Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet Explorer keeps on showing up on Task Manager


  • Please log in to reply
25 replies to this topic

#1 Michirin

Michirin

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Philippines
  • Local time:09:27 AM

Posted 29 December 2014 - 01:58 AM

I'm trying to remove it by ending its process but then iexplorer.exe just keeps on showing up from time to time. Moreover, it uses up a lot of memory and then eventually slows my computer down. I have to end its process so that the computer can function faster. I scanned the computer using Bitdefender Total Security 2015, but it found nothing. The log will be posted below. Help needed. D: Thanks so much!

Attached Files


Edited by hamluis, 29 December 2014 - 01:20 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:27 PM

Posted 29 December 2014 - 06:31 PM

Welcome aboard p22002758.gif

 

Download TDSSKiller and save it to your desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Michirin

Michirin
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Philippines
  • Local time:09:27 AM

Posted 29 December 2014 - 09:54 PM

Thank you :D

It says "No threats found". Here's the report:

 

10:47:02.0548 0x09dc  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
10:47:13.0627 0x09dc  ============================================================
10:47:13.0627 0x09dc  Current date / time: 2014/12/30 10:47:13.0627
10:47:13.0627 0x09dc  SystemInfo:
10:47:13.0627 0x09dc  
10:47:13.0627 0x09dc  OS Version: 6.1.7601 ServicePack: 1.0
10:47:13.0627 0x09dc  Product type: Workstation
10:47:13.0627 0x09dc  ComputerName: MEYNARD-PC
10:47:13.0627 0x09dc  UserName: Meynard
10:47:13.0627 0x09dc  Windows directory: C:\Windows
10:47:13.0627 0x09dc  System windows directory: C:\Windows
10:47:13.0627 0x09dc  Running under WOW64
10:47:13.0627 0x09dc  Processor architecture: Intel x64
10:47:13.0627 0x09dc  Number of processors: 2
10:47:13.0627 0x09dc  Page size: 0x1000
10:47:13.0627 0x09dc  Boot type: Normal boot
10:47:13.0627 0x09dc  ============================================================
10:47:16.0066 0x09dc  KLMD registered as C:\Windows\system32\drivers\03547479.sys
10:47:16.0567 0x09dc  System UUID: {1EC14B52-377E-87E7-2BEB-A3C1F0750377}
10:47:17.0887 0x09dc  Drive \Device\Harddisk0\DR0 - Size: 0x12A1E0DE00 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:47:17.0942 0x09dc  ============================================================
10:47:17.0942 0x09dc  \Device\Harddisk0\DR0:
10:47:17.0981 0x09dc  MBR partitions:
10:47:17.0981 0x09dc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
10:47:17.0981 0x09dc  ============================================================
10:47:17.0997 0x09dc  C: <-> \Device\Harddisk0\DR0\Partition1
10:47:17.0997 0x09dc  ============================================================
10:47:17.0997 0x09dc  Initialize success
10:47:17.0997 0x09dc  ============================================================
10:47:25.0262 0x0f80  ============================================================
10:47:25.0262 0x0f80  Scan started
10:47:25.0262 0x0f80  Mode: Manual;
10:47:25.0262 0x0f80  ============================================================
10:47:25.0262 0x0f80  KSN ping started
10:47:28.0614 0x0f80  KSN ping finished: true
10:47:31.0231 0x0f80  ================ Scan system memory ========================
10:47:31.0231 0x0f80  System memory - ok
10:47:31.0231 0x0f80  ================ Scan services =============================
10:47:31.0434 0x0f80  1394hub - ok
10:47:31.0551 0x0f80  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:47:31.0567 0x0f80  1394ohci - ok
10:47:31.0700 0x0f80  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:47:31.0723 0x0f80  ACPI - ok
10:47:31.0809 0x0f80  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:47:31.0848 0x0f80  AcpiPmi - ok
10:47:32.0043 0x0f80  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:47:32.0051 0x0f80  AdobeARMservice - ok
10:47:32.0551 0x0f80  [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:47:32.0661 0x0f80  AdobeFlashPlayerUpdateSvc - ok
10:47:32.0739 0x0f80  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:47:32.0778 0x0f80  adp94xx - ok
10:47:32.0848 0x0f80  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:47:32.0981 0x0f80  adpahci - ok
10:47:33.0028 0x0f80  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:47:33.0043 0x0f80  adpu320 - ok
10:47:33.0083 0x0f80  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:47:33.0090 0x0f80  AeLookupSvc - ok
10:47:33.0168 0x0f80  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
10:47:33.0247 0x0f80  AFD - ok
10:47:33.0348 0x0f80  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
10:47:33.0450 0x0f80  AgereSoftModem - ok
10:47:33.0512 0x0f80  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:47:33.0520 0x0f80  agp440 - ok
10:47:33.0583 0x0f80  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:47:33.0590 0x0f80  ALG - ok
10:47:33.0645 0x0f80  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:47:33.0653 0x0f80  aliide - ok
10:47:33.0668 0x0f80  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:47:33.0676 0x0f80  amdide - ok
10:47:33.0731 0x0f80  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:47:33.0739 0x0f80  AmdK8 - ok
10:47:33.0747 0x0f80  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:47:33.0754 0x0f80  AmdPPM - ok
10:47:33.0825 0x0f80  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:47:33.0833 0x0f80  amdsata - ok
10:47:33.0887 0x0f80  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:47:33.0918 0x0f80  amdsbs - ok
10:47:33.0973 0x0f80  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:47:33.0981 0x0f80  amdxata - ok
10:47:34.0043 0x0f80  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
10:47:34.0051 0x0f80  AppID - ok
10:47:34.0075 0x0f80  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:47:34.0083 0x0f80  AppIDSvc - ok
10:47:34.0154 0x0f80  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
10:47:34.0154 0x0f80  Appinfo - ok
10:47:34.0349 0x0f80  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:47:34.0396 0x0f80  Apple Mobile Device - ok
10:47:34.0458 0x0f80  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:47:34.0474 0x0f80  arc - ok
10:47:34.0537 0x0f80  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:47:34.0576 0x0f80  arcsas - ok
10:47:34.0740 0x0f80  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:47:34.0896 0x0f80  aspnet_state - ok
10:47:34.0935 0x0f80  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:47:34.0943 0x0f80  AsyncMac - ok
10:47:34.0998 0x0f80  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:47:35.0005 0x0f80  atapi - ok
10:47:35.0091 0x0f80  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:47:35.0123 0x0f80  AudioEndpointBuilder - ok
10:47:35.0154 0x0f80  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:47:35.0169 0x0f80  AudioSrv - ok
10:47:35.0294 0x0f80  [ 70CCDD9BCBAA5A918A7D135E28A824E2, D98A6D7885A7E44AD32F25BECE65151773E50D3B155020A03A5801DE5A090EA3 ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
10:47:35.0373 0x0f80  avc3 - ok
10:47:35.0435 0x0f80  [ D0B093DDF5FD05E4D0109159E9153A52, 2F8430F4B7EECB3C9712E443460F1F9B4FA52EB123FE3B0ED63AAD88616C13A4 ] avchv           C:\Windows\system32\DRIVERS\avchv.sys
10:47:35.0498 0x0f80  avchv - ok
10:47:35.0552 0x0f80  [ 0956716D5565680DC83992C11BBDB2C2, 7349F32F3E8596E680EE26BB1CA97AFADB42ED1B4652859CE5E221F67371B412 ] avckf           C:\Windows\system32\DRIVERS\avckf.sys
10:47:35.0576 0x0f80  avckf - ok
10:47:35.0638 0x0f80  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:47:35.0646 0x0f80  AxInstSV - ok
10:47:35.0716 0x0f80  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:47:35.0771 0x0f80  b06bdrv - ok
10:47:35.0841 0x0f80  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:47:35.0873 0x0f80  b57nd60a - ok
10:47:36.0099 0x0f80  [ 1E20AEB58EB2D2DF3D43E255771079D7, EE2EA1B03550ADFCE940FA1BBD818A3BFA8DCB00CDA1D654E10F701A0C10E23C ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe
10:47:36.0107 0x0f80  BdDesktopParental - ok
10:47:36.0154 0x0f80  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:47:36.0162 0x0f80  BDESVC - ok
10:47:36.0310 0x0f80  [ 3533B749563E89EFAC7290A2BA3B4097, 1A1AB9D02EF729A622B2C2ECF788FD5DEC11A078C71CD31581D9F610D0050591 ] BdfNdisf        c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
10:47:36.0373 0x0f80  BdfNdisf - ok
10:47:36.0466 0x0f80  [ EC80614A72BC7039D2B22E3DD6C15895, 932260AB126523428B884034162E3619E1B7FA13720F830783B592AAE825AC86 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
10:47:36.0474 0x0f80  bdfwfpf - ok
10:47:36.0591 0x0f80  [ C0247341C1BCD7FF2742821D0AD7AFBC, EC2B246F3233302DB540394AC0F11F294CA16FB9E44110126CC9807BAC20EA35 ] bdfwfpf_pc      C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys
10:47:36.0607 0x0f80  bdfwfpf_pc - ok
10:47:36.0630 0x0f80  [ 9FDA6E9379C3434625B06B192E37C1B6, 16CD466FB3A676E271D8498E4704BA4A2F6C162723D8D264FC7717CCFED3AEA6 ] BDSandBox       C:\Windows\system32\drivers\bdsandbox.sys
10:47:36.0646 0x0f80  BDSandBox - ok
10:47:36.0693 0x0f80  [ 50F796CB1E8C80F3D19435CB50C3DAB5, 20CE5C1242F8D0DFEE13C8D07EF1A67F670A078BA44E810A3A042C6A060FACC9 ] BDVEDISK        C:\Windows\system32\DRIVERS\bdvedisk.sys
10:47:36.0701 0x0f80  BDVEDISK - ok
10:47:36.0740 0x0f80  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:47:36.0748 0x0f80  Beep - ok
10:47:36.0841 0x0f80  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:47:36.0880 0x0f80  BFE - ok
10:47:36.0966 0x0f80  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:47:37.0068 0x0f80  BITS - ok
10:47:37.0123 0x0f80  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:47:37.0130 0x0f80  blbdrive - ok
10:47:37.0208 0x0f80  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:47:37.0240 0x0f80  Bonjour Service - ok
10:47:37.0294 0x0f80  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:47:37.0302 0x0f80  bowser - ok
10:47:37.0333 0x0f80  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:47:37.0341 0x0f80  BrFiltLo - ok
10:47:37.0349 0x0f80  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:47:37.0349 0x0f80  BrFiltUp - ok
10:47:37.0419 0x0f80  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:47:37.0427 0x0f80  Browser - ok
10:47:37.0466 0x0f80  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:47:37.0521 0x0f80  Brserid - ok
10:47:37.0552 0x0f80  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:47:37.0576 0x0f80  BrSerWdm - ok
10:47:37.0583 0x0f80  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:47:37.0591 0x0f80  BrUsbMdm - ok
10:47:37.0615 0x0f80  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:47:37.0623 0x0f80  BrUsbSer - ok
10:47:37.0630 0x0f80  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:47:37.0654 0x0f80  BTHMODEM - ok
10:47:37.0693 0x0f80  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:47:37.0701 0x0f80  bthserv - ok
10:47:37.0748 0x0f80  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:47:37.0763 0x0f80  cdfs - ok
10:47:37.0833 0x0f80  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:47:37.0888 0x0f80  cdrom - ok
10:47:37.0958 0x0f80  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:47:37.0966 0x0f80  CertPropSvc - ok
10:47:38.0029 0x0f80  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:47:38.0037 0x0f80  circlass - ok
10:47:38.0076 0x0f80  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:47:38.0107 0x0f80  CLFS - ok
10:47:38.0169 0x0f80  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:47:38.0248 0x0f80  clr_optimization_v2.0.50727_32 - ok
10:47:38.0302 0x0f80  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:47:38.0349 0x0f80  clr_optimization_v2.0.50727_64 - ok
10:47:38.0521 0x0f80  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:47:38.0943 0x0f80  clr_optimization_v4.0.30319_32 - ok
10:47:39.0013 0x0f80  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:47:39.0208 0x0f80  clr_optimization_v4.0.30319_64 - ok
10:47:39.0263 0x0f80  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:47:39.0271 0x0f80  CmBatt - ok
10:47:39.0333 0x0f80  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:47:39.0341 0x0f80  cmdide - ok
10:47:39.0404 0x0f80  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
10:47:39.0427 0x0f80  CNG - ok
10:47:39.0458 0x0f80  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:47:39.0466 0x0f80  Compbatt - ok
10:47:39.0521 0x0f80  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:47:39.0529 0x0f80  CompositeBus - ok
10:47:39.0568 0x0f80  COMSysApp - ok
10:47:39.0623 0x0f80  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:47:39.0630 0x0f80  crcdisk - ok
10:47:39.0724 0x0f80  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:47:39.0732 0x0f80  CryptSvc - ok
10:47:39.0826 0x0f80  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:47:39.0857 0x0f80  DcomLaunch - ok
10:47:39.0927 0x0f80  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:47:39.0990 0x0f80  defragsvc - ok
10:47:40.0060 0x0f80  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:47:40.0123 0x0f80  DfsC - ok
10:47:40.0193 0x0f80  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:47:40.0208 0x0f80  Dhcp - ok
10:47:40.0240 0x0f80  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:47:40.0248 0x0f80  discache - ok
10:47:40.0302 0x0f80  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:47:40.0310 0x0f80  Disk - ok
10:47:40.0380 0x0f80  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:47:40.0388 0x0f80  Dnscache - ok
10:47:40.0466 0x0f80  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:47:40.0482 0x0f80  dot3svc - ok
10:47:40.0560 0x0f80  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
10:47:40.0576 0x0f80  Dot4 - ok
10:47:40.0646 0x0f80  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
10:47:40.0646 0x0f80  Dot4Print - ok
10:47:40.0669 0x0f80  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
10:47:40.0677 0x0f80  dot4usb - ok
10:47:40.0740 0x0f80  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:47:40.0755 0x0f80  DPS - ok
10:47:40.0818 0x0f80  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:47:40.0826 0x0f80  drmkaud - ok
10:47:40.0919 0x0f80  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:47:41.0037 0x0f80  DXGKrnl - ok
10:47:41.0099 0x0f80  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:47:41.0130 0x0f80  EapHost - ok
10:47:41.0294 0x0f80  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:47:41.0466 0x0f80  ebdrv - ok
10:47:41.0529 0x0f80  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
10:47:41.0537 0x0f80  EFS - ok
10:47:41.0623 0x0f80  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:47:41.0677 0x0f80  elxstor - ok
10:47:41.0732 0x0f80  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:47:41.0732 0x0f80  ErrDev - ok
10:47:41.0826 0x0f80  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:47:41.0841 0x0f80  EventSystem - ok
10:47:41.0873 0x0f80  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:47:41.0880 0x0f80  exfat - ok
10:47:41.0919 0x0f80  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:47:41.0951 0x0f80  fastfat - ok
10:47:42.0044 0x0f80  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:47:42.0076 0x0f80  Fax - ok
10:47:42.0099 0x0f80  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:47:42.0099 0x0f80  fdc - ok
10:47:42.0130 0x0f80  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:47:42.0130 0x0f80  fdPHost - ok
10:47:42.0155 0x0f80  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:47:42.0155 0x0f80  FDResPub - ok
10:47:42.0217 0x0f80  [ ECCE54654A19F6CC5E526696680C1827, 1EEF3FD046D0D7E4756563919D2BFEFB79E1B738F7BD08E5FFFD413524CEA586 ] FETNDIS         C:\Windows\system32\DRIVERS\fet6x64.sys
10:47:42.0217 0x0f80  FETNDIS - ok
10:47:42.0249 0x0f80  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:47:42.0256 0x0f80  FileInfo - ok
10:47:42.0272 0x0f80  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:47:42.0280 0x0f80  Filetrace - ok
10:47:42.0303 0x0f80  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:47:42.0311 0x0f80  flpydisk - ok
10:47:42.0381 0x0f80  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:47:42.0397 0x0f80  FltMgr - ok
10:47:42.0506 0x0f80  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
10:47:42.0569 0x0f80  FontCache - ok
10:47:42.0647 0x0f80  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:47:42.0655 0x0f80  FontCache3.0.0.0 - ok
10:47:42.0686 0x0f80  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:47:42.0694 0x0f80  FsDepends - ok
10:47:42.0749 0x0f80  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:47:42.0756 0x0f80  Fs_Rec - ok
10:47:42.0827 0x0f80  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:47:42.0889 0x0f80  fvevol - ok
10:47:42.0936 0x0f80  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:47:42.0944 0x0f80  gagp30kx - ok
10:47:42.0999 0x0f80  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:47:43.0006 0x0f80  GEARAspiWDM - ok
10:47:43.0100 0x0f80  [ A1F556318931B9EA276F4E2DA2C1791C, 1E5564A9B213689C56BFBBEC1A7BBFAD78DF1FB55422171C0680935338C5DE57 ] ggflt           C:\Windows\system32\DRIVERS\ggflt.sys
10:47:43.0108 0x0f80  ggflt - ok
10:47:43.0178 0x0f80  [ 7F56A3E09A6AD40B07E4EFAD34A40A18, E0EC4293035162E9EFA89A45FFF26B5BC829F7BB7F4D2D5A2CAA5E88AC6DC0C9 ] ggsomc          C:\Windows\system32\DRIVERS\ggsomc.sys
10:47:43.0186 0x0f80  ggsomc - ok
10:47:43.0272 0x0f80  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:47:43.0319 0x0f80  gpsvc - ok
10:47:43.0397 0x0f80  [ C8B54E81501386A91B0E0BD596965C9B, DC2580D45BA96C81C0BC005781BBB5E70652A1CAA637FE1B779AB538B040BB97 ] gzflt           C:\Windows\system32\DRIVERS\gzflt.sys
10:47:43.0413 0x0f80  gzflt - ok
10:47:43.0444 0x0f80  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:47:43.0452 0x0f80  hcw85cir - ok
10:47:43.0530 0x0f80  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:47:43.0553 0x0f80  HdAudAddService - ok
10:47:43.0631 0x0f80  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:47:43.0639 0x0f80  HDAudBus - ok
10:47:43.0686 0x0f80  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:47:43.0694 0x0f80  HidBatt - ok
10:47:43.0725 0x0f80  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:47:43.0733 0x0f80  HidBth - ok
10:47:43.0772 0x0f80  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:47:43.0780 0x0f80  HidIr - ok
10:47:43.0834 0x0f80  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:47:43.0842 0x0f80  hidserv - ok
10:47:43.0905 0x0f80  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:47:43.0905 0x0f80  HidUsb - ok
10:47:43.0975 0x0f80  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:47:43.0983 0x0f80  hkmsvc - ok
10:47:44.0061 0x0f80  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:47:44.0084 0x0f80  HomeGroupListener - ok
10:47:44.0147 0x0f80  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:47:44.0164 0x0f80  HomeGroupProvider - ok
10:47:44.0234 0x0f80  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:47:44.0250 0x0f80  HpSAMD - ok
10:47:44.0335 0x0f80  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:47:44.0375 0x0f80  HTTP - ok
10:47:44.0429 0x0f80  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:47:44.0437 0x0f80  hwpolicy - ok
10:47:44.0476 0x0f80  hxsyol - ok
10:47:44.0546 0x0f80  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:47:44.0562 0x0f80  i8042prt - ok
10:47:44.0625 0x0f80  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:47:44.0664 0x0f80  iaStorV - ok
10:47:44.0773 0x0f80  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:47:44.0890 0x0f80  idsvc - ok
10:47:44.0937 0x0f80  IEEtwCollectorService - ok
10:47:45.0093 0x0f80  IePluginServices - ok
10:47:45.0148 0x0f80  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:47:45.0148 0x0f80  iirsp - ok
10:47:45.0242 0x0f80  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:47:45.0289 0x0f80  IKEEXT - ok
10:47:45.0320 0x0f80  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:47:45.0328 0x0f80  intelide - ok
10:47:45.0375 0x0f80  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:47:45.0382 0x0f80  intelppm - ok
10:47:45.0414 0x0f80  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:47:45.0429 0x0f80  IPBusEnum - ok
10:47:45.0484 0x0f80  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:47:45.0500 0x0f80  IpFilterDriver - ok
10:47:45.0585 0x0f80  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:47:45.0601 0x0f80  iphlpsvc - ok
10:47:45.0664 0x0f80  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:47:45.0671 0x0f80  IPMIDRV - ok
10:47:45.0710 0x0f80  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:47:45.0750 0x0f80  IPNAT - ok
10:47:45.0859 0x0f80  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:47:45.0898 0x0f80  iPod Service - ok
10:47:45.0953 0x0f80  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:47:45.0960 0x0f80  IRENUM - ok
10:47:46.0007 0x0f80  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:47:46.0007 0x0f80  isapnp - ok
10:47:46.0078 0x0f80  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:47:46.0109 0x0f80  iScsiPrt - ok
10:47:46.0156 0x0f80  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:47:46.0171 0x0f80  kbdclass - ok
10:47:46.0226 0x0f80  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:47:46.0234 0x0f80  kbdhid - ok
10:47:46.0250 0x0f80  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
10:47:46.0250 0x0f80  KeyIso - ok
10:47:46.0304 0x0f80  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:47:46.0312 0x0f80  KSecDD - ok
10:47:46.0335 0x0f80  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:47:46.0335 0x0f80  KSecPkg - ok
10:47:46.0398 0x0f80  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:47:46.0406 0x0f80  ksthunk - ok
10:47:46.0445 0x0f80  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:47:46.0468 0x0f80  KtmRm - ok
10:47:46.0546 0x0f80  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:47:46.0562 0x0f80  LanmanServer - ok
10:47:46.0625 0x0f80  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:47:46.0632 0x0f80  LanmanWorkstation - ok
10:47:46.0703 0x0f80  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:47:46.0710 0x0f80  lltdio - ok
10:47:46.0750 0x0f80  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:47:46.0781 0x0f80  lltdsvc - ok
10:47:46.0796 0x0f80  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:47:46.0804 0x0f80  lmhosts - ok
10:47:46.0867 0x0f80  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:47:46.0875 0x0f80  LSI_FC - ok
10:47:46.0937 0x0f80  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:47:46.0953 0x0f80  LSI_SAS - ok
10:47:47.0007 0x0f80  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:47:47.0015 0x0f80  LSI_SAS2 - ok
10:47:47.0070 0x0f80  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:47:47.0078 0x0f80  LSI_SCSI - ok
10:47:47.0117 0x0f80  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:47:47.0125 0x0f80  luafv - ok
10:47:47.0148 0x0f80  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:47:47.0148 0x0f80  megasas - ok
10:47:47.0171 0x0f80  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:47:47.0187 0x0f80  MegaSR - ok
10:47:47.0265 0x0f80  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:47:47.0289 0x0f80  Microsoft Office Groove Audit Service - ok
10:47:47.0343 0x0f80  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:47:47.0351 0x0f80  MMCSS - ok
10:47:47.0382 0x0f80  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:47:47.0382 0x0f80  Modem - ok
10:47:47.0429 0x0f80  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:47:47.0437 0x0f80  monitor - ok
10:47:47.0484 0x0f80  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
10:47:47.0492 0x0f80  mouclass - ok
10:47:47.0562 0x0f80  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:47:47.0562 0x0f80  mouhid - ok
10:47:47.0625 0x0f80  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:47:47.0632 0x0f80  mountmgr - ok
10:47:47.0726 0x0f80  [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:47:47.0820 0x0f80  MozillaMaintenance - ok
10:47:47.0835 0x0f80  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:47:47.0867 0x0f80  mpio - ok
10:47:47.0927 0x0f80  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:47:47.0951 0x0f80  mpsdrv - ok
10:47:48.0029 0x0f80  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:47:48.0076 0x0f80  MpsSvc - ok
10:47:48.0130 0x0f80  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:47:48.0138 0x0f80  MRxDAV - ok
10:47:48.0194 0x0f80  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:47:48.0202 0x0f80  mrxsmb - ok
10:47:48.0272 0x0f80  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:47:48.0288 0x0f80  mrxsmb10 - ok
10:47:48.0350 0x0f80  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:47:48.0358 0x0f80  mrxsmb20 - ok
10:47:48.0413 0x0f80  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:47:48.0467 0x0f80  msahci - ok
10:47:48.0514 0x0f80  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:47:48.0530 0x0f80  msdsm - ok
10:47:48.0577 0x0f80  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:47:48.0592 0x0f80  MSDTC - ok
10:47:48.0663 0x0f80  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:47:48.0670 0x0f80  Msfs - ok
10:47:48.0717 0x0f80  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:47:48.0725 0x0f80  mshidkmdf - ok
10:47:48.0780 0x0f80  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:47:48.0788 0x0f80  msisadrv - ok
10:47:48.0842 0x0f80  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:47:48.0858 0x0f80  MSiSCSI - ok
10:47:48.0866 0x0f80  msiserver - ok
10:47:48.0920 0x0f80  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:47:48.0928 0x0f80  MSKSSRV - ok
10:47:48.0983 0x0f80  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:47:48.0983 0x0f80  MSPCLOCK - ok
10:47:49.0030 0x0f80  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:47:49.0038 0x0f80  MSPQM - ok
10:47:49.0108 0x0f80  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:47:49.0170 0x0f80  MsRPC - ok
10:47:49.0225 0x0f80  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:47:49.0233 0x0f80  mssmbios - ok
10:47:49.0288 0x0f80  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:47:49.0288 0x0f80  MSTEE - ok
10:47:49.0311 0x0f80  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:47:49.0311 0x0f80  MTConfig - ok
10:47:49.0342 0x0f80  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:47:49.0342 0x0f80  Mup - ok
10:47:49.0420 0x0f80  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:47:49.0444 0x0f80  napagent - ok
10:47:49.0506 0x0f80  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:47:49.0553 0x0f80  NativeWifiP - ok
10:47:49.0647 0x0f80  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:47:49.0741 0x0f80  NDIS - ok
10:47:49.0795 0x0f80  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:47:49.0795 0x0f80  NdisCap - ok
10:47:49.0858 0x0f80  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:47:49.0858 0x0f80  NdisTapi - ok
10:47:49.0913 0x0f80  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:47:49.0928 0x0f80  Ndisuio - ok
10:47:49.0983 0x0f80  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:47:50.0006 0x0f80  NdisWan - ok
10:47:50.0069 0x0f80  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:47:50.0077 0x0f80  NDProxy - ok
10:47:50.0147 0x0f80  [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:47:50.0155 0x0f80  Net Driver HPZ12 - ok
10:47:50.0211 0x0f80  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:47:50.0211 0x0f80  NetBIOS - ok
10:47:50.0290 0x0f80  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:47:50.0305 0x0f80  NetBT - ok
10:47:50.0329 0x0f80  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
10:47:50.0336 0x0f80  Netlogon - ok
10:47:50.0383 0x0f80  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:47:50.0407 0x0f80  Netman - ok
10:47:50.0485 0x0f80  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:47:50.0610 0x0f80  NetMsmqActivator - ok
10:47:50.0665 0x0f80  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:47:50.0665 0x0f80  NetPipeActivator - ok
10:47:50.0719 0x0f80  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:47:50.0743 0x0f80  netprofm - ok
10:47:50.0790 0x0f80  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:47:50.0790 0x0f80  NetTcpActivator - ok
10:47:50.0805 0x0f80  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:47:50.0813 0x0f80  NetTcpPortSharing - ok
10:47:50.0860 0x0f80  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:47:50.0868 0x0f80  nfrd960 - ok
10:47:50.0930 0x0f80  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:47:50.0946 0x0f80  NlaSvc - ok
10:47:50.0977 0x0f80  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:47:50.0977 0x0f80  Npfs - ok
10:47:51.0008 0x0f80  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:47:51.0008 0x0f80  nsi - ok
10:47:51.0024 0x0f80  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:47:51.0032 0x0f80  nsiproxy - ok
10:47:51.0165 0x0f80  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:47:51.0235 0x0f80  Ntfs - ok
10:47:51.0274 0x0f80  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:47:51.0274 0x0f80  Null - ok
10:47:51.0336 0x0f80  [ 4C31806AD9A8A6F410E4F8308E67AD30, E9FAE5142733E9E3CDFF8AEDADBAFDE89D4DBF6B026F34B95A1EF0A473BD5599 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
10:47:51.0352 0x0f80  NVHDA - ok
10:47:54.0642 0x0f80  [ FCBA1C22727939E7CFF9EB08FE9692AB, 081FBF38EA17746C5CF2260AD32B62385D4A075476E30CBB9A2AA080F8AA0CA4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:47:55.0689 0x0f80  nvlddmkm - ok
10:47:56.0017 0x0f80  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:47:56.0572 0x0f80  nvraid - ok
10:47:56.0712 0x0f80  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:47:56.0861 0x0f80  nvstor - ok
10:47:57.0322 0x0f80  [ 10C232F6CFFD51D2332898AE7AE0FF23, 92E5452D8467852C22D702ACAFB5DBFD312A8F72A4353B8D0A9C18AEFCE4B2B2 ] nvsvc           C:\Windows\system32\nvvsvc.exe
10:47:57.0392 0x0f80  nvsvc - ok
10:47:57.0834 0x0f80  [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
10:47:58.0476 0x0f80  nvUpdatusService - ok
10:47:58.0601 0x0f80  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:47:58.0734 0x0f80  nv_agp - ok
10:47:59.0031 0x0f80  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:47:59.0203 0x0f80  odserv - ok
10:47:59.0265 0x0f80  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:47:59.0273 0x0f80  ohci1394 - ok
10:47:59.0343 0x0f80  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:47:59.0421 0x0f80  ose - ok
10:47:59.0523 0x0f80  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:47:59.0546 0x0f80  p2pimsvc - ok
10:47:59.0593 0x0f80  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:47:59.0664 0x0f80  p2psvc - ok
10:47:59.0742 0x0f80  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:47:59.0750 0x0f80  Parport - ok
10:47:59.0812 0x0f80  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:47:59.0828 0x0f80  partmgr - ok
10:47:59.0890 0x0f80  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:47:59.0953 0x0f80  PcaSvc - ok
10:47:59.0992 0x0f80  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:48:00.0000 0x0f80  pci - ok
10:48:00.0062 0x0f80  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:48:00.0078 0x0f80  pciide - ok
10:48:00.0171 0x0f80  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:48:00.0454 0x0f80  pcmcia - ok
10:48:00.0555 0x0f80  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:48:00.0571 0x0f80  pcw - ok
10:48:00.0797 0x0f80  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:48:00.0907 0x0f80  PEAUTH - ok
10:48:01.0047 0x0f80  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:48:01.0071 0x0f80  PerfHost - ok
10:48:01.0422 0x0f80  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:48:01.0641 0x0f80  pla - ok
10:48:01.0865 0x0f80  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:48:02.0029 0x0f80  PlugPlay - ok
10:48:02.0146 0x0f80  [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:48:02.0201 0x0f80  Pml Driver HPZ12 - ok
10:48:02.0248 0x0f80  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:48:02.0279 0x0f80  PNRPAutoReg - ok
10:48:02.0490 0x0f80  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:48:02.0498 0x0f80  PNRPsvc - ok
10:48:02.0716 0x0f80  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:48:02.0755 0x0f80  PolicyAgent - ok
10:48:02.0849 0x0f80  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:48:02.0935 0x0f80  Power - ok
10:48:03.0076 0x0f80  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:48:03.0193 0x0f80  PptpMiniport - ok
10:48:03.0248 0x0f80  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:48:03.0287 0x0f80  Processor - ok
10:48:03.0498 0x0f80  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:48:03.0537 0x0f80  ProfSvc - ok
10:48:03.0576 0x0f80  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
10:48:03.0583 0x0f80  ProtectedStorage - ok
10:48:03.0794 0x0f80  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:48:04.0107 0x0f80  Psched - ok
10:48:04.0491 0x0f80  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:48:04.0647 0x0f80  ql2300 - ok
10:48:04.0702 0x0f80  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:48:04.0772 0x0f80  ql40xx - ok
10:48:04.0850 0x0f80  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:48:04.0889 0x0f80  QWAVE - ok
10:48:04.0913 0x0f80  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:48:04.0959 0x0f80  QWAVEdrv - ok
10:48:04.0999 0x0f80  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:48:05.0014 0x0f80  RasAcd - ok
10:48:05.0108 0x0f80  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:48:05.0116 0x0f80  RasAgileVpn - ok
10:48:05.0155 0x0f80  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:48:05.0178 0x0f80  RasAuto - ok
10:48:05.0241 0x0f80  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:48:05.0272 0x0f80  Rasl2tp - ok
10:48:05.0397 0x0f80  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:48:05.0452 0x0f80  RasMan - ok
10:48:05.0522 0x0f80  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:48:05.0545 0x0f80  RasPppoe - ok
10:48:05.0631 0x0f80  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:48:05.0647 0x0f80  RasSstp - ok
10:48:05.0741 0x0f80  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:48:05.0858 0x0f80  rdbss - ok
10:48:05.0897 0x0f80  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:48:05.0913 0x0f80  rdpbus - ok
10:48:05.0936 0x0f80  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:48:05.0944 0x0f80  RDPCDD - ok
10:48:06.0014 0x0f80  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:48:06.0022 0x0f80  RDPENCDD - ok
10:48:06.0045 0x0f80  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:48:06.0061 0x0f80  RDPREFMP - ok
10:48:06.0147 0x0f80  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:48:06.0273 0x0f80  RDPWD - ok
10:48:06.0390 0x0f80  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:48:06.0398 0x0f80  rdyboost - ok
10:48:06.0476 0x0f80  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:48:06.0539 0x0f80  RemoteAccess - ok
10:48:06.0601 0x0f80  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:48:06.0757 0x0f80  RemoteRegistry - ok
10:48:06.0929 0x0f80  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:48:06.0984 0x0f80  RpcEptMapper - ok
10:48:07.0039 0x0f80  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:48:07.0070 0x0f80  RpcLocator - ok
10:48:07.0203 0x0f80  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:48:07.0218 0x0f80  RpcSs - ok
10:48:07.0289 0x0f80  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:48:07.0304 0x0f80  rspndr - ok
10:48:07.0453 0x0f80  [ E228C336F195FA629D00B02F9FFC5667, 114F562882EF2A439EC4783029A977A53588F3870AED158B46F8DA51B4CB2715 ] SafeBox         C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
10:48:07.0492 0x0f80  SafeBox - ok
10:48:07.0531 0x0f80  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
10:48:07.0531 0x0f80  SamSs - ok
10:48:07.0601 0x0f80  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:48:07.0726 0x0f80  sbp2port - ok
10:48:07.0851 0x0f80  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:48:07.0960 0x0f80  SCardSvr - ok
10:48:08.0046 0x0f80  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:48:08.0140 0x0f80  scfilter - ok
10:48:08.0609 0x0f80  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:48:08.0664 0x0f80  Schedule - ok
10:48:08.0757 0x0f80  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:48:08.0765 0x0f80  SCPolicySvc - ok
10:48:08.0859 0x0f80  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:48:08.0937 0x0f80  SDRSVC - ok
10:48:09.0000 0x0f80  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:48:09.0015 0x0f80  secdrv - ok
10:48:09.0070 0x0f80  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:48:09.0078 0x0f80  seclogon - ok
10:48:09.0125 0x0f80  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:48:09.0132 0x0f80  SENS - ok
10:48:09.0210 0x0f80  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:48:09.0242 0x0f80  SensrSvc - ok
10:48:09.0390 0x0f80  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:48:09.0476 0x0f80  Serenum - ok
10:48:09.0562 0x0f80  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:48:09.0585 0x0f80  Serial - ok
10:48:09.0710 0x0f80  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
10:48:09.0750 0x0f80  sermouse - ok
10:48:09.0843 0x0f80  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:48:09.0859 0x0f80  SessionEnv - ok
10:48:09.0914 0x0f80  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:48:09.0937 0x0f80  sffdisk - ok
10:48:09.0953 0x0f80  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:48:09.0968 0x0f80  sffp_mmc - ok
10:48:10.0000 0x0f80  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:48:10.0007 0x0f80  sffp_sd - ok
10:48:10.0062 0x0f80  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:48:10.0117 0x0f80  sfloppy - ok
10:48:10.0218 0x0f80  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:48:10.0320 0x0f80  SharedAccess - ok
10:48:10.0554 0x0f80  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:48:10.0617 0x0f80  ShellHWDetection - ok
10:48:10.0695 0x0f80  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:48:11.0007 0x0f80  SiSRaid2 - ok
10:48:11.0085 0x0f80  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
10:48:11.0507 0x0f80  SiSRaid4 - ok
10:48:11.0734 0x0f80  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
10:48:11.0929 0x0f80  SkypeUpdate - ok
10:48:12.0062 0x0f80  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:48:12.0226 0x0f80  Smb - ok
10:48:12.0375 0x0f80  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:48:12.0414 0x0f80  SNMPTRAP - ok
10:48:20.0132 0x0f80  [ AFCEE58DFCB5B696A624DD55CF3927F9, 256A1AF21966A69F26766243FABBF46E0905F1BAF4070E54DA4B95EFEC453449 ] SNPSTD3         C:\Windows\system32\DRIVERS\snpstd3.sys
10:48:20.0819 0x0f80  SNPSTD3 - ok
10:48:21.0039 0x0f80  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:48:21.0179 0x0f80  spldr - ok
10:48:21.0564 0x0f80  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
10:48:21.0649 0x0f80  Spooler - ok
10:48:24.0030 0x0f80  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:48:24.0276 0x0f80  sppsvc - ok
10:48:24.0431 0x0f80  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:48:24.0603 0x0f80  sppuinotify - ok
10:48:24.0908 0x0f80  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:48:25.0009 0x0f80  srv - ok
10:48:25.0251 0x0f80  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:48:25.0361 0x0f80  srv2 - ok
10:48:25.0681 0x0f80  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:48:25.0806 0x0f80  srvnet - ok
10:48:26.0001 0x0f80  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:48:26.0041 0x0f80  SSDPSRV - ok
10:48:26.0189 0x0f80  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:48:26.0212 0x0f80  SstpSvc - ok
10:48:26.0541 0x0f80  [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:48:27.0369 0x0f80  Stereo Service - ok
10:48:27.0556 0x0f80  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
10:48:27.0689 0x0f80  stexstor - ok
10:48:28.0134 0x0f80  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:48:28.0212 0x0f80  stisvc - ok
10:48:28.0416 0x0f80  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:48:28.0440 0x0f80  swenum - ok
10:48:28.0690 0x0f80  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:48:29.0143 0x0f80  swprv - ok
10:48:30.0174 0x0f80  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:48:30.0268 0x0f80  SysMain - ok
10:48:30.0424 0x0f80  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:48:30.0651 0x0f80  TabletInputService - ok
10:48:31.0049 0x0f80  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:48:31.0440 0x0f80  TapiSrv - ok
10:48:31.0604 0x0f80  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:48:31.0799 0x0f80  TBS - ok
10:48:33.0213 0x0f80  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:48:33.0409 0x0f80  Tcpip - ok
10:48:34.0479 0x0f80  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:48:34.0588 0x0f80  TCPIP6 - ok
10:48:34.0745 0x0f80  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:48:34.0854 0x0f80  tcpipreg - ok
10:48:35.0018 0x0f80  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:48:35.0135 0x0f80  TDPIPE - ok
10:48:35.0213 0x0f80  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:48:35.0245 0x0f80  TDTCP - ok
10:48:35.0393 0x0f80  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:48:35.0596 0x0f80  tdx - ok
10:48:35.0752 0x0f80  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:48:35.0956 0x0f80  TermDD - ok
10:48:36.0433 0x0f80  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
10:48:36.0816 0x0f80  TermService - ok
10:48:36.0910 0x0f80  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:48:36.0925 0x0f80  Themes - ok
10:48:37.0074 0x0f80  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:48:37.0113 0x0f80  THREADORDER - ok
10:48:37.0214 0x0f80  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:48:37.0253 0x0f80  TrkWks - ok
10:48:37.0425 0x0f80  [ 3E75A47D2DEFD2683DCA409572FBE8B2, 33964B1A05E045D3B878CDFD9F52A9086B4FA54D6D4D1DC38062D2874CACD4A0 ] trufos          C:\Windows\system32\DRIVERS\trufos.sys
10:48:37.0496 0x0f80  trufos - ok
10:48:37.0691 0x0f80  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:48:37.0823 0x0f80  TrustedInstaller - ok
10:48:37.0899 0x0f80  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:48:38.0055 0x0f80  tssecsrv - ok
10:48:38.0290 0x0f80  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:48:38.0424 0x0f80  TsUsbFlt - ok
10:48:38.0573 0x0f80  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:48:38.0674 0x0f80  tunnel - ok
10:48:39.0010 0x0f80  [ 1A006963644C7FDE5BE60036F3A43E68, BD596CD2D1AAE3A145DC9FD73FD53CD25242AF4CFCD2783D8FCB3B12EBCC7153 ] TVICHW64        C:\Windows\SysWOW64\Drivers\TVicHW64.sys
10:48:39.0041 0x0f80  TVICHW64 - ok
10:48:39.0117 0x0f80  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
10:48:39.0125 0x0f80  uagp35 - ok
10:48:39.0254 0x0f80  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:48:39.0397 0x0f80  udfs - ok
10:48:39.0459 0x0f80  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:48:39.0616 0x0f80  UI0Detect - ok
10:48:39.0717 0x0f80  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:48:39.0764 0x0f80  uliagpkx - ok
10:48:39.0952 0x0f80  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
10:48:40.0108 0x0f80  umbus - ok
10:48:40.0280 0x0f80  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:48:40.0327 0x0f80  UmPass - ok
10:48:40.0789 0x0f80  [ C1C2C9231EBD263DB9C4F34DBB080B32, 25A046D8CC6674A47F3338E84661BF502D21C571C50643D9EF20D334CC27538C ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
10:48:40.0937 0x0f80  UPDATESRV - ok
10:48:41.0007 0x0f80  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:48:41.0109 0x0f80  upnphost - ok
10:48:41.0312 0x0f80  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
10:48:41.0335 0x0f80  USBAAPL64 - ok
10:48:41.0437 0x0f80  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:48:41.0554 0x0f80  usbccgp - ok
10:48:41.0625 0x0f80  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:48:41.0687 0x0f80  usbcir - ok
10:48:41.0804 0x0f80  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:48:41.0937 0x0f80  usbehci - ok
10:48:42.0140 0x0f80  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:48:42.0359 0x0f80  usbhub - ok
10:48:42.0454 0x0f80  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:48:42.0610 0x0f80  usbohci - ok
10:48:42.0711 0x0f80  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:48:42.0750 0x0f80  usbprint - ok
10:48:42.0805 0x0f80  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:48:42.0813 0x0f80  USBSTOR - ok
10:48:42.0899 0x0f80  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
10:48:42.0930 0x0f80  usbuhci - ok
10:48:43.0016 0x0f80  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:48:43.0032 0x0f80  UxSms - ok
10:48:43.0094 0x0f80  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
10:48:43.0094 0x0f80  VaultSvc - ok
10:48:43.0219 0x0f80  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:48:43.0243 0x0f80  vdrvroot - ok
10:48:43.0352 0x0f80  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:48:43.0508 0x0f80  vds - ok
10:48:43.0579 0x0f80  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:48:43.0594 0x0f80  vga - ok
10:48:43.0633 0x0f80  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:48:43.0657 0x0f80  VgaSave - ok
10:48:43.0782 0x0f80  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:48:43.0852 0x0f80  vhdmp - ok
10:48:43.0899 0x0f80  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:48:43.0915 0x0f80  viaide - ok
10:48:43.0938 0x0f80  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:48:43.0946 0x0f80  volmgr - ok
10:48:44.0063 0x0f80  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:48:44.0172 0x0f80  volmgrx - ok
10:48:44.0211 0x0f80  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:48:44.0235 0x0f80  volsnap - ok
10:48:44.0336 0x0f80  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
10:48:44.0422 0x0f80  vsmraid - ok
10:48:44.0829 0x0f80  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:48:45.0071 0x0f80  VSS - ok
10:48:45.0556 0x0f80  [ 1DABB1774580AA6EADA9F34D035164BF, 2D0F6FF2A159E31C31D8C0D499B0398E1E4C2830F784E52A6AC58DB06653F678 ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
10:48:45.0634 0x0f80  VSSERV - ok
10:48:45.0673 0x0f80  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
10:48:45.0720 0x0f80  vwifibus - ok
10:48:45.0908 0x0f80  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:48:46.0134 0x0f80  W32Time - ok
10:48:46.0186 0x0f80  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
10:48:46.0202 0x0f80  WacomPen - ok
10:48:46.0334 0x0f80  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:48:46.0374 0x0f80  WANARP - ok
10:48:46.0428 0x0f80  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:48:46.0428 0x0f80  Wanarpv6 - ok
10:48:46.0647 0x0f80  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:48:46.0780 0x0f80  wbengine - ok
10:48:46.0866 0x0f80  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:48:46.0952 0x0f80  WbioSrvc - ok
10:48:47.0061 0x0f80  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:48:47.0163 0x0f80  wcncsvc - ok
10:48:47.0217 0x0f80  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:48:47.0311 0x0f80  WcsPlugInService - ok
10:48:47.0389 0x0f80  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
10:48:47.0454 0x0f80  Wd - ok
10:48:47.0665 0x0f80  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:48:47.0782 0x0f80  Wdf01000 - ok
10:48:47.0868 0x0f80  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:48:47.0915 0x0f80  WdiServiceHost - ok
10:48:47.0930 0x0f80  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:48:47.0938 0x0f80  WdiSystemHost - ok
10:48:48.0024 0x0f80  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
10:48:48.0211 0x0f80  WebClient - ok
10:48:48.0250 0x0f80  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:48:48.0407 0x0f80  Wecsvc - ok
10:48:48.0485 0x0f80  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:48:48.0493 0x0f80  wercplsupport - ok
10:48:48.0571 0x0f80  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:48:48.0579 0x0f80  WerSvc - ok
10:48:48.0735 0x0f80  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:48:48.0821 0x0f80  WfpLwf - ok
10:48:48.0844 0x0f80  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:48:48.0860 0x0f80  WIMMount - ok
10:48:48.0992 0x0f80  WinDefend - ok
10:48:49.0041 0x0f80  WinHttpAutoProxySvc - ok
10:48:49.0119 0x0f80  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:48:49.0158 0x0f80  Winmgmt - ok
10:48:49.0851 0x0f80  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:48:50.0070 0x0f80  WinRM - ok
10:48:50.0359 0x0f80  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:48:50.0382 0x0f80  WinUsb - ok
10:48:50.0531 0x0f80  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:48:50.0795 0x0f80  Wlansvc - ok
10:48:50.0897 0x0f80  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:48:50.0913 0x0f80  WmiAcpi - ok
10:48:50.0991 0x0f80  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:48:51.0057 0x0f80  wmiApSrv - ok
10:48:51.0088 0x0f80  WMPNetworkSvc - ok
10:48:51.0143 0x0f80  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:48:51.0151 0x0f80  WPCSvc - ok
10:48:51.0280 0x0f80  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:48:51.0288 0x0f80  WPDBusEnum - ok
10:48:51.0321 0x0f80  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:48:51.0327 0x0f80  ws2ifsl - ok
10:48:51.0363 0x0f80  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:48:51.0390 0x0f80  wscsvc - ok
10:48:51.0398 0x0f80  WSearch - ok
10:48:51.0595 0x0f80  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:48:51.0939 0x0f80  wuauserv - ok
10:48:52.0088 0x0f80  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:48:52.0166 0x0f80  WudfPf - ok
10:48:52.0276 0x0f80  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:48:52.0342 0x0f80  WUDFRd - ok
10:48:52.0405 0x0f80  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:48:52.0416 0x0f80  wudfsvc - ok
10:48:52.0539 0x0f80  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:48:52.0675 0x0f80  WwanSvc - ok
10:48:52.0953 0x0f80  X6va012 - ok
10:48:53.0035 0x0f80  ================ Scan global ===============================
10:48:53.0199 0x0f80  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:48:53.0437 0x0f80  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:48:53.0496 0x0f80  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:48:53.0582 0x0f80  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:48:53.0660 0x0f80  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:48:53.0703 0x0f80  [ Global ] - ok
10:48:53.0710 0x0f80  ================ Scan MBR ==================================
10:48:53.0777 0x0f80  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:48:55.0658 0x0f80  \Device\Harddisk0\DR0 - ok
10:48:55.0658 0x0f80  ================ Scan VBR ==================================
10:48:55.0693 0x0f80  [ 26B0C8517AA79B42AE8A4213575E90B8 ] \Device\Harddisk0\DR0\Partition1
10:48:55.0833 0x0f80  \Device\Harddisk0\DR0\Partition1 - ok
10:48:55.0833 0x0f80  ================ Scan generic autorun ======================
10:48:56.0154 0x0f80  [ 3D5CA4EE44877AB4BA828EFC5D55B36E, 96CE0AFC8AA280A1DA836074024D0E7DA3D3401310F5FDE92066C6823ED05C61 ] C:\Windows\vsnpstd3.exe
10:48:56.0275 0x0f80  snpstd3 - ok
10:48:56.0794 0x0f80  [ 81B82B6DA127FC3230DC50F3A411A50A, 124D9D2B0169E77665A6A2D381B270E81EFF47312DCFE7FE7A692E82610F8E26 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
10:48:57.0126 0x0f80  AdobeAAMUpdater-1.0 - ok
10:48:57.0849 0x0f80  [ 8FBA07BBCB197646ECB5E475C89A89DF, 3967574E10C12901714986329A499B50621568230D3DEBDEE51C432F13B58265 ] C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
10:48:57.0939 0x0f80  Bdagent - ok
10:48:58.0209 0x0f80  [ 09B5359E63EF3202D22F2F60349E29FB, 6E71FD8BCB5A8D6844F13E32420DBA5B28118683992657B9803B306E6C766C8D ] C:\Windows\tsnpstd3.exe
10:48:58.0237 0x0f80  tsnpstd3 - ok
10:48:58.0721 0x0f80  [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
10:48:58.0936 0x0f80  APSDaemon - ok
10:48:59.0921 0x0f80  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
10:49:00.0156 0x0f80  GrooveMonitor - ok
10:49:00.0981 0x0f80  [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
10:49:01.0352 0x0f80  AdobeCS6ServiceManager - ok
10:49:01.0844 0x0f80  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
10:49:01.0981 0x0f80  iTunesHelper - ok
10:49:03.0076 0x0f80  [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
10:49:03.0416 0x0f80  QuickTime Task - ok
10:49:05.0583 0x0f80  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:49:06.0587 0x0f80  Sidebar - ok
10:49:06.0681 0x0f80  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:49:06.0880 0x0f80  mctadmin - ok
10:49:07.0166 0x0f80  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:49:07.0194 0x0f80  Sidebar - ok
10:49:07.0291 0x0f80  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:49:07.0291 0x0f80  mctadmin - ok
10:49:08.0106 0x0f80  [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\Meynard\AppData\Local\Facebook\Update\FacebookUpdate.exe
10:49:08.0297 0x0f80  Facebook Update - ok
10:49:12.0707 0x0f80  [ F2E5126DF9CBBEEFFA91279D62430652, 1E65AAE2BBE9F01063A5BF26A6172AEBD0C6695A6DCA9C894FDC2BD7706768B4 ] C:\Program Files\CCleaner\CCleaner64.exe
10:49:13.0028 0x0f80  CCleaner - ok
10:49:13.0829 0x0f80  [ 47B1ECA46EF5B42181B284374D9F393D, 0F70D2EA9BC4B0159F8D65D237972B15FC85009EEC56A836A9AC9E16831A0CC8 ] C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
10:49:13.0949 0x0f80  Bitdefender Wallet Agent - ok
10:49:13.0953 0x0f80  Waiting for KSN requests completion. In queue: 16
10:49:14.0953 0x0f80  Waiting for KSN requests completion. In queue: 2
10:49:15.0953 0x0f80  Waiting for KSN requests completion. In queue: 2
10:49:16.0953 0x0f80  Waiting for KSN requests completion. In queue: 2
10:49:17.0953 0x0f80  Waiting for KSN requests completion. In queue: 2
10:49:19.0313 0x0f80  AV detected via SS2: Bitdefender Antivirus, C:\Program Files\Bitdefender\Bitdefender 2015\wscfix.exe ( 18.18.0.1254 ), 0x41000 ( enabled : updated )
10:49:19.0329 0x0f80  FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2015\wscfix.exe ( 18.18.0.1254 ), 0x41010 ( enabled )
10:49:22.0534 0x0f80  ============================================================
10:49:22.0534 0x0f80  Scan finished
10:49:22.0534 0x0f80  ============================================================
10:49:22.0557 0x0a00  Detected object count: 0
10:49:22.0557 0x0a00  Actual detected object count: 0
 



#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:27 PM

Posted 29 December 2014 - 11:35 PM

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.



If you already have MBAM 2.0 installed:

  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


How to get logs:
(Export log to save as txt)


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.



(Copy to clipboard for pasting into forum replies or tickets)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit (MBAR) to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"


NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 Michirin

Michirin
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Philippines
  • Local time:09:27 AM

Posted 30 December 2014 - 02:34 AM

 FIRST LOG

 

Results of screen317's Security Check version 0.99.93  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled!  
Bitdefender Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
  Adobe Flash Player 15.0.0.246 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox (34.0.5)
````````Process Check: objlist.exe by Laurent````````  
 Bitdefender Bitdefender 2015 vsserv.exe  
 Bitdefender Bitdefender 2015 updatesrv.exe  
 Bitdefender Bitdefender 2015 bdagent.exe  
 Bitdefender Bitdefender 2015 bdwtxag.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
 


Edited by Michirin, 30 December 2014 - 02:36 AM.


#6 Michirin

Michirin
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Philippines
  • Local time:09:27 AM

Posted 30 December 2014 - 02:37 AM

SECOND LOG

 

Farbar Service Scanner Version: 21-07-2014
Ran by Meynard (administrator) on 30-12-2014 at 13:08:08
Running from "C:\Users\Meynard\Desktop"
Microsoft Windows 7 Home Basic  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****



#7 Michirin

Michirin
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Philippines
  • Local time:09:27 AM

Posted 30 December 2014 - 02:38 AM

THIRD LOG

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Meynard (administrator) on 30-12-2014 at 13:10:19
Running from "C:\Users\Meynard\Desktop"
Microsoft Windows 7 Home Basic  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

activate.adobe.com

========================= IP Configuration: ================================

VIA Rhine II Compatible Fast Ethernet Adapter = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Meynard-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.name

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : domain.name
   Description . . . . . . . . . . . : VIA Rhine II Compatible Fast Ethernet Adapter
   Physical Address. . . . . . . . . : 00-19-DB-29-F1-F0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::899d:b1ca:fb62:f281%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.11.4(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, December 30, 2014 12:39:09 PM
   Lease Expires . . . . . . . . . . : Thursday, January 01, 2015 12:39:09 PM
   Default Gateway . . . . . . . . . : 192.168.11.1
   DHCP Server . . . . . . . . . . . : 192.168.11.1
   DHCPv6 IAID . . . . . . . . . . . : 234887643
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-E9-63-65-00-19-DB-29-F1-F0
   DNS Servers . . . . . . . . . . . : 192.168.11.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  UnKnown
Address:  192.168.11.1

DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Address:  2404:6800:4005:801::100e


Pinging google.com [173.194.127.104] with 32 bytes of data:
Request timed out.
Reply from 173.194.127.104: bytes=32 time=85ms TTL=52

Ping statistics for 173.194.127.104:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 85ms, Maximum = 85ms, Average = 85ms
Server:  UnKnown
Address:  192.168.11.1

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=262ms TTL=44
Reply from 206.190.36.45: bytes=32 time=263ms TTL=44

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 262ms, Maximum = 263ms, Average = 262ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...00 19 db 29 f1 f0 ......VIA Rhine II Compatible Fast Ethernet Adapter
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     192.168.11.1     192.168.11.4     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
     192.168.11.0    255.255.255.0         On-link      192.168.11.4    276
     192.168.11.4  255.255.255.255         On-link      192.168.11.4    276
   192.168.11.255  255.255.255.255         On-link      192.168.11.4    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.11.4    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.11.4    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 10    276 fe80::/64                On-link
 10    276 fe80::899d:b1ca:fb62:f281/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/30/2014 00:40:08 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/30/2014 00:40:08 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/30/2014 00:40:08 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/30/2014 00:40:08 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (12/30/2014 00:40:07 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/30/2014 00:40:07 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (12/30/2014 00:40:05 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/30/2014 00:40:05 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/30/2014 00:40:05 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot open the Jet property store.


Details:
    0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))

Error: (12/30/2014 00:40:05 PM) (Source: ESENT) (User: )
Description: Windows (3380) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0007C.log.


System errors:
=============
Error: (12/30/2014 00:41:53 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (12/30/2014 00:41:53 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (12/30/2014 00:40:08 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (12/30/2014 00:40:08 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (12/30/2014 00:38:53 PM) (Source: Service Control Manager) (User: )
Description: The Bitdefender Virus Shield service hung on starting.

Error: (12/30/2014 10:35:43 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (12/30/2014 10:35:43 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (12/30/2014 00:09:08 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VSSERV service.

Error: (12/29/2014 01:16:17 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (12/29/2014 01:16:17 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-09-17 21:11:14.886
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-17 21:11:13.779
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.



=========================== Installed Programs ============================
μTorrent (HKCU\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Refresh Manager (x32 Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.20.0.1429 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile JPN Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile Language Pack - 日本語 (HKLM\...\Microsoft .NET Framework 4 Client Profile JPN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended JPN Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended Language Pack - 日本語 (HKLM\...\Microsoft .NET Framework 4 Extended JPN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 296.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 296.16 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Control Panel 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.14.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.14.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OLYMPUS Digital Camera Updater (HKLM-x32\...\{249AF4F3-0353-4C75-988D-019FCD52B4D4}) (Version: 1.0.2 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 2 (HKLM-x32\...\{894A754D-8B40-4543-89B3-F30A49A8565A}) (Version: 1.2.1 - OLYMPUS IMAGING CORP.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Skype? 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
tricomfi (HKLM-x32\...\{74f1e872-8d6f-4cc7-58d6-c60d8dfe43ed}) (Version: 1.0.0 - estdemin)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{11C9B057-27FF-4BC1-82F6-DC4B15E70A2E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
USB PC Camera-168 (HKLM-x32\...\{ECD03DA7-5952-406A-8156-5F0C93618D1F}) (Version: 5.18.1207.108 - Sonix)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WSE_Astromenda (HKLM-x32\...\Astromenda) (Version:  - Astromenda)
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )

========================= Devices: ================================

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


========================= Memory info: ===================================

Percentage of memory in use: 82%
Total physical RAM: 1534.49 MB
Available physical RAM: 274.01 MB
Total Pagefile: 3068.49 MB
Available Pagefile: 1198.39 MB
Total Virtual: 4095.88 MB
Available Virtual: 3979.88 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:74.52 GB) (Free:10.4 GB) NTFS

========================= Users: ========================================

User accounts for \\MEYNARD-PC

Administrator            Guest                    Meynard                  
UpdatusUser              

========================= Restore Points ==================================

28-12-2014 06:32:24 Sony PC Companion
28-12-2014 07:06:18 Installed Sony Mobile Drivers

**** End of log ****
 



#8 Michirin

Michirin
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Philippines
  • Local time:09:27 AM

Posted 30 December 2014 - 02:40 AM

FOURTH LOG

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/30/2014
Scan Time: 1:22:00 PM
Logfile: log 4.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.30.02
Rootkit Database: v2014.12.29.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Meynard

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 358626
Time Elapsed: 42 min, 7 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 3
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, 1596, Delete-on-Reboot, [e7130b5de19be74fc5fc87eea061639d]
PUP.Optional.SearchProtect, C:\Program Files (x86)\SupTab\Loader64.exe, 2696, Delete-on-Reboot, [02f889df23598caaeded9a4a5aa738c8]
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\HpUI.exe, 2608, Delete-on-Reboot, [3dbd4622fa8291a5441688bfb0539967]

Modules: 0
(No malicious items detected)

Registry Keys: 53
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, Quarantined, [e7130b5de19be74fc5fc87eea061639d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [6f8ba2c6e49846f0f8a2b85da063cf31],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [6f8ba2c6e49846f0f8a2b85da063cf31],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}, Quarantined, [45b5bdab4537b086776e786a42c00ef2],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\esrv.deltaESrvc.1, Quarantined, [45b5bdab4537b086776e786a42c00ef2],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\esrv.deltaESrvc, Quarantined, [45b5bdab4537b086776e786a42c00ef2],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.deltaESrvc, Quarantined, [45b5bdab4537b086776e786a42c00ef2],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.deltaESrvc.1, Quarantined, [45b5bdab4537b086776e786a42c00ef2],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}, Quarantined, [52a8beaa413b80b6e7b721f445becd33],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{DF84E609-C3A4-49CB-A160-61767DAF8899}, Quarantined, [52a8beaa413b80b6e7b721f445becd33],
PUP.Optional.Babylon.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Quarantined, [43b7ff6909738caaa7870fcdc73b4cb4],
PUP.Optional.Babylon.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}, Quarantined, [43b7ff6909738caaa7870fcdc73b4cb4],
PUP.Optional.Snapdo.T, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, Quarantined, [c337ff69b0cc2610f22e081145be43bd],
PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, Quarantined, [c337ff69b0cc2610f22e081145be43bd],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}, Quarantined, [c1394424d9a3280e424cbd587291da26],
PUP.Optional.uTorrentControl.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{96f454ea-9d38-474f-b504-56193e00c1a5}, Quarantined, [ab4fcb9d2458e74f5f4da632679bd12f],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltadskBnd, Quarantined, [b84287e1acd02b0bd8c273a1927142be],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltadskBnd.1, Quarantined, [6793acbc0b710c2a9505c0543fc4da26],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\delta.deltadskBnd, Quarantined, [6793acbc0b710c2a9505c0543fc4da26],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\delta.deltadskBnd.1, Quarantined, [6793acbc0b710c2a9505c0543fc4da26],
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pfkfdlcdbajamklbneflfbcmfgddmpae, Quarantined, [11e916529ce0be78856ab627d62e758b],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [5f9bbaae205c1521f04018ac9e66b050],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, Quarantined, [e6147fe9621a5dd96fb4e4a213f031cf],
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\mystartsearchSoftware, Quarantined, [c8326800e29a43f3e66ebbaa28db25db],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, Quarantined, [807ade8a82fae74f3e4ac7110ff5bc44],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, Quarantined, [35c596d2007c67cffa5ee2916e95bc44],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\DELTA\DELTA\Instl, Quarantined, [cb2fe583572572c4e2d0e9d4fd0713ed],
PUP.Optional.TornTV.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nbmafkdmkkckhggblphicnnhlgljnoje, Quarantined, [4fab3e2ae6962313ba4c503a50b3c040],
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pfkfdlcdbajamklbneflfbcmfgddmpae, Quarantined, [0befce9af488dc5a826d6677f90b926e],
PUP.Optional.Gophoto.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pfmopbbadnfoelckkcmjjeaaegjpjjbk, Quarantined, [d426afb9bfbd53e30345229bfc082bd5],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [e515a3c58cf08ea81d13952fdb29d22e],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP, Quarantined, [e01a3f29c8b4a096ff27f57ef80b857b],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, Quarantined, [6d8ddb8dd3a93afc2631f77c93703ec2],
PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, Quarantined, [24d6f375522ada5c87f49eca897a847c],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, Quarantined, [65959bcdabd17db9a2da066222e1d32d],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, Quarantined, [08f2d197c2ba72c4e30d0aafcd375ca4],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, Quarantined, [f20871f7b0cc6bcb97e861571ce8e719],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, Quarantined, [f604b7b1ee8e7fb71b63a513e22235cb],
PUP.Optional.WebSearches.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupHpUISoft, Quarantined, [a45671f72c50c076e027adc819ea6b95],
PUP.Optional.Astromenda.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WSE_Astromenda, Quarantined, [a55577f19ae286b089b82e4553b0c43c],
PUP.Optional.PriceGong.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, Quarantined, [738708608defa78f98153b2abb481de3],
PUP.Optional.Babylon.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, Quarantined, [3dbd84e40d6f43f3a0e22a8f8480bb45],
PUP.Optional.Conduit.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CONDUIT\FF, Quarantined, [f50500682557aa8c65a91ca227dd08f8],
PUP.Optional.ValueApps.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CONDUIT\ValueApps, Quarantined, [a5556503c0bc58de71896042f1125da3],
PUP.Optional.Delta.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA, Quarantined, [7585a6c282fa59ddbe6284338d77b34d],
PUP.Optional.Astromenda.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pfkfdlcdbajamklbneflfbcmfgddmpae, Quarantined, [42b890d84f2d5fd7b838ae2fe51fb34d],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [b446cc9c93e97db96126e6bc11f253ad],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [8674452391eb4bebfaa8b206ed1715eb],
PUP.Optional.Qone8, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [b64498d00b712b0bf639ecd816eecf31],
PUP.Optional.BProtector.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, Quarantined, [1cdeb1b7d4a89d993f86d3e80cf809f7],
PUP.Optional.FastStart.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, Quarantined, [48b2fb6d5a22bf77c6a4b6badf246d93],
PUP.Optional.SnapDo.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR, Quarantined, [26d4afb9dba19a9c3e33237fa65d55ab],
PUP.Optional.Astromenda, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Astromenda, Quarantined, [98626afe0c702a0c42faf7559d6659a7],

Registry Values: 17
PUP.Optional.uTorrentControl.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{96F454EA-9D38-474F-B504-56193E00C1A5}, a?ae?´e´,a??Oμa\?>e??, Quarantined, [ab4fcb9d2458e74f5f4da632679bd12f]
PUP.Optional.uTorrentControl.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{96F454EA-9D38-474F-B504-56193E00C1A5}, Quarantined, [ab4fcb9d2458e74f5f4da632679bd12f],
PUP.Optional.uTorrentControl.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{96F454EA-9D38-474F-B504-56193E00C1A5}, Quarantined, [05f5e880502c50e6397304d49e6442be],
PUP.Optional.uTorrentControl.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{96f454ea-9d38-474f-b504-56193e00c1a5}, Quarantined, [9f5bf7711d5f58de8a224c8c3ac8a25e],
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, Quarantined, [f604a0c82458b086609c1958dd26be42]
PUP.Optional.BrowserProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|bProtectTabs, http://www.delta-search.com/?affID=119776&babsrc=NT_ss&mntrId=84FD0019DB29F1F0, Quarantined, [a85282e6fd7fd75f44a19b20e0247e82]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, Quarantined, [28d2a5c35725b0861be14c250102669a]
PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\Meynard\AppData\Roaming\Mozilla\Firefox\Profiles\074dj3o6.default\extensions\faststartff@gmail.com, Quarantined, [56a41d4b215b0d29e3bf3f9817edc43c]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP|dir, C:\Program Files (x86)\SupTab, Quarantined, [e01a3f29c8b4a096ff27f57ef80b857b]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, amt, Quarantined, [6d8ddb8dd3a93afc2631f77c93703ec2]
PUP.Optional.Delta.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA|tlbrSrchUrl, Quarantined, [7585a6c282fa59ddbe6284338d77b34d],
PUP.Optional.Delta.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA|lastB, http://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=84FD0019DB29F1F0, Quarantined, [c9315513cbb1fe38531b7d42d82ce917]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0H1K1J1N2U0R1O1F, Quarantined, [8674452391eb4bebfaa8b206ed1715eb]
PUP.BProtector, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, http://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=84FD0019DB29F1F0, Quarantined, [7387b0b8bebe52e4364ae1d7db29c33d]
PUP.BProtector, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Quarantined, [ad4d5216027abc7a7011d2e63fc5dd23]
PUP.Optional.FastStart.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, Quarantined, [48b2fb6d5a22bf77c6a4b6badf246d93]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR|publisher, SnapdoEMonYB, Quarantined, [26d4afb9dba19a9c3e33237fa65d55ab]

Registry Data: 7
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[9a602a3e126a55e1e810661b1ce9b749]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[53a76503ea92191d97617a07ad58fd03]
PUP.Optional.SnapDo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=PH&userid=a4a4b97e-7ba1-45df-a536-07edfce87f38&searchtype=ds&q={searchTerms}&installDate=20/09/2013, Good: (www.google.com), Bad: (http://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=PH&userid=a4a4b97e-7ba1-45df-a536-07edfce87f38&searchtype=ds&q={searchTerms}&installDate=20/09/2013),Replaced,[d12987e11a628ea8172491e533d2d729]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=PH&userid=a4a4b97e-7ba1-45df-a536-07edfce87f38&searchtype=ds&q={searchTerms}&installDate=20/09/2013, Good: (www.google.com), Bad: (http://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=PH&userid=a4a4b97e-7ba1-45df-a536-07edfce87f38&searchtype=ds&q={searchTerms}&installDate=20/09/2013),Replaced,[03f789dfb6c675c1d667e294d035857b]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=PH&userid=a4a4b97e-7ba1-45df-a536-07edfce87f38&searchtype=ds&q={searchTerms}&installDate=20/09/2013, Good: (www.google.com), Bad: (http://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=PH&userid=a4a4b97e-7ba1-45df-a536-07edfce87f38&searchtype=ds&q={searchTerms}&installDate=20/09/2013),Replaced,[9862c3a5275563d35de33e38db2ac040]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=PH&userid=a4a4b97e-7ba1-45df-a536-07edfce87f38&searchtype=ds&q={searchTerms}&installDate=20/09/2013, Good: (www.google.com), Bad: (http://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=PH&userid=a4a4b97e-7ba1-45df-a536-07edfce87f38&searchtype=ds&q={searchTerms}&installDate=20/09/2013),Replaced,[21d96dfb3c4044f24cf5aec8f90c9b65]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-1943401559-2002157773-1054815444-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=PH&userid=a4a4b97e-7ba1-45df-a536-07edfce87f38&searchtype=ds&q={searchTerms}&installDate=20/09/2013, Good: (www.google.com), Bad: (http://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=PH&userid=a4a4b97e-7ba1-45df-a536-07edfce87f38&searchtype=ds&q={searchTerms}&installDate=20/09/2013),Replaced,[6d8deb7d93e9b87e3c0041350bfaff01]

Folders: 80
PUP.Optional.Goobzo, C:\ProgramData\SearchModule, Quarantined, [58a2f474106c16203957284b3ec5e020],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\AddedAppDialog, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\DefualtImages, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\DetectedAppDialog, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\EngineFirstTimeDialog, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\NewSearchProtectorDialog, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\NewSearchProtectorDialog\images, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorBubbleDialog, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorBubbleDialog\images, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorDialog, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorDialog\Images, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorRetakeoverDialog, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorRetakeoverDialog\Images, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\ToolbarFirstTimeDialog, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\ToolbarFirstTimeDialog\images, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\ToolbarUntrustedAppsApprovalDialog, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\UninstallDialog, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\UntrustedAddedAppDialog, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\UntrustedAppApprovalDialog, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\UntrustedAppPendingDialog, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\EmailNotifier, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\ExternalComponent, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Logs, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\MyStuffApps, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\plugins, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Repository, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Repository\conduit_CT3289075_CT3289075, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Repository\conduit_CT3289075_CT3289075\AppsMetaData, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Repository\conduit_CT3289075_CT3289075\DynamicDialogs, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Repository\conduit_CT3289075_CT3289075\ToolbarLogin, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Repository\conduit_CT3289075_CT3289075\ToolbarSettings, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Repository\conduit_CT3289075_en, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Repository\conduit_CT3289075_en\ToolbarTranslation, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\SearchInNewTab, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, Delete-on-Reboot, [34c6e286b0ccc47235bc2c129073827e],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, Quarantined, [34c6e286b0ccc47235bc2c129073827e],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Quarantined, [28d22048e89481b5c5891c25d330fb05],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, Quarantined, [28d22048e89481b5c5891c25d330fb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, Delete-on-Reboot, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.Astromenda.A, C:\Users\Meynard\AppData\Roaming\Astromenda, Quarantined, [b9419cccdba17cba6d9c7cce1be8b14f],
PUP.Optional.Astromenda.A, C:\Users\Meynard\AppData\Roaming\Astromenda\icons_2.21.18.4, Quarantined, [b9419cccdba17cba6d9c7cce1be8b14f],
PUP.Optional.Goobzo, C:\Program Files\Common Files\Goobzo, Quarantined, [25d5fe6a09739f974ee9ec605fa47789],
PUP.Optional.Astromenda, C:\Program Files (x86)\Astromenda, Quarantined, [98626afe0c702a0c42faf7559d6659a7],
PUP.Optional.Astromenda, C:\Program Files (x86)\Astromenda\bh, Quarantined, [98626afe0c702a0c42faf7559d6659a7],
PUP.Optional.Astromenda.A, C:\Users\Meynard\AppData\Roaming\WSE_Astromenda, Quarantined, [5b9f3335285460d6173ef8544eb5619f],
PUP.Optional.Astromenda.A, C:\Users\Meynard\AppData\Roaming\WSE_Astromenda\UpdateProc, Quarantined, [5b9f3335285460d6173ef8544eb5619f],
PUP.Optional.Astromenda.A, C:\Users\Meynard\AppData\Local\Astromenda, Quarantined, [9c5e4f19fc806dc9f5d7530a7a89c13f],

Files: 219
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, Delete-on-Reboot, [e7130b5de19be74fc5fc87eea061639d],
PUP.Optional.SearchProtect, C:\Program Files (x86)\SupTab\Loader64.exe, Delete-on-Reboot, [02f889df23598caaeded9a4a5aa738c8],
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, Quarantined, [a5555e0a2656bd792a787b2a0af735cb],
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface64.dll, Quarantined, [5b9f76f28af2f3432d759114ca3730d0],
PUP.Optional.IEPluginService.A, C:\Program Files (x86)\SupTab\RSHP.exe, Quarantined, [24d62345adcf1f175f395731847d9c64],
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect32.dll, Quarantined, [3dbdf474255745f1039f1491c938f30d],
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect64.dll, Quarantined, [21d9df894537d95d138ff2b305fc2ed2],
PUP.Optional.IePluginService.A, C:\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe, Quarantined, [da201a4e7efeb97de1e0cea79170d828],
PUP.Optional.MyStartSearch.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mystartsearch.xml, Quarantined, [6b8f5e0a4438a88e30222c394db6f50b],
PUP.Optional.Astromenda.A, C:\Windows\Tasks\WSE_Astromenda.job, Delete-on-Reboot, [c53578f0b0cc7abc0dd677eecf348f71],
PUP.Optional.Goobzo, C:\ProgramData\SearchModule\smhe.js, Quarantined, [58a2f474106c16203957284b3ec5e020],
PUP.Optional.Astromenda, C:\Users\Meynard\AppData\Roaming\Mozilla\Firefox\Profiles\074dj3o6.default\searchplugins\Astromenda.xml, Quarantined, [8476e97f8cf079bdba39541f7f840cf4],
PUP.Optional.Astromenda, C:\Users\Meynard\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]\searchplugins\Astromenda.xml, Quarantined, [64969ecabdbf68ce688b334017ecb848],
PUP.Optional.Astromenda, C:\Users\Meynard\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\Astromenda.xml, Quarantined, [5d9d0e5adba12c0a08ebf083c93a3bc5],
PUP.Optional.BitGuard.A, C:\Windows\System32\Tasks\BitGuard, Quarantined, [20daf96fc5b7f93d50eff58b31d244bc],
PUP.Optional.BProtector.A, C:\Users\Meynard\AppData\Roaming\Mozilla\Firefox\Profiles\074dj3o6.default\bprotector_extensions.sqlite, Quarantined, [78822444116b68cea43bb2e511f2669a],
PUP.Optional.BProtector.A, C:\Users\Meynard\AppData\Roaming\Mozilla\Firefox\Profiles\074dj3o6.default\bprotector_prefs.js, Quarantined, [13e7f870d5a7a2948a56bfd873900af6],
PUP.Optional.WebSearch.A, C:\Users\Meynard\AppData\Roaming\Mozilla\Firefox\Profiles\074dj3o6.default\searchplugins\Web Search.xml, Quarantined, [5b9f0167ef8d0b2b9e3a3860ed166799],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\1.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\a.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\b.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\c.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\d.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\e.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\f.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\g.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\h.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\i.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\j.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\k.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\l.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\m.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\n.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\o.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\p.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\q.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\r.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\s.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\t.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\u.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\v.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\w.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\x.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\y.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.PriceGong.A, C:\Users\Meynard\AppData\LocalLow\PriceGong\Data\z.txt, Quarantined, [5d9d076194e864d204e8a389fc07c13f],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\hk64tbuTor.dll, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\hktbuTor.dll, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\ldrtbuTor.dll, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\tbuTor.dll, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\ThirdPartyComponents.xml, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\toolbar.cfg, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_53_307_CT3072253_images_634514692184142958_20PX_png.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_main_menu_options_gif.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_main_menu_privacy_gif.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_main_menu_refresh_gif.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_main_menu_shrink_gif.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_main_menu_tell_a_friend_gif.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_main_menu_upgrade_gif.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_Menu_uninstall-icon_png.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_SearchEngines_images_search_gif.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_SearchEngines_news_icon_gif.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_searchengines_search_icon_gif.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_searchengines_softonic_gif.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_SearchEngines_tfd_gif.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_SearchEngines_video_gif.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Upgrade_png.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_eula_png.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_main_menu_about_gif.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_main_menu_clear_history_gif.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_main_menu_contact_gif.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_main_menu_help_gif.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_53_307_CT3072253_Images_634520779497696087_png.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\CacheIcons\http___storage_conduit_com_images_main_menu_home_page_gif.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\RoundedCornersIE9.css, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\DialogsAPI.js, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\excanvas.js, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\generalDialogStyle.css, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\PIE.htc, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\RoundedCorners.css, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\settings.js, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\version.txt, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\AddedAppDialog\app-added.js, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\DefualtImages\icon.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\DetectedAppDialog\app-2go.js, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\EngineFirstTimeDialog\EngineFirstTimeDialog.js, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\EngineFirstTimeDialog\right-click.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\NewSearchProtectorDialog\SearchProtector.css, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\NewSearchProtectorDialog\SearchProtector.js, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\NewSearchProtectorDialog\images\ok-button.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\NewSearchProtectorDialog\images\separation-line.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\NewSearchProtectorDialog\images\warning.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorBubbleDialog\bubble.css, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorBubbleDialog\bubble.js, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorBubbleDialog\images\information.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorBubbleDialog\images\x-default-LTR.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorBubbleDialog\images\x-default-RTL.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-LTR.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-RTL.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorDialog\SearchProtector.css, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorDialog\SearchProtector.js, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorDialog\Images\info.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorDialog\Images\ok-on.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorDialog\Images\ok.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.css, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.js, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.jpg, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorRetakeoverDialog\Images\info.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorRetakeoverDialog\Images\ok-on.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\SearchProtectorRetakeoverDialog\Images\ok.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.css, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.js, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\ToolbarFirstTimeDialog\images\app-store-icon.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\ToolbarFirstTimeDialog\images\arrow.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\ToolbarFirstTimeDialog\images\divider.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\ToolbarFirstTimeDialog\images\emailNotifier.gif, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\ToolbarFirstTimeDialog\images\facebook.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\ToolbarFirstTimeDialog\images\radio.GIF, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\ToolbarFirstTimeDialog\images\Thumbs.db, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\ToolbarFirstTimeDialog\images\truste_welcome.GIF, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\ToolbarFirstTimeDialog\images\weather.GIF, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\ToolbarUntrustedAppsApprovalDialog\ToolbarUntrustedAppsApprovalDialog.js, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\UntrustedAddedAppDialog\UT-app-dialog-added.js, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\UntrustedAppApprovalDialog\UT-app-dialog-needs-your-approval.js, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Dialogs\UntrustedAppPendingDialog\UT-app-dialog-is-waiting.js, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=GottenApps&locale=en&ctid=CT3289075.xml, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=OtherApps&locale=en&ctid=CT3289075.xml, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=SharedApps&locale=en&ctid=CT3289075.xml, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=en&ctid=CT3289075.xml, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\manifest.xml, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGong_16.png, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Repository\conduit_CT3289075_CT3289075\AppsMetaData\data.bck.txt, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Repository\conduit_CT3289075_CT3289075\AppsMetaData\data.txt, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Repository\conduit_CT3289075_CT3289075\DynamicDialogs\data.txt, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Repository\conduit_CT3289075_CT3289075\ToolbarLogin\data.txt, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Repository\conduit_CT3289075_CT3289075\ToolbarSettings\data.txt, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\Repository\conduit_CT3289075_en\ToolbarTranslation\data.txt, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.UTorrentControl.A, C:\Users\Meynard\AppData\LocalLow\uTorrentControl_v6\SearchInNewTab\SearchInNewTabContent.xml, Quarantined, [7b7ff6727507c76f8d02062acd3613ed],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, Quarantined, [34c6e286b0ccc47235bc2c129073827e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\HpUI.exe, Delete-on-Reboot, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\ient.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader32.exe, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Delete-on-Reboot, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\bk_shadow.png, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\btn.png, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\close.png, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml.bak, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_box.png, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_check.png, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_bk.png, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_check.png, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit-ie8.js, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit2.0.js, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, Quarantined, [3dbd4622fa8291a5441688bfb0539967],
PUP.Optional.Astromenda.A, C:\Users\Meynard\AppData\Roaming\Astromenda\icons_2.21.18.4\ctr.ico, Quarantined, [b9419cccdba17cba6d9c7cce1be8b14f],
PUP.Optional.Astromenda, C:\Program Files (x86)\Astromenda\astcnfg.dat, Quarantined, [98626afe0c702a0c42faf7559d6659a7],
PUP.Optional.Astromenda, C:\Program Files (x86)\Astromenda\FavIcon.ico, Quarantined, [98626afe0c702a0c42faf7559d6659a7],
PUP.Optional.Astromenda, C:\Program Files (x86)\Astromenda\Sqlite3.dll, Quarantined, [98626afe0c702a0c42faf7559d6659a7],
PUP.Optional.Astromenda, C:\Program Files (x86)\Astromenda\uninst.dat, Quarantined, [98626afe0c702a0c42faf7559d6659a7],
PUP.Optional.Astromenda, C:\Program Files (x86)\Astromenda\uninstall.exe, Quarantined, [98626afe0c702a0c42faf7559d6659a7],
PUP.Optional.Astromenda.A, C:\Users\Meynard\AppData\Roaming\WSE_Astromenda\UpdateProc\bkup.dat, Quarantined, [5b9f3335285460d6173ef8544eb5619f],
PUP.Optional.Astromenda.A, C:\Users\Meynard\AppData\Roaming\WSE_Astromenda\UpdateProc\config.dat, Quarantined, [5b9f3335285460d6173ef8544eb5619f],
PUP.Optional.Astromenda.A, C:\Users\Meynard\AppData\Roaming\WSE_Astromenda\UpdateProc\info.dat, Quarantined, [5b9f3335285460d6173ef8544eb5619f],
PUP.Optional.Astromenda.A, C:\Users\Meynard\AppData\Roaming\WSE_Astromenda\UpdateProc\STTL.DAT, Quarantined, [5b9f3335285460d6173ef8544eb5619f],
PUP.Optional.Astromenda.A, C:\Users\Meynard\AppData\Roaming\WSE_Astromenda\UpdateProc\TTL.DAT, Quarantined, [5b9f3335285460d6173ef8544eb5619f],
PUP.Optional.Astromenda.A, C:\Users\Meynard\AppData\Local\Astromenda\data, Quarantined, [9c5e4f19fc806dc9f5d7530a7a89c13f],
PUP.Optional.Astromenda.A, C:\Users\Meynard\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ "http://astromenda.com/?f=7&a=ast_ir_14_50_ff&cd=2XzuyEtN2Y1L1QzutDtDtCzy0D0BtBzy0FtC0FtD0C0A0EzztN0D0Tzu0SzyyDtAtN1L2XzutBtFtBtCtFtCzztFyEtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0DyBtD0ByDzz0DtGzztBzzzytG0AyBtAzztG0DtC0E0BtGyBzztB0B0ByDtAtAyD0F0D0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBzyyBtAtAzztByBtGzy0A0FtCtGtByCtD0AtGtCyEtAyCtGyE0BtDtA0A0FtB0DzyyD0ByE2Q&cr=1962842435&ir=" ],), Replaced,[ac4e1a4ebcc07bbb9bb64a7013f21ae6]
PUP.Optional.Astromenda.A, C:\Users\Meynard\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (   "homepage": "http://astromenda.com/?f=1&a=ast_ir_14_50_ff&cd=2XzuyEtN2Y1L1QzutDtDtCzy0D0BtBzy0FtC0FtD0C0A0EzztN0D0Tzu0SzyyDtAtN1L2XzutBtFtBtCtFtCzztFyEtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0DyBtD0ByDzz0DtGzztBzzzytG0AyBtAzztG0DtC0E0BtGyBzztB0B0ByDtAtAyD0F0D0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBzyyBtAtAzztByBtGzy0A0FtCtGtByCtD0AtGtCyEtAyCtGyE0BtDtA0A0FtB0DzyyD0ByE2Q&cr=1962842435&ir=",), Replaced,[fffb392fd1abd85ed87a04b62fd60af6]
PUP.Optional.Conduit.A, C:\Users\Meynard\AppData\Roaming\Mozilla\Firefox\Profiles\074dj3o6.default\prefs.js, Good: (), Bad: (user_pref("CT3289075.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"http://search.conduit.com/?ctid=CT3289075&octid=CT3289075&SearchSource=15&CUI=UN41268449741081731&SSPV=&Lay=1&UM=1\"}");), Replaced,[17e30d5bc3b900364a969229f015ec14]

Physical Sectors: 0
(No malicious items detected)


(end)


FIFTH LOG

 

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2014.12.30.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17041
Meynard :: MEYNARD-PC [administrator]

12/30/2014 2:32:43 PM
mbar-log-2014-12-30 (14-32-43).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 358617
Time elapsed: 37 minute(s), 53 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 



#9 Michirin

Michirin
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Philippines
  • Local time:09:27 AM

Posted 30 December 2014 - 02:42 AM

SIXTH LOG

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.08.2.1001

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17041

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.862000 GHz
Memory total: 1609031680, free: 172630016

Downloaded database version: v2014.12.30.02
Downloaded database version: v2014.12.29.02
Downloaded database version: v2014.12.06.01
Initializing...
======================
------------ Kernel report ------------
     12/30/2014 14:32:16
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\tvtasg.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\trufos.sys
\SystemRoot\system32\DRIVERS\FLTMGR.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\viaide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\avc3.sys
\SystemRoot\system32\DRIVERS\gzflt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\uagp35.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\??\c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
\??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\bdvedisk.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\fet6x64.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\mouclass.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\avchv.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\snpstd3.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\DeNoiseX64.SYS
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\avckf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\??\C:\Windows\system32\drivers\mwac.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\kernel32.dll
\Windows\System32\psapi.dll
\Windows\System32\user32.dll
\Windows\System32\msctf.dll
\Windows\System32\lpk.dll
\Windows\System32\oleaut32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\normaliz.dll
\Windows\System32\wininet.dll
\Windows\System32\urlmon.dll
\Windows\System32\shell32.dll
\Windows\System32\usp10.dll
\Windows\System32\comdlg32.dll
\Windows\System32\nsi.dll
\Windows\System32\difxapi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\Wldap32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\sechost.dll
\Windows\System32\msvcrt.dll
\Windows\System32\imagehlp.dll
\Windows\System32\iertutil.dll
\Windows\System32\advapi32.dll
\Windows\System32\imm32.dll
\Windows\System32\gdi32.dll
\Windows\System32\setupapi.dll
\Windows\System32\ole32.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\wintrust.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xfffffa80032a1060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000007c\
Lower Device Object: 0xfffffa800328b760
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa800329b790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000007b\
Lower Device Object: 0xfffffa8003280990
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa800329c060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000007a\
Lower Device Object: 0xfffffa800327eb60
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80021a8410
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xfffffa8001c96060
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80021a8410, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80021ad040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80021a8410, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8001c90520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8001c96060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 69B7DAEC

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 156280257
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 80025280000 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xfffffa800329c060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800282f790, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800329c060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800327eb60, DeviceName: \Device\0000007a\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xfffffa800329b790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800325b310, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800329b790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8003280990, DeviceName: \Device\0000007b\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xfffffa80032a1060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80032a1b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80032a1060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800328b760, DeviceName: \Device\0000007c\, DriverName: \Driver\USBSTOR\
------------ End ----------
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-63-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
 


FINAL LOG

 

Rkill 2.6.9 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/30/2014 03:27:35 PM in x64 mode.
Windows Version: Windows 7 Home Basic Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

 * Windows Firewall Disabled

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  activate.adobe.com

Program finished at: 12/30/2014 03:31:18 PM
Execution time: 0 hours(s), 3 minute(s), and 43 seconds(s)
 



#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:27 PM

Posted 30 December 2014 - 04:48 PM

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

p22002970.gif Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


p22002970.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


p22002970.gif Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 Michirin

Michirin
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Philippines
  • Local time:09:27 AM

Posted 31 December 2014 - 05:30 AM

FIRST LOG

 

# AdwCleaner v4.106 - Report created 31/12/2014 at 15:10:38
# Updated 21/12/2014 by Xplode
# Database : 2014-12-30.1 [Live]
# Operating System : Windows 7 Home Basic Service Pack 1 (64 bits)
# Username : Meynard - MEYNARD-PC
# Running from : C:\Users\Meynard\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\RegClean
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Yahoo! Companion
Folder Deleted : C:\Program Files (x86)\SiteLookup
Folder Deleted : C:\Program Files (x86)\SmartTweak
Folder Deleted : C:\Users\Meynard\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Meynard\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Meynard\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Meynard\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\Meynard\AppData\Roaming\mystartsearch
Folder Deleted : C:\Users\Meynard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
File Deleted : C:\END
File Deleted : C:\Users\Meynard\AppData\Roaming\Mozilla\Firefox\Profiles\074dj3o6.default\user.js
File Deleted : C:\Users\Meynard\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
File Deleted : C:\Users\Meynard\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : BitGuard
Task Deleted : WSE_Astromenda

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\d
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKCU\Software\532888de76db949
Key Deleted : HKLM\SOFTWARE\532888de76db949
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289075
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Deleted : HKCU\Software\Astromenda
Key Deleted : HKCU\Software\BABSOLUTION
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Delta
Key Deleted : HKLM\SOFTWARE\GoforFiles
Key Deleted : HKLM\SOFTWARE\Goobzo
Key Deleted : HKLM\SOFTWARE\InstallCore
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-0409-0000-0000000FF1CE}
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v34.0.5 (x86 en-US)

[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.FirstTime", "true");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.FirstTimeFF3", "true");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.UserID", "UN41268449741081731");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.addressBarTakeOverEnabledInHidden", "true");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.appOptions", "{\"130064539390245153\":{\"render\":true,\"disabled\":true,\"appGuid\":\"\",\"appClientGuid\":\"\",\"isPersonalApp\":false}}");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.countryCode", "PH");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.defaultSearch", "false");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.embeddedsData", "[{\"appId\":\"130064539389933152\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.enableAlerts", "true");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.enableSearchFromAddressBar", "false");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.firstTimeDialogOpened", "true");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.fixPageNotFoundError", "false");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.fixPageNotFoundErrorByUser", "false");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.fixPageNotFoundErrorInHidden", "true");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.fullUserID", "UN41268449741081731.IN.20140128200422");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.installType", "conduitnsisintegration");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.isCheckedStartAsHidden", true);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.isFirstTimeToolbarLoading", "false");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3289075&octid=CT3289075&SearchSource=15&CUI=UN41268449741081731&SSPV=&Lay=1&UM=1\"}");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.lastVersion", "10.23.0.722");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"memorable scene\",\"EB_MAIN_FRAME_URL\":\"hxxps%3A%2F%2Fwww.facebook.com%2F8FactAnime\",\"EB_MAIN_FRAME_TITLE\":\"8fact%20Anime\",\"[...]
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.openThankYouPage", "false");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.openUninstallPage", "true");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.revertSettingsEnabled", "false");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.search.searchAppId", "130064539389933152");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.search.searchCount", "0");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.searchInNewTabEnabledByUser", "false");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.searchInNewTabEnabledInHidden", "true");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.searchSuggestEnabledByUser", "false");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.searchUninstallUserMode", "1");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.searchUserMode", "1");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"3\"}");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3289075\"}");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv6.OurToolbar.com//xpi\"}");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v6 \"}");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_Configuration_lastUpdate", "1390988757700");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1390978777046");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_appsMetadata_lastUpdate", "1390978775212");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1390978776723");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_login_10.23.0.722_lastUpdate", "1390993182465");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1390978777341");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_searchAPI_lastUpdate", "1390988758181");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_serviceMap_lastUpdate", "1390988756797");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_setupAPI_lastUpdate", "1390988757308");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_toolbarContextMenu_lastUpdate", "1390978775231");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_toolbarSettings_lastUpdate", "1391000369116");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.serviceLayer_services_translation_lastUpdate", "1390978778784");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.settingsINI", true);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.shouldFirstTimeDialog", "false");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.showToolbarPermission", "false");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.smartbar.CTID", "CT3289075");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.smartbar.Uninstall", "0");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.smartbar.toolbarName", "uTorrentControl_v6 ");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.startPage", "false");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.toolbarBornServerTime", "29-1-2014");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.toolbarCurrentServerTime", "29-1-2014");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.toolbarInstallDate", "29-01-2014 14:59:20");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075.toolbarLoginClientTime", "Wed Jan 29 2014 14:59:38 GMT+0800 (China Standard Time)");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("CT3289075_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1390998609288,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("browser.search.hiddenOneOffs", "mystartsearch");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Delta Search");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 2);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("smartbar.machineId", "I+KSMVNSKEQUJQFN2LHIM73LONTFHERZ5L2T6TM0CN+PEO0ULAQIIPGQXUBLRW0HXR8TBKFWYVHVNFVCZ2AJUA");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E+x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E+x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E,x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E,x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E-x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E-x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E.:2z527", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E.:2z527.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E.x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E.x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E/x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E/x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E06CG5EL8:", "6E6D68726A6D6D6E7072");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E06CG5EL8:.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E06CG5EL;8I:K", "247E2D2F226A74736E78707373747678242F4B49474F42357D5D5C3D");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E06CG5EL;8I:K.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E0x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E0x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E1x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E1x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E2x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E2x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E3x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E3x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E4x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E4x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E5x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E5x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E6x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E6x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E7x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E7x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E8x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E8x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E9x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E9x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E:x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E:x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E;x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E;x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E<x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E<x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E=x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E=x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E>x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E>x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E?x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E?x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E@x305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7E@x305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7EAx305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7EAx305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7EBE3G=;D9N9=D.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7EBx305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7EBx305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7ECx305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7ECx305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7EDx305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7EDx305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7Etx305", "2423");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B+7Etx305.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B-0?3G>D", "396969716A74416D7A71447979207A4A207C254E2425532A2153582A2B585A592A2B2B5E");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B-0?3G>D.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B-0?3G@6:5;", "");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B-0?3G@6:5;.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B-0?3GFA7EF", "2B2E2C3D");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B-0?3GFA7EF.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B-3=3ECCJA=F>", "247E333D2C452F4135276F297B7E7D21202F26313E4249357D37382F3A494D5D513F283338435D6554695B65546D57695D5D686365533C70766C66755E");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B-3=3ECCJA=F>.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B/>01=9A6K6<IM;KRIE@PDAWM", "6E6A68707374757677");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B/>01=9A6K6<IM;KRIE@PDAWM.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B3=>@44I48?.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B5BA==9CJAG", "66683C3F406D416F7A42767279774A7D7878217952");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B5BA==9CJAG.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B6B11G4C56B>F;P;ANR@P", "6E6D68726A6D6D6D7574707377");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B6B11G4C56B>F;P;ANR@P.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B9643G3/9E", "6A");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B9643G3/9E.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B;45>:BI9I7IE", "2B2E2C3D");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B;45>:BI9I7IE.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B<:222H64<", "393F352F3E");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B<:222H64<.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B<:222H64<L8DAJ", "6D70706E76747479756F2A7A74727D7D75207B");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B<:222H64<L8DAJ.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B=+03EH8H8J?:", "4443");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B=+03EH8H8J?:.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B?+E2A52D8.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B?B0D:8AJ62<H", "6D");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9B?B0D:8AJ62<H.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9BA@0<0BI6A7GN:6@L?", "6C");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075./9BA@0<0BI6A7GN:6@L?.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.PG_ENABLE", "74727565");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.PG_ENABLE.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.SF_JUST_INSTALLED", "46414C5345");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.SF_JUST_INSTALLED.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.SF_STATUS", "454E41424C4544");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.SF_STATUS.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.SF_USER_ID", "6369645F32393132303134313538333736363631383235");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.SF_USER_ID.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075._key_cl_active", "34643666383536662D303838312D343166662D626635312D663931323934613631346634");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075._key_cl_active.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.cb_experience_000", "37");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.cb_experience_000.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.cb_user_id_000", "43423932343639373036383335385F313339303938343232393535315F46697265666F78");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.cb_user_id_000.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.cbfirsttime", "576564204A616E20323920323031342031353A30383A333020474D542B3038303020284368696E61205374616E646172642054696D6529");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.cbfirsttime.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_appStateReportTime", "31333930393933313839363939");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_appStateReportTime.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_appState_Clarity_Active", "6F6E");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_appState_Clarity_Active.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_appState_CouponBuddy", "6F6E");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_appState_CouponBuddy.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_appState_Easytobook", "6F6E");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_appState_Easytobook.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_appState_Easytobook_targeted", "6F6E");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_appState_Easytobook_targeted.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_appState_PriceGong", "6F6E");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_appState_PriceGong.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_appState_WindowShopper", "6F6E");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_appState_WindowShopper.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_appsConfig.storedInFile", true);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_appsDefaultEnabled", "74727565");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_appsDefaultEnabled.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_calledSetupService", "31");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_calledSetupService.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_currentVersion", "312E31322E302E35");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_currentVersion.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_eventsCache", "7B2237313537323266362D633438372D343535322D383935362D313632346434646462643130223A7B22746F706963223A2273656E645573616765222C2264617461223A7B226361746[...]
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_eventsCache.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_existingUsersRecoveryDone", "31");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_existingUsersRecoveryDone.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_first_time", "31");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_first_time.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_gadgetOpen", "30");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_gadgetOpen.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_lastLoginTime", "31333930393933313934373433");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_lastLoginTime.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_localization.storedInFile", true);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_mamEnabled", "66616C7365");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_mamEnabled.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_migrated_from_ls", "31");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_migrated_from_ls.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_new_welcome_experience", "31");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_new_welcome_experience.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_settings1.12.0.5.storedInFile", true);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_showWelcomeGadget", "74727565");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_showWelcomeGadget.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_stamp", "38345F30");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_stamp.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_userId", "64336133313732612D656465662D343466662D396438382D323939633966373131623734");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_userId.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_user_approval_interacted", "31");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_user_approval_interacted.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_welcomeDialogMode", "31");
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.mam_gk_welcomeDialogMode.storedInFile", false);
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.url_history0001", "68747470733A2F2F7777772E676F6F676C652E636F6D3A3A3A636C69636B68616E646C65723A3A3A313339303937393332303039352C2C2C68747470733A2F2F7777772E676F6F676C652E[...]
[074dj3o6.default\prefs.js] - Line Deleted : user_pref("valueApps.CT3289075.url_history0001.storedInFile", true);

-\\ Google Chrome v

[C:\Users\Meynard\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://astromenda.com/?results.php?&q={searchTerms}&f=4&a=ast_ir_14_50_ff&cd=2XzuyEtN2Y1L1QzutDtDtCzy0D0BtBzy0FtC0FtD0C0A0EzztN0D0Tzu0SzyyDtAtN1L2XzutBtFtBtCtFtCzztFyEtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0DyBtD0ByDzz0DtGzztBzzzytG0AyBtAzztG0DtC0E0BtGyBzztB0B0ByDtAtAyD0F0D0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBzyyBtAtAzztByBtGzy0A0FtCtGtByCtD0AtGtCyEtAyCtGyE0BtDtA0A0FtB0DzyyD0ByE2Q&cr=1962842435&ir=
[C:\Users\Meynard\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=PH&userid=a4a4b97e-7ba1-45df-a536-07edfce87f38&searchtype=ds&q={searchTerms}&installDate=20/09/2013
[C:\Users\Meynard\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=84FD0019DB29F1F0
[C:\Users\Meynard\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1419598910&from=amt&uid=ST380215AS_9RW4SMEXXXXX9RW4SMEX&q={searchTerms}
[C:\Users\Meynard\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1419598910&from=amt&uid=ST380215AS_9RW4SMEXXXXX9RW4SMEX&q={searchTerms}

*************************

AdwCleaner[R0].txt - [35316 octets] - [31/12/2014 15:06:31]
AdwCleaner[S0].txt - [37392 octets] - [31/12/2014 15:10:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [37453 octets] ##########
 



#12 Michirin

Michirin
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Philippines
  • Local time:09:27 AM

Posted 31 December 2014 - 05:32 AM

SECOND LOG

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Basic x64
Ran by Meynard on 12/31/2014 Wed at 15:25:25.49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted the following from C:\Users\Meynard\AppData\Roaming\mozilla\firefox\profiles\074dj3o6.default\prefs.js

user_pref("valueApps.storage.mam_gk_userId", "64336133313732612D656465662D343466662D396438382D323939633966373131623734");
Emptied folder: C:\Users\Meynard\AppData\Roaming\mozilla\firefox\profiles\074dj3o6.default\minidumps [103 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/31/2014 Wed at 15:36:01.14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 



#13 Michirin

Michirin
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Philippines
  • Local time:09:27 AM

Posted 31 December 2014 - 05:33 AM

FINAL LOG

 

2014-12-31 08:00:15.157    Sophos Virus Removal Tool version 2.5.4
2014-12-31 08:00:15.157    Copyright © 2009-2014 Sophos Limited. All rights reserved.

2014-12-31 08:00:15.157    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2014-12-31 08:00:15.157    Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 WOW64
2014-12-31 08:00:15.157    Checking for updates...
2014-12-31 08:00:19.189    Update progress: proxy server not available
2014-12-31 08:00:28.300    Option all = no
2014-12-31 08:00:28.300    Option recurse = yes
2014-12-31 08:00:28.300    Option archive = no
2014-12-31 08:00:28.300    Option service = yes
2014-12-31 08:00:28.300    Option confirm = yes
2014-12-31 08:00:28.300    Option sxl = yes
2014-12-31 08:00:28.300    Option max-data-age = 35
2014-12-31 08:00:28.300    Option EnableSafeClean = yes
2014-12-31 08:00:30.050    Option vdl-logging = yes
2014-12-31 08:00:30.144    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2014-12-31 08:00:30.144    Machine ID:    1a933017052846059d8467a0fb51fe45
2014-12-31 08:00:30.144    Component SVRTcli.exe version 2.5.4
2014-12-31 08:00:30.144    Component control.dll version 2.5.4
2014-12-31 08:00:30.144    Component SVRTservice.exe version 2.5.4
2014-12-31 08:00:30.144    Component engine\osdp.dll version 1.44.1.2183
2014-12-31 08:00:30.144    Component engine\veex.dll version 3.58.3.2183
2014-12-31 08:00:30.144    Component engine\savi.dll version 8.1.5.2183
2014-12-31 08:00:30.144    Component rkdisk.dll version 1.5.30.0
2014-12-31 08:00:30.144    Version info:    Product version    2.5.4
2014-12-31 08:00:30.144    Version info:    Detection engine    3.58.3
2014-12-31 08:00:30.144    Version info:    Detection data    5.08
2014-12-31 08:00:30.144    Version info:    Build date    2014/11/11
2014-12-31 08:00:30.144    Version info:    Data files added    487
2014-12-31 08:00:30.144    Version info:    Last successful update    (not yet updated)
2014-12-31 08:02:35.039    Downloading updates...
2014-12-31 08:02:35.039    Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0
2014-12-31 08:02:35.039    Update progress: [I49502] Found supplement SAVIW32 LATEST
2014-12-31 08:02:35.039    Update progress: [I49502] Found supplement IDE509 LATEST
2014-12-31 08:02:35.039    Update progress: [I49502] Found supplement IDE510 LATEST
2014-12-31 08:02:35.039    Update progress: [I49502] Found supplement IDE511 LATEST
2014-12-31 08:02:35.039    Update progress: [I49502] Found supplement IDE512 LATEST
2014-12-31 08:02:35.039    Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2014-12-31 08:02:35.039    Update progress: [I19463] Syncing product SAVIW32 48
2014-12-31 08:03:09.771    Update progress: [I19463] Syncing product IDE509 177
2014-12-31 08:03:38.211    Installing updates...
2014-12-31 08:03:39.227    Error level 1
2014-12-31 08:03:39.399    Update progress: [I19463] Syncing product IDE510 179
2014-12-31 08:03:39.399    Update progress: [I19463] Syncing product IDE511 134
2014-12-31 08:03:39.399    Update progress: [I19463] Syncing product IDE512 1
2014-12-31 08:03:55.378    Update successful
2014-12-31 08:04:09.865    Option all = no
2014-12-31 08:04:09.865    Option recurse = yes
2014-12-31 08:04:09.865    Option archive = no
2014-12-31 08:04:09.865    Option service = yes
2014-12-31 08:04:09.865    Option confirm = yes
2014-12-31 08:04:09.865    Option sxl = yes
2014-12-31 08:04:09.880    Option max-data-age = 35
2014-12-31 08:04:09.880    Option EnableSafeClean = yes
2014-12-31 08:04:10.037    Option vdl-logging = yes
2014-12-31 08:04:10.052    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2014-12-31 08:04:10.052    Machine ID:    1a933017052846059d8467a0fb51fe45
2014-12-31 08:04:10.052    Component SVRTcli.exe version 2.5.4
2014-12-31 08:04:10.052    Component control.dll version 2.5.4
2014-12-31 08:04:10.052    Component SVRTservice.exe version 2.5.4
2014-12-31 08:04:10.052    Component engine\osdp.dll version 1.44.1.2183
2014-12-31 08:04:10.052    Component engine\veex.dll version 3.58.3.2183
2014-12-31 08:04:10.052    Component engine\savi.dll version 8.1.5.2183
2014-12-31 08:04:10.052    Component rkdisk.dll version 1.5.30.0
2014-12-31 08:04:10.052    Version info:    Product version    2.5.4
2014-12-31 08:04:10.052    Version info:    Detection engine    3.58.3
2014-12-31 08:04:10.052    Version info:    Detection data    5.08G
2014-12-31 08:04:10.052    Version info:    Build date    2014/11/11
2014-12-31 08:04:10.052    Version info:    Data files added    487
2014-12-31 08:04:10.052    Version info:    Last successful update    2014/12/31 16:03:55

2014-12-31 09:22:09.855    Could not open C:\Boot\BCD
2014-12-31 09:22:12.982    Could not open C:\hiberfil.sys
2014-12-31 09:37:27.911    Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-12-31 09:37:27.911    Could not open C:\System Volume Information\{70e35811-90bc-11e4-be17-0019db29f1f0}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-12-31 09:38:04.749    >>> Virus 'Troj/Inject-BFS' found in file C:\Users\Meynard\AppData\Local\587109dsisetup5962961.exe
2014-12-31 09:38:04.749    >>> Virus 'Troj/Inject-BFS' found in file HKU\S-1-5-21-1943401559-2002157773-1054815444-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2014-12-31 09:38:04.749    >>> Virus 'Troj/Inject-BFS' found in file HKU\S-1-5-21-1943401559-2002157773-1054815444-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2014-12-31 09:51:58.219    Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2014-12-31 09:51:58.235    Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2014-12-31 09:52:04.485    Could not open C:\Windows\System32\config\RegBack\DEFAULT
2014-12-31 09:52:04.532    Could not open C:\Windows\System32\config\RegBack\SAM
2014-12-31 09:52:04.532    Could not open C:\Windows\System32\config\RegBack\SECURITY
2014-12-31 09:52:04.547    Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2014-12-31 09:52:04.547    Could not open C:\Windows\System32\config\RegBack\SYSTEM
2014-12-31 10:20:00.076    Could not open LOGICAL:0004:00000000
2014-12-31 10:20:00.091    Could not open E:\
2014-12-31 10:20:00.107    Could not open LOGICAL:0005:00000000
2014-12-31 10:20:00.123    Could not open F:\
2014-12-31 10:20:00.138    Could not open LOGICAL:0006:00000000
2014-12-31 10:20:00.154    Could not open G:\
2014-12-31 10:20:00.357    Could not open PHYSICAL:0081:0000:0000:0001
2014-12-31 10:20:00.373    Could not open PHYSICAL:0082:0000:0000:0001
2014-12-31 10:20:00.373    Could not open PHYSICAL:0083:0000:0000:0001
2014-12-31 10:20:00.733    The following items will be cleaned up:
2014-12-31 10:20:00.733    Troj/Inject-BFS
 



#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:27 PM

Posted 31 December 2014 - 04:50 PM

How is computer doing?

 

Update Adobe Flash Player: http://get.adobe.com/flashplayer/
Make sure you UN-check Yes, install McAfee Security Scan Plus

NOTE 1: Beginning with Adobe Flash Version 11.3, the universal installer includes the 32-bit and 64-bit versions of the Flash Player.
NOTE 2: While installing make sure you UN-check any extra garbage which wants to install alongside.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#15 Michirin

Michirin
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Philippines
  • Local time:09:27 AM

Posted 01 January 2015 - 05:17 AM

Update done.

 

Whenever I open the computer, the IE still shows up on task manager but it doesn't show up anymore when I end it. It just shows up again when I open/restart the computer.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users