec  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:05:58.0245 0x0fec  Brserid - ok
10:05:58.0261 0x0fec  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:05:58.0277 0x0fec  BrSerWdm - ok
10:05:58.0277 0x0fec  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:05:58.0277 0x0fec  BrUsbMdm - ok
10:05:58.0292 0x0fec  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:05:58.0292 0x0fec  BrUsbSer - ok
10:05:58.0308 0x0fec  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:05:58.0323 0x0fec  BTHMODEM - ok
10:05:58.0355 0x0fec  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:05:58.0355 0x0fec  bthserv - ok
10:05:58.0370 0x0fec  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:05:58.0370 0x0fec  cdfs - ok
10:05:58.0417 0x0fec  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
10:05:58.0433 0x0fec  cdrom - ok
10:05:58.0479 0x0fec  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:05:58.0495 0x0fec  CertPropSvc - ok
10:05:58.0511 0x0fec  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:05:58.0526 0x0fec  circlass - ok
10:05:58.0573 0x0fec  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:05:58.0589 0x0fec  CLFS - ok
10:05:58.0667 0x0fec  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:05:58.0667 0x0fec  clr_optimization_v2.0.50727_32 - ok
10:05:58.0745 0x0fec  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:05:58.0745 0x0fec  clr_optimization_v2.0.50727_64 - ok
10:05:58.0901 0x0fec  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:05:58.0901 0x0fec  clr_optimization_v4.0.30319_32 - ok
10:05:58.0932 0x0fec  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:05:58.0932 0x0fec  clr_optimization_v4.0.30319_64 - ok
10:05:58.0979 0x0fec  [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
10:05:58.0979 0x0fec  clwvd - ok
10:05:59.0010 0x0fec  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:05:59.0010 0x0fec  CmBatt - ok
10:05:59.0041 0x0fec  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:05:59.0041 0x0fec  cmdide - ok
10:05:59.0088 0x0fec  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
10:05:59.0119 0x0fec  CNG - ok
10:05:59.0135 0x0fec  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:05:59.0150 0x0fec  Compbatt - ok
10:05:59.0181 0x0fec  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:05:59.0181 0x0fec  CompositeBus - ok
10:05:59.0213 0x0fec  COMSysApp - ok
10:05:59.0228 0x0fec  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:05:59.0228 0x0fec  crcdisk - ok
10:05:59.0275 0x0fec  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:05:59.0275 0x0fec  CryptSvc - ok
10:05:59.0400 0x0fec  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:05:59.0431 0x0fec  cvhsvc - ok
10:05:59.0556 0x0fec  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:05:59.0556 0x0fec  DcomLaunch - ok
10:05:59.0587 0x0fec  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:05:59.0603 0x0fec  defragsvc - ok
10:05:59.0634 0x0fec  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:05:59.0634 0x0fec  DfsC - ok
10:05:59.0681 0x0fec  [ A64CC0B5D93F25BF5D052A1FEBE71E68, 839EC10F08397F8DC0BB7CEB170A84A85865E4ABB7B11A4CEE63275B6F5AA517 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
10:05:59.0681 0x0fec  dg_ssudbus - ok
10:05:59.0759 0x0fec  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:05:59.0790 0x0fec  Dhcp - ok
10:05:59.0821 0x0fec  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:05:59.0821 0x0fec  discache - ok
10:05:59.0868 0x0fec  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:05:59.0868 0x0fec  Disk - ok
10:05:59.0915 0x0fec  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:05:59.0930 0x0fec  Dnscache - ok
10:05:59.0977 0x0fec  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:05:59.0993 0x0fec  dot3svc - ok
10:06:00.0024 0x0fec  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:06:00.0039 0x0fec  DPS - ok
10:06:00.0071 0x0fec  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:06:00.0071 0x0fec  drmkaud - ok
10:06:00.0149 0x0fec  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:06:00.0227 0x0fec  DXGKrnl - ok
10:06:00.0305 0x0fec  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:06:00.0305 0x0fec  EapHost - ok
10:06:00.0461 0x0fec  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:06:00.0601 0x0fec  ebdrv - ok
10:06:00.0695 0x0fec  [ 0C3F9EFF8DDD9F9EB56D754B4620155F, D81F2DF707E9A3852BB0CE30883B86D722EA1E7585E7A7D1BC3E081E0A4FDFDB ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:06:00.0726 0x0fec  eeCtrl - ok
10:06:00.0757 0x0fec  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
10:06:00.0757 0x0fec  EFS - ok
10:06:00.0866 0x0fec  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:06:00.0882 0x0fec  ehRecvr - ok
10:06:00.0929 0x0fec  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:06:00.0929 0x0fec  ehSched - ok
10:06:00.0991 0x0fec  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:06:01.0022 0x0fec  elxstor - ok
10:06:01.0100 0x0fec  [ 8C0F9B877BC0B7FFD327EF55F9EFB642, 238FB9A33DE89BC2D0F38734A44E16B6FE0E8806CDF9C09C0F238239DC9DA74B ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:06:01.0116 0x0fec  EraserUtilRebootDrv - ok
10:06:01.0147 0x0fec  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:06:01.0147 0x0fec  ErrDev - ok
10:06:01.0225 0x0fec  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:06:01.0241 0x0fec  EventSystem - ok
10:06:01.0272 0x0fec  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:06:01.0287 0x0fec  exfat - ok
10:06:01.0319 0x0fec  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:06:01.0319 0x0fec  fastfat - ok
10:06:01.0397 0x0fec  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:06:01.0412 0x0fec  Fax - ok
10:06:01.0443 0x0fec  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:06:01.0459 0x0fec  fdc - ok
10:06:01.0490 0x0fec  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:06:01.0490 0x0fec  fdPHost - ok
10:06:01.0506 0x0fec  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:06:01.0506 0x0fec  FDResPub - ok
10:06:01.0521 0x0fec  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:06:01.0521 0x0fec  FileInfo - ok
10:06:01.0553 0x0fec  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:06:01.0553 0x0fec  Filetrace - ok
10:06:01.0553 0x0fec  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:06:01.0568 0x0fec  flpydisk - ok
10:06:01.0599 0x0fec  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:06:01.0615 0x0fec  FltMgr - ok
10:06:01.0709 0x0fec  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
10:06:01.0771 0x0fec  FontCache - ok
10:06:01.0833 0x0fec  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:06:01.0833 0x0fec  FontCache3.0.0.0 - ok
10:06:01.0865 0x0fec  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:06:01.0865 0x0fec  FsDepends - ok
10:06:01.0896 0x0fec  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:06:01.0896 0x0fec  Fs_Rec - ok
10:06:01.0943 0x0fec  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:06:01.0958 0x0fec  fvevol - ok
10:06:01.0974 0x0fec  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:06:01.0974 0x0fec  gagp30kx - ok
10:06:02.0036 0x0fec  [ D154305DE6090E6E84E525F84BB08A06, 7B235178C3F26043AB7DB9EAD9A2185CEAF3C07BC48D63CA0EB6D56BCFEDF41A ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
10:06:02.0067 0x0fec  GameConsoleService - ok
10:06:02.0130 0x0fec  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:06:02.0145 0x0fec  gpsvc - ok
10:06:02.0239 0x0fec  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:06:02.0255 0x0fec  gupdate - ok
10:06:02.0270 0x0fec  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:06:02.0270 0x0fec  gupdatem - ok
10:06:02.0286 0x0fec  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:06:02.0301 0x0fec  hcw85cir - ok
10:06:02.0364 0x0fec  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:06:02.0395 0x0fec  HdAudAddService - ok
10:06:02.0426 0x0fec  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:06:02.0426 0x0fec  HDAudBus - ok
10:06:02.0457 0x0fec  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
10:06:02.0457 0x0fec  HECIx64 - ok
10:06:02.0489 0x0fec  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:06:02.0489 0x0fec  HidBatt - ok
10:06:02.0504 0x0fec  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:06:02.0520 0x0fec  HidBth - ok
10:06:02.0520 0x0fec  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:06:02.0535 0x0fec  HidIr - ok
10:06:02.0551 0x0fec  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
10:06:02.0551 0x0fec  hidserv - ok
10:06:02.0598 0x0fec  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:06:02.0598 0x0fec  HidUsb - ok
10:06:02.0629 0x0fec  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:06:02.0629 0x0fec  hkmsvc - ok
10:06:02.0676 0x0fec  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:06:02.0691 0x0fec  HomeGroupListener - ok
10:06:02.0723 0x0fec  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:06:02.0738 0x0fec  HomeGroupProvider - ok
10:06:02.0847 0x0fec  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
10:06:02.0863 0x0fec  HP Support Assistant Service - ok
10:06:02.0925 0x0fec  [ C930128C8F8FF03D8F8C42B570920D56, 6D44373F466A580EFB9866FA4FACB4951C522893C2A1877ED0E462460B90E241 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
10:06:02.0941 0x0fec  HP Wireless Assistant Service - ok
10:06:02.0988 0x0fec  [ 3DC11A802353401332D49C3CBFBBE5FC, E812E8A4ED64FEC346BE6B175CE651CFC553A23F31B0ABC5D50E6995A7F130DF ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
10:06:03.0003 0x0fec  HPClientSvc - ok
10:06:03.0128 0x0fec  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
10:06:03.0159 0x0fec  hpqwmiex - ok
10:06:03.0206 0x0fec  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:06:03.0206 0x0fec  HpSAMD - ok
10:06:03.0253 0x0fec  [ F630DD7564EBB7248A13B1CC774D9EA6, 53BDFDB7177606DCBB5098A417542F181487227FB73C5C93BE1275752D2C002A ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
10:06:03.0253 0x0fec  HPWMISVC - ok
10:06:03.0347 0x0fec  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:06:03.0393 0x0fec  HTTP - ok
10:06:03.0425 0x0fec  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:06:03.0425 0x0fec  hwpolicy - ok
10:06:03.0471 0x0fec  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:06:03.0487 0x0fec  i8042prt - ok
10:06:03.0549 0x0fec  [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
10:06:03.0565 0x0fec  iaStor - ok
10:06:03.0627 0x0fec  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:06:03.0659 0x0fec  iaStorV - ok
10:06:03.0752 0x0fec  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:06:03.0830 0x0fec  idsvc - ok
10:06:03.0971 0x0fec  [ 18C40C3F368323B203ACE403CB430DB1, 068B4487EEE698DD4A6A99C4C26D5331566EE2AB263C86ADA0E5D878AA4BDB59 ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\IPSDefs\20120419.001\IDSvia64.sys
10:06:04.0002 0x0fec  IDSVia64 - ok
10:06:04.0017 0x0fec  IEEtwCollectorService - ok
10:06:04.0407 0x0fec  [ 898AB5BFED7040D7AB07AF01885EB944, 72B140D6A62A8AF9439FA7061D8014EE7D1D49EC9EE6524881749A7C85926721 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:06:04.0782 0x0fec  igfx - ok
10:06:04.0829 0x0fec  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:06:04.0829 0x0fec  iirsp - ok
10:06:04.0922 0x0fec  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:06:04.0938 0x0fec  IKEEXT - ok
10:06:05.0031 0x0fec  [ 4B6363CD4610BB848531BB260B15DFCC, 13A8AA9571497086341AC00797EFF212FF76EE62F9CFF758D3C08B377EC7BF04 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
10:06:05.0031 0x0fec  Impcd - ok
10:06:05.0156 0x0fec  [ D311E2DD59A34079D89C249B2A4D9FDB, F2DB1DBD5619A48545434983DDB5260A610F22B37E1D81720B688FEF95C9AD07 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:06:05.0265 0x0fec  IntcAzAudAddService - ok
10:06:05.0328 0x0fec  [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
10:06:05.0359 0x0fec  IntcDAud - ok
10:06:05.0390 0x0fec  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:06:05.0390 0x0fec  intelide - ok
10:06:05.0437 0x0fec  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:06:05.0437 0x0fec  intelppm - ok
10:06:05.0468 0x0fec  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:06:05.0468 0x0fec  IPBusEnum - ok
10:06:05.0499 0x0fec  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:06:05.0515 0x0fec  IpFilterDriver - ok
10:06:05.0593 0x0fec  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:06:05.0640 0x0fec  iphlpsvc - ok
10:06:05.0671 0x0fec  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:06:05.0671 0x0fec  IPMIDRV - ok
10:06:05.0718 0x0fec  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:06:05.0718 0x0fec  IPNAT - ok
10:06:05.0733 0x0fec  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:06:05.0749 0x0fec  IRENUM - ok
10:06:05.0749 0x0fec  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:06:05.0765 0x0fec  isapnp - ok
10:06:05.0796 0x0fec  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:06:05.0827 0x0fec  iScsiPrt - ok
10:06:05.0874 0x0fec  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
10:06:05.0874 0x0fec  kbdclass - ok
10:06:05.0905 0x0fec  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
10:06:05.0921 0x0fec  kbdhid - ok
10:06:05.0952 0x0fec  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
10:06:05.0952 0x0fec  KeyIso - ok
10:06:05.0983 0x0fec  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:06:05.0999 0x0fec  KSecDD - ok
10:06:06.0030 0x0fec  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:06:06.0045 0x0fec  KSecPkg - ok
10:06:06.0077 0x0fec  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:06:06.0077 0x0fec  ksthunk - ok
10:06:06.0123 0x0fec  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:06:06.0170 0x0fec  KtmRm - ok
10:06:06.0217 0x0fec  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
10:06:06.0217 0x0fec  LanmanServer - ok
10:06:06.0264 0x0fec  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:06:06.0264 0x0fec  LanmanWorkstation - ok
10:06:06.0295 0x0fec  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:06:06.0295 0x0fec  lltdio - ok
10:06:06.0357 0x0fec  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:06:06.0373 0x0fec  lltdsvc - ok
10:06:06.0389 0x0fec  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:06:06.0404 0x0fec  lmhosts - ok
10:06:06.0482 0x0fec  [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:06:06.0498 0x0fec  LMS - ok
10:06:06.0545 0x0fec  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:06:06.0545 0x0fec  LSI_FC - ok
10:06:06.0560 0x0fec  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:06:06.0576 0x0fec  LSI_SAS - ok
10:06:06.0576 0x0fec  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:06:06.0591 0x0fec  LSI_SAS2 - ok
10:06:06.0591 0x0fec  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:06:06.0607 0x0fec  LSI_SCSI - ok
10:06:06.0638 0x0fec  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:06:06.0638 0x0fec  luafv - ok
10:06:06.0716 0x0fec  [ 7991C0E7A33CF921FDE54D7D2807E41B, A68B652429A08564710FF09B3DDF81211C1802DFF9B522128763AAB29A43E574 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
10:06:06.0732 0x0fec  MBAMProtector - ok
10:06:06.0857 0x0fec  [ 6EE5EA44AC06A52CE03ACD37281E078D, A65CF98E0C2EEED10FD9A3CBFB8D5E8317A16EC522F798338FBFB971651233C0 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
10:06:06.0966 0x0fec  MBAMScheduler - ok
10:06:07.0028 0x0fec  [ 5E30FA7FFB73198C1AEEE8A1B97ED9BF, 62F5A61E33DA7ADEA9EBB32C1FEBFE58F6A267B01C4D6BE646ED7C154DEA662F ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
10:06:07.0059 0x0fec  MBAMService - ok
10:06:07.0106 0x0fec  [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
10:06:07.0122 0x0fec  MBAMSwissArmy - ok
10:06:07.0137 0x0fec  [ 99F29B330A5ED5BA791E29E527BEC306, 4E172A6AB73BED710E73BFBDD4447B21980B71EA164B928CE29C8F134A976821 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
10:06:07.0137 0x0fec  MBAMWebAccessControl - ok
10:06:07.0169 0x0fec  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:06:07.0184 0x0fec  Mcx2Svc - ok
10:06:07.0200 0x0fec  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:06:07.0215 0x0fec  megasas - ok
10:06:07.0247 0x0fec  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:06:07.0262 0x0fec  MegaSR - ok
10:06:07.0293 0x0fec  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:06:07.0293 0x0fec  MMCSS - ok
10:06:07.0309 0x0fec  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:06:07.0309 0x0fec  Modem - ok
10:06:07.0325 0x0fec  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:06:07.0325 0x0fec  monitor - ok
10:06:07.0356 0x0fec  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:06:07.0356 0x0fec  mouclass - ok
10:06:07.0371 0x0fec  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:06:07.0387 0x0fec  mouhid - ok
10:06:07.0418 0x0fec  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:06:07.0418 0x0fec  mountmgr - ok
10:06:07.0465 0x0fec  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:06:07.0481 0x0fec  MozillaMaintenance - ok
10:06:07.0512 0x0fec  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:06:07.0512 0x0fec  mpio - ok
10:06:07.0543 0x0fec  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:06:07.0543 0x0fec  mpsdrv - ok
10:06:07.0637 0x0fec  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:06:07.0652 0x0fec  MpsSvc - ok
10:06:07.0715 0x0fec  [ 9BD4DCB5412921864A7AACDEDFBD1923, 46DEE9B9414D26203B62F0D6CAEBF37A3CEFD118556129547B2C5FC7B6FDBA05 ] MREMP50         C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
10:06:07.0715 0x0fec  MREMP50 - ok
10:06:07.0761 0x0fec  [ C2758DF79C83A0D12A5599A040CA1818, 236641D2AD596CDC53AE8407F7A7AA02719764CCC7E6D5C547F41FE7C1D67BB5 ] MREMP50a64      C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS
10:06:07.0761 0x0fec  MREMP50a64 - ok
10:06:07.0761 0x0fec  MREMPR5 - ok
10:06:07.0777 0x0fec  MRENDIS5 - ok
10:06:07.0808 0x0fec  [ 07C02C892E8E1A72D6BF35004F0E9C5E, 09ECD59AADF08E2AA0C1BAF5D3D7CBB0948153E531E1F82ECACD43F14F88106B ] MRESP50         C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
10:06:07.0808 0x0fec  MRESP50 - ok
10:06:07.0839 0x0fec  [ 38BD5B32E0722752BE8465D2A6DA43D9, EE009F141D77A858C84B4294F4FF51ECA400D48B3AD735FAC99EEF4E3E00E9EE ] MRESP50a64      C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS
10:06:07.0839 0x0fec  MRESP50a64 - ok
10:06:07.0871 0x0fec  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:06:07.0886 0x0fec  MRxDAV - ok
10:06:07.0917 0x0fec  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:06:07.0933 0x0fec  mrxsmb - ok
10:06:07.0949 0x0fec  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:06:07.0980 0x0fec  mrxsmb10 - ok
10:06:07.0995 0x0fec  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:06:07.0995 0x0fec  mrxsmb20 - ok
10:06:08.0027 0x0fec  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:06:08.0027 0x0fec  msahci - ok
10:06:08.0058 0x0fec  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:06:08.0073 0x0fec  msdsm - ok
10:06:08.0105 0x0fec  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:06:08.0105 0x0fec  MSDTC - ok
10:06:08.0136 0x0fec  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:06:08.0136 0x0fec  Msfs - ok
10:06:08.0151 0x0fec  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:06:08.0151 0x0fec  mshidkmdf - ok
10:06:08.0167 0x0fec  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:06:08.0167 0x0fec  msisadrv - ok
10:06:08.0198 0x0fec  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:06:08.0198 0x0fec  MSiSCSI - ok
10:06:08.0198 0x0fec  msiserver - ok
10:06:08.0229 0x0fec  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:06:08.0229 0x0fec  MSKSSRV - ok
10:06:08.0245 0x0fec  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:06:08.0245 0x0fec  MSPCLOCK - ok
10:06:08.0261 0x0fec  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:06:08.0261 0x0fec  MSPQM - ok
10:06:08.0307 0x0fec  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:06:08.0323 0x0fec  MsRPC - ok
10:06:08.0354 0x0fec  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:06:08.0354 0x0fec  mssmbios - ok
10:06:08.0401 0x0fec  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:06:08.0401 0x0fec  MSTEE - ok
10:06:08.0417 0x0fec  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:06:08.0417 0x0fec  MTConfig - ok
10:06:08.0448 0x0fec  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:06:08.0448 0x0fec  Mup - ok
10:06:08.0495 0x0fec  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:06:08.0510 0x0fec  napagent - ok
10:06:08.0557 0x0fec  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:06:08.0588 0x0fec  NativeWifiP - ok
10:06:08.0666 0x0fec  [ E78A365CC3E0FBFC018A33DCE01909F8, 0A414BDD8F8FB4BA493B8FBE9EB63377D9BB0A6800C55B2E3500913CF0F96AC6 ] NAV             C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe
10:06:08.0682 0x0fec  NAV - ok
10:06:08.0775 0x0fec  [ 2DBE90210DE76BE6E1653BB20EC70EC2, E5AB955082084EB2261C801E74C1EEBEC26472DB3EE803C65C5ADF5A92527F07 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20120419.019\ENG64.SYS
10:06:08.0775 0x0fec  NAVENG - ok
10:06:08.0885 0x0fec  [ 346DA70E203B8E2C850277713DE8F71B, 3F9359A3E2CC9B6158A9549E6786C6622BDA6E8851EDE0EF73F9AC8145F86D35 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20120419.019\EX64.SYS
10:06:09.0009 0x0fec  NAVEX15 - ok
10:06:09.0103 0x0fec  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:06:09.0150 0x0fec  NDIS - ok
10:06:09.0197 0x0fec  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:06:09.0197 0x0fec  NdisCap - ok
10:06:09.0212 0x0fec  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:06:09.0228 0x0fec  NdisTapi - ok
10:06:09.0259 0x0fec  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:06:09.0259 0x0fec  Ndisuio - ok
10:06:09.0306 0x0fec  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:06:09.0321 0x0fec  NdisWan - ok
10:06:09.0353 0x0fec  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:06:09.0353 0x0fec  NDProxy - ok
10:06:09.0399 0x0fec  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:06:09.0399 0x0fec  NetBIOS - ok
10:06:09.0431 0x0fec  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:06:09.0446 0x0fec  NetBT - ok
10:06:09.0462 0x0fec  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
10:06:09.0462 0x0fec  Netlogon - ok
10:06:09.0509 0x0fec  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:06:09.0524 0x0fec  Netman - ok
10:06:09.0571 0x0fec  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:06:09.0571 0x0fec  NetMsmqActivator - ok
10:06:09.0587 0x0fec  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:06:09.0587 0x0fec  NetPipeActivator - ok
10:06:09.0618 0x0fec  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:06:09.0633 0x0fec  netprofm - ok
10:06:09.0727 0x0fec  [ 24CF1304D899124336F67F88F3C15E21, B48FF3D4793A39BBC570F6E4840FD3CF5341C988DA9256EA292CA1E6B280163E ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
10:06:09.0789 0x0fec  netr28x - ok
10:06:09.0821 0x0fec  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:06:09.0821 0x0fec  NetTcpActivator - ok
10:06:09.0836 0x0fec  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:06:09.0836 0x0fec  NetTcpPortSharing - ok
10:06:10.0070 0x0fec  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
10:06:10.0289 0x0fec  netw5v64 - ok
10:06:10.0320 0x0fec  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:06:10.0320 0x0fec  nfrd960 - ok
10:06:10.0382 0x0fec  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:06:10.0398 0x0fec  NlaSvc - ok
10:06:10.0538 0x0fec  [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
10:06:10.0663 0x0fec  NOBU - ok
10:06:10.0694 0x0fec  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:06:10.0694 0x0fec  Npfs - ok
10:06:10.0725 0x0fec  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:06:10.0725 0x0fec  nsi - ok
10:06:10.0741 0x0fec  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:06:10.0741 0x0fec  nsiproxy - ok
10:06:10.0850 0x0fec  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:06:10.0944 0x0fec  Ntfs - ok
10:06:10.0975 0x0fec  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:06:10.0975 0x0fec  Null - ok
10:06:11.0022 0x0fec  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:06:11.0022 0x0fec  nvraid - ok
10:06:11.0053 0x0fec  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:06:11.0053 0x0fec  nvstor - ok
10:06:11.0100 0x0fec  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:06:11.0100 0x0fec  nv_agp - ok
10:06:11.0131 0x0fec  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:06:11.0131 0x0fec  ohci1394 - ok
10:06:11.0178 0x0fec  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:06:11.0178 0x0fec  ose - ok
10:06:11.0381 0x0fec  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:06:11.0583 0x0fec  osppsvc - ok
10:06:11.0615 0x0fec  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:06:11.0630 0x0fec  p2pimsvc - ok
10:06:11.0661 0x0fec  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:06:11.0693 0x0fec  p2psvc - ok
10:06:11.0708 0x0fec  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:06:11.0708 0x0fec  Parport - ok
10:06:11.0739 0x0fec  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:06:11.0755 0x0fec  partmgr - ok
10:06:11.0771 0x0fec  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:06:11.0771 0x0fec  PcaSvc - ok
10:06:11.0817 0x0fec  [ 6D2C447FF3E16F04B3E517426F7840C8, 0138B53B331F921F7FAE3272DB4C6A27CAC16EDD9DF59991BD06BAF4745A7148 ] pcCMService64   C:\Program Files\Common Files\Motive\pcCMService.exe
10:06:11.0849 0x0fec  pcCMService64 - ok
10:06:11.0880 0x0fec  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:06:11.0895 0x0fec  pci - ok
10:06:11.0927 0x0fec  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:06:11.0927 0x0fec  pciide - ok
10:06:11.0958 0x0fec  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:06:11.0973 0x0fec  pcmcia - ok
10:06:11.0989 0x0fec  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:06:11.0989 0x0fec  pcw - ok
10:06:12.0020 0x0fec  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:06:12.0051 0x0fec  PEAUTH - ok
10:06:12.0161 0x0fec  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:06:12.0161 0x0fec  PerfHost - ok
10:06:12.0270 0x0fec  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:06:12.0332 0x0fec  pla - ok
10:06:12.0379 0x0fec  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:06:12.0395 0x0fec  PlugPlay - ok
10:06:12.0441 0x0fec  [ A010F13D27C1033A8BE09D5FA9BF348B, 5536A233554C469F270046ADEE12A158F70E2D8BE776BAD0925235B015567D46 ] pneteth         C:\Windows\system32\DRIVERS\pneteth.sys
10:06:12.0441 0x0fec  pneteth - ok
10:06:12.0473 0x0fec  [ 06841F5CD8410B6BDC0B5A631B8F8787, 95CA940AAE0C713C7161899D7DD7109FC985B60A1B3817C4243ED9870DA5FDE0 ] pnetmdm         C:\Windows\system32\DRIVERS\pnetmdm64.sys
10:06:12.0488 0x0fec  pnetmdm - ok
10:06:12.0504 0x0fec  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:06:12.0504 0x0fec  PNRPAutoReg - ok
10:06:12.0535 0x0fec  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:06:12.0551 0x0fec  PNRPsvc - ok
10:06:12.0597 0x0fec  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:06:12.0644 0x0fec  PolicyAgent - ok
10:06:12.0675 0x0fec  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:06:12.0691 0x0fec  Power - ok
10:06:12.0722 0x0fec  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:06:12.0738 0x0fec  PptpMiniport - ok
10:06:12.0769 0x0fec  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:06:12.0769 0x0fec  Processor - ok
10:06:12.0816 0x0fec  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:06:12.0831 0x0fec  ProfSvc - ok
10:06:12.0863 0x0fec  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:06:12.0863 0x0fec  ProtectedStorage - ok
10:06:12.0909 0x0fec  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:06:12.0909 0x0fec  Psched - ok
10:06:13.0034 0x0fec  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:06:13.0128 0x0fec  ql2300 - ok
10:06:13.0143 0x0fec  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:06:13.0143 0x0fec  ql40xx - ok
10:06:13.0175 0x0fec  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:06:13.0190 0x0fec  QWAVE - ok
10:06:13.0206 0x0fec  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:06:13.0206 0x0fec  QWAVEdrv - ok
10:06:13.0221 0x0fec  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:06:13.0221 0x0fec  RasAcd - ok
10:06:13.0253 0x0fec  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:06:13.0253 0x0fec  RasAgileVpn - ok
10:06:13.0284 0x0fec  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:06:13.0284 0x0fec  RasAuto - ok
10:06:13.0315 0x0fec  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:06:13.0315 0x0fec  Rasl2tp - ok
10:06:13.0377 0x0fec  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:06:13.0393 0x0fec  RasMan - ok
10:06:13.0424 0x0fec  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:06:13.0440 0x0fec  RasPppoe - ok
10:06:13.0455 0x0fec  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:06:13.0455 0x0fec  RasSstp - ok
10:06:13.0487 0x0fec  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:06:13.0502 0x0fec  rdbss - ok
10:06:13.0518 0x0fec  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:06:13.0518 0x0fec  rdpbus - ok
10:06:13.0549 0x0fec  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:06:13.0549 0x0fec  RDPCDD - ok
10:06:13.0565 0x0fec  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:06:13.0565 0x0fec  RDPENCDD - ok
10:06:13.0580 0x0fec  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:06:13.0580 0x0fec  RDPREFMP - ok
10:06:13.0627 0x0fec  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:06:13.0643 0x0fec  RDPWD - ok
10:06:13.0705 0x0fec  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:06:13.0721 0x0fec  rdyboost - ok
10:06:13.0752 0x0fec  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:06:13.0752 0x0fec  RemoteAccess - ok
10:06:13.0814 0x0fec  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:06:13.0830 0x0fec  RemoteRegistry - ok
10:06:13.0861 0x0fec  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
10:06:13.0877 0x0fec  ROOTMODEM - ok
10:06:13.0939 0x0fec  [ C1568E17039B2EC2B73A4F880DDD51E5, B193BA01D3EA9EF8052F2053CB70DC528232F21FECBE78C83E8048A7F90E8951 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
10:06:13.0970 0x0fec  RoxioNow Service - ok
10:06:13.0986 0x0fec  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:06:14.0001 0x0fec  RpcEptMapper - ok
10:06:14.0017 0x0fec  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:06:14.0017 0x0fec  RpcLocator - ok
10:06:14.0079 0x0fec  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:06:14.0095 0x0fec  RpcSs - ok
10:06:14.0126 0x0fec  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:06:14.0126 0x0fec  rspndr - ok
10:06:14.0189 0x0fec  [ 22D6B47D004A6568C500680BE2972854, 6FDDF4C0CE6211A49D0BE6529253754319D094AF3E306F87C3EE8986FB188671 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
10:06:14.0204 0x0fec  RSUSBSTOR - ok
10:06:14.0235 0x0fec  [ 4FBDA07EF0A3097CE14C5CABF723B278, 6F1E21362F0057E9C6A180D9189AEB51761F4C019A6835E50E4AD19ED1F58FE6 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:06:14.0251 0x0fec  RTL8167 - ok
10:06:14.0313 0x0fec  [ 4EA7E5DF0CB237156176FA0349E6E87F, 542C5291369009FD9B52B5939E3B55E4CC37056E03815986CA1C1EFCFB52F5D6 ] RtVOsdService   C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
10:06:14.0329 0x0fec  RtVOsdService - ok
10:06:14.0360 0x0fec  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
10:06:14.0360 0x0fec  SamSs - ok
10:06:14.0438 0x0fec  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
10:06:14.0438 0x0fec  SASDIFSV - ok
10:06:14.0485 0x0fec  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
10:06:14.0485 0x0fec  SASKUTIL - ok
10:06:14.0516 0x0fec  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:06:14.0532 0x0fec  sbp2port - ok
10:06:14.0563 0x0fec  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:06:14.0579 0x0fec  SCardSvr - ok
10:06:14.0610 0x0fec  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:06:14.0610 0x0fec  scfilter - ok
10:06:14.0688 0x0fec  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:06:14.0735 0x0fec  Schedule - ok
10:06:14.0781 0x0fec  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:06:14.0781 0x0fec  SCPolicySvc - ok
10:06:14.0844 0x0fec  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
10:06:14.0844 0x0fec  sdbus - ok
10:06:14.0875 0x0fec  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:06:14.0875 0x0fec  SDRSVC - ok
10:06:14.0906 0x0fec  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:06:14.0906 0x0fec  secdrv - ok
10:06:14.0937 0x0fec  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:06:14.0937 0x0fec  seclogon - ok
10:06:14.0953 0x0fec  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
10:06:14.0953 0x0fec  SENS - ok
10:06:14.0984 0x0fec  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:06:14.0984 0x0fec  SensrSvc - ok
10:06:15.0000 0x0fec  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:06:15.0000 0x0fec  Serenum - ok
10:06:15.0031 0x0fec  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:06:15.0031 0x0fec  Serial - ok
10:06:15.0062 0x0fec  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
10:06:15.0062 0x0fec  sermouse - ok
10:06:15.0109 0x0fec  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:06:15.0125 0x0fec  SessionEnv - ok
10:06:15.0156 0x0fec  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:06:15.0156 0x0fec  sffdisk - ok
10:06:15.0171 0x0fec  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:06:15.0171 0x0fec  sffp_mmc - ok
10:06:15.0187 0x0fec  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:06:15.0187 0x0fec  sffp_sd - ok
10:06:15.0218 0x0fec  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:06:15.0218 0x0fec  sfloppy - ok
10:06:15.0296 0x0fec  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
10:06:15.0327 0x0fec  Sftfs - ok
10:06:15.0390 0x0fec  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:06:15.0421 0x0fec  sftlist - ok
10:06:15.0452 0x0fec  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:06:15.0468 0x0fec  Sftplay - ok
10:06:15.0499 0x0fec  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:06:15.0499 0x0fec  Sftredir - ok
10:06:15.0515 0x0fec  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
10:06:15.0515 0x0fec  Sftvol - ok
10:06:15.0561 0x0fec  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:06:15.0561 0x0fec  sftvsa - ok
10:06:15.0624 0x0fec  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:06:15.0639 0x0fec  SharedAccess - ok
10:06:15.0686 0x0fec  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:06:15.0686 0x0fec  ShellHWDetection - ok
10:06:15.0717 0x0fec  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:06:15.0717 0x0fec  SiSRaid2 - ok
10:06:15.0733 0x0fec  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
10:06:15.0733 0x0fec  SiSRaid4 - ok
10:06:15.0764 0x0fec  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:06:15.0764 0x0fec  Smb - ok
10:06:15.0795 0x0fec  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:06:15.0811 0x0fec  SNMPTRAP - ok
10:06:15.0811 0x0fec  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:06:15.0811 0x0fec  spldr - ok
10:06:15.0889 0x0fec  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
10:06:15.0920 0x0fec  Spooler - ok
10:06:16.0076 0x0fec  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:06:16.0139 0x0fec  sppsvc - ok
10:06:16.0185 0x0fec  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:06:16.0185 0x0fec  sppuinotify - ok
10:06:16.0310 0x0fec  [ 90EF30C3867BCDE4579C01A6D6E75A7A, 60A02EA23164561E09E783F5AED6016B5E2997667141EB4C7AD0ED64A66C4ADC ] SRTSP           C:\Windows\System32\Drivers\NAVx64\1207010.003\SRTSP64.SYS
10:06:16.0341 0x0fec  SRTSP - ok
10:06:16.0373 0x0fec  [ C513E8A5E7978DA49077F5484344EE1B, EC173DB62B7BADEA5CCB7C13CB46067427A514EA431DFCD124D0833D9E13E094 ] SRTSPX          C:\Windows\system32\drivers\NAVx64\1207010.003\SRTSPX64.SYS
10:06:16.0373 0x0fec  SRTSPX - ok
10:06:16.0435 0x0fec  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:06:16.0466 0x0fec  srv - ok
10:06:16.0497 0x0fec  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:06:16.0529 0x0fec  srv2 - ok
10:06:16.0560 0x0fec  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
10:06:16.0575 0x0fec  SrvHsfHDA - ok
10:06:16.0653 0x0fec  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
10:06:16.0763 0x0fec  SrvHsfV92 - ok
10:06:16.0794 0x0fec  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
10:06:16.0825 0x0fec  SrvHsfWinac - ok
10:06:16.0872 0x0fec  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:06:16.0872 0x0fec  srvnet - ok
10:06:16.0934 0x0fec  [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
10:06:16.0950 0x0fec  ssadbus - ok
10:06:16.0997 0x0fec  [ 58221EFCB74167B73667F0024C661CE0, D9B67A8897B4DC3E4729187F17ABEB4710CF57440D718E17ED828439198D34DB ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
10:06:16.0997 0x0fec  ssadmdfl - ok
10:06:17.0012 0x0fec  [ 4DA7C71BFAC5AD71255B7E4CAB980163, 4CC0F9C8E96ECEF36EEB021E448A9734B63512D030516DC38B1A2EEAA1043AEC ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
10:06:17.0028 0x0fec  ssadmdm - ok
10:06:17.0059 0x0fec  [ D33D1BD3EC0E766211A234F56A12726D, 53EEAA94865554F8422D111D717B548DF553B5B8647D2A45F3718BF4AEEBEC27 ] ssadserd        C:\Windows\system32\DRIVERS\ssadserd.sys
10:06:17.0059 0x0fec  ssadserd - ok
10:06:17.0106 0x0fec  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:06:17.0106 0x0fec  SSDPSRV - ok
10:06:17.0121 0x0fec  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:06:17.0137 0x0fec  SstpSvc - ok
10:06:17.0153 0x0fec  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
10:06:17.0153 0x0fec  stexstor - ok
10:06:17.0215 0x0fec  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:06:17.0277 0x0fec  stisvc - ok
10:06:17.0309 0x0fec  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:06:17.0309 0x0fec  swenum - ok
10:06:17.0355 0x0fec  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:06:17.0402 0x0fec  swprv - ok
10:06:17.0480 0x0fec  [ 6160145C7A87FC7672E8E3B886888176, 16B79AD77C53D5CA3125BE45120BD62097975FEF144DBC681FF3C5D76CF3D7D8 ] SymDS           C:\Windows\system32\drivers\NAVx64\1207010.003\SYMDS64.SYS
10:06:17.0511 0x0fec  SymDS - ok
10:06:17.0605 0x0fec  [ 96AEED40D4D3521568B42027687E69E0, 0BF6E20349EBE7AA9F98D3DEB5C86C77C74CA2FEA5F15FF9A278556C09BFC639 ] SymEFA          C:\Windows\system32\drivers\NAVx64\1207010.003\SYMEFA64.SYS
10:06:17.0683 0x0fec  SymEFA - ok
10:06:17.0730 0x0fec  [ 21A1C2D694C3CF962D31F5E873AB3D6F, 4EB997BFF485A708BAD11C0CC53F750B40F968E69B532B5631840D105EC4344C ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:06:17.0745 0x0fec  SymEvent - ok
10:06:17.0777 0x0fec  [ BD0D711D8CBFCAA19CA123306EAF53A5, 89E76A0BA4C3EF43FE8BF7AD075E4311CF08CEA460B2352C06497BBEC7198849 ] SymIRON         C:\Windows\system32\drivers\NAVx64\1207010.003\Ironx64.SYS
10:06:17.0792 0x0fec  SymIRON - ok
10:06:17.0808 0x0fec  [ A6ADB3D83023F8DAA0F7B6FDA785D83B, 036A355654D2779FF930F863760D9877298D11CFA7DDCFEEFBF44D9466E28598 ] SymNetS         C:\Windows\System32\Drivers\NAVx64\1207010.003\SYMNETS.SYS
10:06:17.0839 0x0fec  SymNetS - ok
10:06:17.0917 0x0fec  [ 961CFAC2A5318E212F459D651F28E0A4, 4FA1C9E3BD527E3B5AE9268955C48FDE8E75F33C333DC0AE768DAFE1F49D0B1B ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
10:06:18.0011 0x0fec  SynTP - ok
10:06:18.0135 0x0fec  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:06:18.0245 0x0fec  SysMain - ok
10:06:18.0276 0x0fec  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:06:18.0276 0x0fec  TabletInputService - ok
10:06:18.0323 0x0fec  [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
10:06:18.0323 0x0fec  tap0901 - ok
10:06:18.0338 0x0fec  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:06:18.0354 0x0fec  TapiSrv - ok
10:06:18.0369 0x0fec  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:06:18.0369 0x0fec  TBS - ok
10:06:18.0494 0x0fec  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:06:18.0572 0x0fec  Tcpip - ok
10:06:18.0650 0x0fec  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:06:18.0681 0x0fec  TCPIP6 - ok
10:06:18.0713 0x0fec  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:06:18.0728 0x0fec  tcpipreg - ok
10:06:18.0744 0x0fec  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:06:18.0759 0x0fec  TDPIPE - ok
10:06:18.0791 0x0fec  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:06:18.0791 0x0fec  TDTCP - ok
10:06:18.0822 0x0fec  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:06:18.0822 0x0fec  tdx - ok
10:06:18.0869 0x0fec  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:06:18.0869 0x0fec  TermDD - ok
10:06:18.0931 0x0fec  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
10:06:18.0947 0x0fec  TermService - ok
10:06:18.0978 0x0fec  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:06:18.0978 0x0fec  Themes - ok
10:06:19.0009 0x0fec  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:06:19.0009 0x0fec  THREADORDER - ok
10:06:19.0040 0x0fec  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:06:19.0040 0x0fec  TrkWks - ok
10:06:19.0118 0x0fec  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:06:19.0118 0x0fec  TrustedInstaller - ok
10:06:19.0149 0x0fec  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:06:19.0165 0x0fec  tssecsrv - ok
10:06:19.0212 0x0fec  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:06:19.0212 0x0fec  TsUsbFlt - ok
10:06:19.0259 0x0fec  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:06:19.0274 0x0fec  tunnel - ok
10:06:19.0305 0x0fec  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
10:06:19.0305 0x0fec  uagp35 - ok
10:06:19.0352 0x0fec  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:06:19.0368 0x0fec  udfs - ok
10:06:19.0399 0x0fec  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:06:19.0415 0x0fec  UI0Detect - ok
10:06:19.0446 0x0fec  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:06:19.0461 0x0fec  uliagpkx - ok
10:06:19.0493 0x0fec  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
10:06:19.0493 0x0fec  umbus - ok
10:06:19.0524 0x0fec  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:06:19.0524 0x0fec  UmPass - ok
10:06:19.0680 0x0fec  [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:06:19.0727 0x0fec  UNS - ok
10:06:19.0758 0x0fec  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:06:19.0773 0x0fec  upnphost - ok
10:06:19.0805 0x0fec  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:06:19.0820 0x0fec  usbccgp - ok
10:06:19.0867 0x0fec  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:06:19.0867 0x0fec  usbcir - ok
10:06:19.0914 0x0fec  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
10:06:19.0914 0x0fec  usbehci - ok
10:06:19.0961 0x0fec  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:06:19.0976 0x0fec  usbhub - ok
10:06:20.0007 0x0fec  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:06:20.0007 0x0fec  usbohci - ok
10:06:20.0054 0x0fec  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:06:20.0054 0x0fec  usbprint - ok
10:06:20.0085 0x0fec  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
10:06:20.0085 0x0fec  usbscan - ok
10:06:20.0117 0x0fec  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:06:20.0132 0x0fec  USBSTOR - ok
10:06:20.0179 0x0fec  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:06:20.0179 0x0fec  usbuhci - ok
10:06:20.0210 0x0fec  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
10:06:20.0226 0x0fec  usbvideo - ok
10:06:20.0241 0x0fec  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:06:20.0257 0x0fec  UxSms - ok
10:06:20.0273 0x0fec  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
10:06:20.0273 0x0fec  VaultSvc - ok
10:06:20.0304 0x0fec  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:06:20.0319 0x0fec  vdrvroot - ok
10:06:20.0382 0x0fec  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:06:20.0413 0x0fec  vds - ok
10:06:20.0444 0x0fec  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:06:20.0460 0x0fec  vga - ok
10:06:20.0475 0x0fec  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:06:20.0475 0x0fec  VgaSave - ok
10:06:20.0507 0x0fec  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:06:20.0522 0x0fec  vhdmp - ok
10:06:20.0538 0x0fec  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:06:20.0538 0x0fec  viaide - ok
10:06:20.0553 0x0fec  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:06:20.0553 0x0fec  volmgr - ok
10:06:20.0600 0x0fec  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:06:20.0616 0x0fec  volmgrx - ok
10:06:20.0647 0x0fec  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:06:20.0663 0x0fec  volsnap - ok
10:06:20.0694 0x0fec  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
10:06:20.0709 0x0fec  vsmraid - ok
10:06:20.0803 0x0fec  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:06:20.0912 0x0fec  VSS - ok
10:06:20.0975 0x0fec  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:06:20.0975 0x0fec  vwifibus - ok
10:06:21.0006 0x0fec  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:06:21.0006 0x0fec  vwififlt - ok
10:06:21.0037 0x0fec  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
10:06:21.0037 0x0fec  vwifimp - ok
10:06:21.0084 0x0fec  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:06:21.0099 0x0fec  W32Time - ok
10:06:21.0115 0x0fec  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
10:06:21.0115 0x0fec  WacomPen - ok
10:06:21.0162 0x0fec  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:06:21.0162 0x0fec  WANARP - ok
10:06:21.0177 0x0fec  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:06:21.0177 0x0fec  Wanarpv6 - ok
10:06:21.0271 0x0fec  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
10:06:21.0333 0x0fec  WatAdminSvc - ok
10:06:21.0427 0x0fec  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:06:21.0489 0x0fec  wbengine - ok
10:06:21.0536 0x0fec  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:06:21.0536 0x0fec  WbioSrvc - ok
10:06:21.0583 0x0fec  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:06:21.0614 0x0fec  wcncsvc - ok
10:06:21.0630 0x0fec  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:06:21.0630 0x0fec  WcsPlugInService - ok
10:06:21.0645 0x0fec  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
10:06:21.0645 0x0fec  Wd - ok
10:06:21.0723 0x0fec  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:06:21.0770 0x0fec  Wdf01000 - ok
10:06:21.0801 0x0fec  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:06:21.0801 0x0fec  WdiServiceHost - ok
10:06:21.0817 0x0fec  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:06:21.0817 0x0fec  WdiSystemHost - ok
10:06:21.0848 0x0fec  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
10:06:21.0864 0x0fec  WebClient - ok
10:06:21.0879 0x0fec  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:06:21.0895 0x0fec  Wecsvc - ok
10:06:21.0911 0x0fec  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:06:21.0911 0x0fec  wercplsupport - ok
10:06:21.0942 0x0fec  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:06:21.0942 0x0fec  WerSvc - ok
10:06:21.0957 0x0fec  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:06:21.0973 0x0fec  WfpLwf - ok
10:06:21.0989 0x0fec  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:06:21.0989 0x0fec  WIMMount - ok
10:06:22.0035 0x0fec  WinDefend - ok
10:06:22.0051 0x0fec  WinHttpAutoProxySvc - ok
10:06:22.0098 0x0fec  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:06:22.0129 0x0fec  Winmgmt - ok
10:06:22.0254 0x0fec  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:06:22.0347 0x0fec  WinRM - ok
10:06:22.0394 0x0fec  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:06:22.0410 0x0fec  WinUsb - ok
10:06:22.0457 0x0fec  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:06:22.0503 0x0fec  Wlansvc - ok
10:06:22.0644 0x0fec  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:06:22.0769 0x0fec  wlidsvc - ok
10:06:22.0800 0x0fec  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:06:22.0800 0x0fec  WmiAcpi - ok
10:06:22.0831 0x0fec  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:06:22.0831 0x0fec  wmiApSrv - ok
10:06:22.0847 0x0fec  WMPNetworkSvc - ok
10:06:22.0878 0x0fec  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:06:22.0878 0x0fec  WPCSvc - ok
10:06:22.0925 0x0fec  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:06:22.0940 0x0fec  WPDBusEnum - ok
10:06:22.0956 0x0fec  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:06:22.0956 0x0fec  ws2ifsl - ok
10:06:23.0034 0x0fec  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
10:06:23.0034 0x0fec  wscsvc - ok
10:06:23.0049 0x0fec  WSearch - ok
10:06:23.0205 0x0fec  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:06:23.0252 0x0fec  wuauserv - ok
10:06:23.0283 0x0fec  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:06:23.0299 0x0fec  WudfPf - ok
10:06:23.0315 0x0fec  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:06:23.0330 0x0fec  WUDFRd - ok
10:06:23.0346 0x0fec  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:06:23.0346 0x0fec  wudfsvc - ok
10:06:23.0393 0x0fec  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:06:23.0393 0x0fec  WwanSvc - ok
10:06:23.0439 0x0fec  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
10:06:23.0455 0x0fec  yukonw7 - ok
10:06:23.0486 0x0fec  ================ Scan global ===============================
10:06:23.0502 0x0fec  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:06:23.0533 0x0fec  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:06:23.0549 0x0fec  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:06:23.0580 0x0fec  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:06:23.0642 0x0fec  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:06:23.0658 0x0fec  [ Global ] - ok
10:06:23.0658 0x0fec  ================ Scan MBR ==================================
10:06:23.0673 0x0fec  [ 11F1D966A89457DB14CCEEE338B7B92B ] \Device\Harddisk0\DR0
10:06:24.0032 0x0fec  \Device\Harddisk0\DR0 - ok
10:06:24.0032 0x0fec  ================ Scan VBR ==================================
10:06:24.0048 0x0fec  [ 47E942E9F524468B68CA6E36D5224814 ] \Device\Harddisk0\DR0\Partition1
10:06:24.0048 0x0fec  \Device\Harddisk0\DR0\Partition1 - ok
10:06:24.0048 0x0fec  [ EB700DFC7BFACE117DD991097CD21635 ] \Device\Harddisk0\DR0\Partition2
10:06:24.0063 0x0fec  \Device\Harddisk0\DR0\Partition2 - ok
10:06:24.0063 0x0fec  [ 5CEF4E213A0344372C3C83BF5E37BD67 ] \Device\Harddisk0\DR0\Partition3
10:06:24.0063 0x0fec  \Device\Harddisk0\DR0\Partition3 - ok
10:06:24.0063 0x0fec  [ 7D1F437D2123E0AA7C3F027A78F3B1BA ] \Device\Harddisk0\DR0\Partition4
10:06:24.0063 0x0fec  \Device\Harddisk0\DR0\Partition4 - ok
10:06:24.0063 0x0fec  ================ Scan generic autorun ======================
10:06:24.0063 0x0fec  SynTPEnh - ok
10:06:24.0110 0x0fec  [ A0ABBAD8CE99CBF8467D697073B38E87, C71F58580D93F0B78BDA735DA6201A6F1BDA36CC9F72D15B4E6DD62D6C3A43D0 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
10:06:24.0126 0x0fec  HPWirelessAssistant - ok
10:06:24.0126 0x0fec  IgfxTray - ok
10:06:24.0157 0x0fec  [ A9E978F3CFD796B7A7EB989CE4728371, 9F150A9689B36354BD27F516EF2F6B29C4A473296F9A8035901F37A6EF008FA0 ] C:\Windows\system32\hkcmd.exe
10:06:24.0173 0x0fec  HotKeysCmds - ok
10:06:24.0188 0x0fec  [ AEF4B45370DBCF56C29A92F612DDB2E7, DFDEB8FC5136A97DB1A0E459B096D0C554812786FAB40DB9E2E59E5CCFEE3E7C ] C:\Windows\system32\igfxpers.exe
10:06:24.0188 0x0fec  Persistence - ok
10:06:24.0313 0x0fec  [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
10:06:24.0313 0x0fec  NCPluginUpdater - ok
10:06:24.0313 0x0fec  Waiting for KSN requests completion. In queue: 92
10:06:25.0327 0x0fec  Waiting for KSN requests completion. In queue: 92
10:06:26.0341 0x0fec  Waiting for KSN requests completion. In queue: 92
10:06:27.0589 0x0fec  AV detected via SS2: Norton AntiVirus, C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\WSCStub.exe ( 18.7.0.0 ), 0x50010 ( disabled : outofdate )
10:06:27.0667 0x0fec  Win FW state via NFP2: enabled
10:06:30.0319 0x0fec  ============================================================
10:06:30.0319 0x0fec  Scan finished
10:06:30.0319 0x0fec  ============================================================
10:06:30.0350 0x1418  Detected object count: 0
10:06:30.0350 0x1418  Actual detected object count: 0
10:10:22.0393 0x178c  Deinitialize success
 

aswMBR

 

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-10-10 10:16:51
-----------------------------
10:16:51.324    OS Version: Windows x64 6.1.7601 Service Pack 1
10:16:51.324    Number of processors: 4 586 0x2505
10:16:51.340    ComputerName: LILY  UserName:
10:16:52.728    Initialize success
10:16:52.728    VM: initialized successfully
10:16:52.728    VM: Intel CPU BiosDisabled
10:16:58.998    VM: not used
10:22:54.571    AVAST engine defs: 14101000
10:24:11.203    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:24:11.203    Disk 0 Vendor: ST950032 0005 Size: 476940MB BusType: 3
10:24:11.328    Disk 0 MBR read successfully
10:24:11.328    Disk 0 MBR scan
10:24:11.359    Disk 0 unknown MBR code
10:24:11.390    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          199 MB offset 2048
10:24:11.406    Disk 0 default boot code
10:24:11.406    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       457126 MB offset 409600
10:24:11.452    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        19510 MB offset 936603648
10:24:11.484    Disk 0 Partition 4 00     0C    FAT32 LBA MSDOS5.0      103 MB offset 976560128
10:24:11.640    Disk 0 scanning C:\Windows\system32\drivers
10:24:26.007    Service scanning
10:24:55.569    Modules scanning
10:24:55.569    Disk 0 trace - called modules:
10:24:55.647    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:24:55.663    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bd6790]
10:24:55.663    3 CLASSPNP.SYS[fffff88001d2643f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004960050]
10:24:57.285    AVAST engine scan C:\Windows
10:25:00.156    AVAST engine scan C:\Windows\system32
10:28:55.435    AVAST engine scan C:\Windows\system32\drivers
10:29:18.539    AVAST engine scan C:\Users\Peggy
10:31:35.367    File: C:\Users\Peggy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FD8M9UV0\flv_installer (1).exe  **INFECTED** Win32:Adware-gen [Adw]
10:31:35.523    File: C:\Users\Peggy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FD8M9UV0\flv_installer.exe  **INFECTED** Win32:Adware-gen [Adw]
10:35:08.448    Disk 0 MBR has been saved successfully to "C:\Users\Peggy\Desktop\MBR.dat"
10:35:08.463    The log file has been saved successfully to "C:\Users\Peggy\Desktop\aswMBR.txt"

 



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:29 AM

Posted 10 October 2014 - 02:30 PM

Good Peggy, almost done

Re-Run aswMBR
  • Click Scan
  • On completion of the scan, click the FIXMBR or FIX button if available
  • There is a slight pause after clicking the 'FIXMBR' button.
  • Wait for the tool to report 'Infection fixed successfully', now reboot the machine.
  • Rebooting the machine prematurely, before seeing this line will result in an incomplete fix.

Note:After the 'Infection fixed successfully' message appears, the machine may became unresponsive. You may have to do a hard boot of your machine. That may be a side effect from the fix. All will be well after the reboot.

  • Save the log as before and post in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 psiegel

psiegel
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:29 AM

Posted 11 October 2014 - 04:46 AM

Hi,

I ran aswMBR three times and after reaching a certain point I receive this message:

 

avast! Antirootkit has stopped working

A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is available.



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:29 AM

Posted 11 October 2014 - 08:10 PM

Ok,,, There is an infection in there and we need a deeper look to get it out. Make a new topic "stubborn Infection."

Include the ASW log above and the DDS log from here.

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 psiegel

psiegel
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:29 AM

Posted 11 October 2014 - 11:03 PM

Hello,

I did not have any problems running the requested tools and created the new topic in  Virus, Trojan, Spyware, and Malware Removal Logs forum.



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:29 AM

Posted 12 October 2014 - 11:39 AM

Thank you

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 5 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users