Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cleaned my computer, now the performance is poor


  • Please log in to reply
17 replies to this topic

#1 bjohnson1982

bjohnson1982

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:09:23 PM

Posted 29 March 2015 - 01:35 AM

Hi,

I have a Toshiba Satellite L675 running Windows 7 Home.  I recently attempted to take apart my computer and clean it.  Now that I've put it back together it's running poor.  While browsing the internet it freezes quickly.  It seems to get overwhelmed quickly.  When it's not, it runs fine.  It doesn't run slow all the time.  When I was taking it apart I did remove the memory.  I'm wondering if in the process of taking some of the hardware apart I may have damaged something or when removing the memory or reinstalling it I did something incorrectly.  Any tips or guidance is greatly appreciated.  Thank you.



BC AdBot (Login to Remove)

 


m

#2 hamluis

hamluis

    Moderator


  • Moderator
  • 54,863 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:23 PM

Posted 29 March 2015 - 01:24 PM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post.
 
Louis



#3 bjohnson1982

bjohnson1982
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:09:23 PM

Posted 29 March 2015 - 04:14 PM

Thank you for your time and assistance:

MiniToolBox:

 

MiniToolBox by Farbar  Version: 09-03-2015
Ran by Beejous (administrator) on 29-03-2015 at 16:07:39
Running from "C:\Users\Beejous\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: Satellite L675 Manufacturer: TOSHIBA
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/29/2015 08:08:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12075

Error: (03/29/2015 08:08:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12075

Error: (03/29/2015 02:10:35 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/29/2015 01:06:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1987234

Error: (03/29/2015 01:06:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1987234

Error: (03/29/2015 01:06:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/29/2015 01:06:21 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1986220

Error: (03/29/2015 01:06:21 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1986220

Error: (03/29/2015 01:06:21 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/29/2015 01:06:20 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1985175


System errors:
=============
Error: (03/29/2015 08:08:08 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (03/27/2015 05:57:37 PM) (Source: Service Control Manager) (User: )
Description: The AVG WatchDog service terminated with service-specific error %%-536805315.

Error: (03/27/2015 05:54:58 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.

Error: (03/27/2015 05:52:59 PM) (Source: DCOM) (User: )
Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}

Error: (03/27/2015 04:06:38 PM) (Source: Service Control Manager) (User: )
Description: The AVG WatchDog service terminated with service-specific error %%-536805315.

Error: (03/26/2015 00:49:55 PM) (Source: Service Control Manager) (User: )
Description: The AVG WatchDog service terminated with service-specific error %%-536805315.

Error: (03/26/2015 00:05:26 PM) (Source: Service Control Manager) (User: )
Description: The AVG WatchDog service terminated with service-specific error %%-536805315.

Error: (03/26/2015 00:05:02 PM) (Source: Application Popup) (User: )
Description: There was error [DATABASE OPEN FAILED] processing the driver database.

Error: (03/26/2015 00:01:57 PM) (Source: Service Control Manager) (User: )
Description: The AVG WatchDog service terminated with service-specific error %%-536805315.

Error: (03/22/2015 00:14:00 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-11-27 22:24:47.594
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-27 22:24:47.500
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-27 22:24:47.407
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-27 22:24:47.297
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-19 09:28:30.625
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Beejous\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-19 09:28:30.567
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Beejous\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-08 06:56:47.744
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-08 06:56:47.697
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-08 06:56:47.666
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-08 06:56:47.619
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.



 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
=========================== Installed Programs ============================
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.)
Adobe Shockwave Player 11.6 (HKLM-x32\...\{FF2A5498-4EFE-430F-A138-7EB365DBEBAD}) (Version: 11.6.1.629 - Adobe Systems, Inc)
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1998142702.48.56.37162218 - Audible, Inc.)
AVG 2012 (HKLM\...\AVG) (Version: 2012.0.1809 - AVG Technologies)
AVG 2012 (Version: 12.0.1809 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2085 - AVG Technologies) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.0.0 - Belkin International, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
COTM Reminder by We-Care.com v4.1.24.2 (HKLM-x32\...\{0228288D-975E-42F7-9993-E91A82E6BBD9}) (Version: 4.1.24.2 - We-Care.com)
Cypherix LE 10 (HKLM-x32\...\cyple10_is1) (Version: 10 - Cypherix Software)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.5.0.15 - DivX, LLC)
DJ_AIO_05_F4400_Software_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
DJ_AIO_06_F2400_SW_Min (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
emWave2 (HKLM-x32\...\emWave22.2.5.4848) (Version: 2.2.5.4848 - Quantum Intech, Inc.)
Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
F2400 (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
F4400 (x32 Version: 140.0.696.000 - Hewlett-Packard) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.82 - WildTangent) Hidden
FTDownloader (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - FTDownloader.com)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}) (Version: 13.0 - HP)
HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5 (HKLM\...\{A800FCC9-8E1E-4D84-9CED-47870701FDE1}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java Auto Updater (x32 Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.290 - Oracle)
Java™ 7 Update 4 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217004FF}) (Version: 7.0.40 - Oracle)
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Jewel Quest 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 2.0.181.2 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{AF5020D9-116A-46AC-A922-087592F37EC9}) (Version: 3.1.8.0 - Apple Inc.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 en-US)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Norton PC Checkup (HKLM-x32\...\Norton PC Checkup_is1) (Version: 3.0.2.90.0 - NortonLive Services)
OpenOffice.org 3.2 (HKLM-x32\...\{5A13987D-55F4-4271-A40E-76AC9B1B38FD}) (Version: 3.2.9502 - OpenOffice.org)
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Quickbooks Financial Center (HKLM-x32\...\{3B843B38-04B1-4CE6-8888-586273E0F289}) (Version: 2.02 - TOSHIBA Corporation)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
R for Windows 3.0.2 (HKLM\...\R for Windows 3.0.2_is1) (Version: 3.0.2 - R Core Team)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0012 - Realtek)
Rosetta Stone Version 3 (HKLM-x32\...\{99011A6E-5200-11DE-BDB8-7ACD56D89593}) (Version: 3.4.5.0 - Rosetta Stone Ltd.)
Safari (HKLM-x32\...\{6D172D0A-B9F1-4046-AFAB-8599288545BF}) (Version: 5.34.55.3 - Apple Inc.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Secunia PSI (2.0.0.4002) (HKLM-x32\...\Secunia PSI) (Version:  - )
Shred 1.06 (HKLM-x32\...\Shred_is1) (Version:  - AcmeBarGig Inc.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
SoulseekQt (HKLM-x32\...\SoulseekQt) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 1.0.2.6.g9977a14b - Spotify AB)
SpywareBlaster 4.6 (HKLM-x32\...\SpywareBlaster_is1) (Version: 4.6.0 - Javacool Software LLC)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
The Weather Channel Desktop 6 (HKLM-x32\...\The Weather Channel Desktop 6) (Version:  - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.0 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.10 - TOSHIBA)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.07.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.6.07.64 - TOSHIBA Corporation) Hidden
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.11.64 - TOSHIBA Corporation)
TOSHIBA eco Utility (Version: 1.2.11.64 - TOSHIBA Corporation) Hidden
TOSHIBA eco Utility (x32 Version: 1.2.11.64 - TOSHIBA Corporation) Hidden
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.6C - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (x32 Version: 1.63.0.6C - TOSHIBA CORPORATION) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.21C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (x32 Version: 1.63.0.21C - TOSHIBA CORPORATION) Hidden
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.3.198 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.5.10 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.38 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.6.06.64 - TOSHIBA Corporation) Hidden
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.9C - TOSHIBA CORPORATION)
TOSHIBA Supervisor Password (x32 Version: 1.63.0.9C - TOSHIBA CORPORATION) Hidden
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.3.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.3.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.3.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 1.9.2 - Tweaking.com)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Utility Common Driver (x32 Version: 1.0.52.1C - TOSHIBA) Hidden
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Veetle TV 0.9.17 (HKLM-x32\...\Veetle TV) (Version: 0.9.17 - Veetle, Inc)
Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
WebEx (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - WebEx Communications, Inc)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.0.80 - WildTangent)
WildTangent ORB Game Console (x32 Version:  - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinPatrol (HKLM\...\{302A1E2E-DD58-4673-BC99-9CC10EC2637A}) (Version: 24.5.2012 - BillP Studios)
WinRAR 4.01 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.1 - win.rar GmbH)
Zuma's Revenge (x32 Version: 2.2.0.82 - WildTangent) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 83%
Total physical RAM: 1906.67 MB
Available physical RAM: 316.21 MB
Total Pagefile: 5011.34 MB
Available Pagefile: 2559.5 MB
Total Virtual: 4095.88 MB
Available Virtual: 3977.55 MB

========================= Partitions: =====================================

1 Drive c: (TI105837W0G) (Fixed) (Total:454.17 GB) (Free:307.16 GB) NTFS

========================= Users: ========================================

User accounts for \\BRIANS-PC

Administrator            Beejous                  Guest                    


**** End of log ****
 

 

Speccy:

http://speccy.piriform.com/results/2A0ZytCPyPVPwhoOnEciEzC



#4 hamluis

hamluis

    Moderator


  • Moderator
  • 54,863 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:23 PM

Posted 29 March 2015 - 05:01 PM

Thanks :).

 

You say that you took the system "apart"...exactly what did you do, considering that this is a laptop?  Are you experienced at dissassembling laptops?

 

I would expect any system running Win 64-bit with 2GB of RAM...to be slow, depending on svchost processes and other programs running.  There is one svchost process which used approx half of your installed RAM...which is not the way things are supposed to happen.

 

The firewall and your AV are disabled...signature events indicating possible malware, IMO.

 

No critical hotfixes installed since Aug 2014.

 

Topic moved to Am I Infected for a look.

 

Louis



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,239 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:23 PM

Posted 29 March 2015 - 09:33 PM

Hello and looks like we need to run several tools here.

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Hold down Control and click on this link to open ESET Online Scanner in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE: Sometimes if ESET finds no infections it will not create a log.
>>>

51a46ae42d560-malwarebytes_anti_malware.Malwarebytes Anti-Malware
  • Download MalwareBytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.exe to start the installation of Malwarebytes Anti-Malware.
  • Follow the instructions on your screen to complete the installation. You can find the complete installation procedure here.
  • Click the Scan Now button, a threat scan will start automatically.
  • MalwareBytes Anti-Malware will now check for the latest updates. Click Update Now if new updates are available.
  • Your computer is now being scanned, please do not use your computer during the scan.
    • If no threats were found, click View detailed log.
      • Click Export and save the log as a .txt file on your Desktop or another location.
    • If the scan detected any threats, click Apply Actions.
      • To complete any actions taken you will be prompted to restart your computer...click on Yes.
      • After reboot, start Malwarebytes Anti-Malware again and click the History Tab at the top and select Application Logs.
      • Check the box next to Scan Log. Choose the most current scan and click View.
      • Click Export and save the log as a .txt file on your Desktop or another location.
  • Providing the MalwareBytes' Anti-Malware log file
    • Attach the log file you just saved to your next reply for further review.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 bjohnson1982

bjohnson1982
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:09:23 PM

Posted 30 March 2015 - 11:15 AM

I appologize, but I'm going to post these in a series of replies:

Here's the MiniToolBox and TDSSKiller

 

MiniToolBox:

MiniToolBox by Farbar  Version: 09-03-2015
Ran by Beejous (administrator) on 30-03-2015 at 10:53:43
Running from "C:\Users\Beejous\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: Satellite L675 Manufacturer: TOSHIBA
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
TAP-Win32 Adapter V9 = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Brians-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : austin.rr.com

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Win32 Adapter V9
   Physical Address. . . . . . . . . : 00-FF-62-37-98-35
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 00-26-4D-CB-BC-63
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : austin.rr.com
   Description . . . . . . . . . . . : Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : 00-26-4D-CB-BC-63
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b80d:9dc2:cee5:8051%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.106(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, March 28, 2015 8:22:27 PM
   Lease Expires . . . . . . . . . . : Tuesday, March 31, 2015 10:42:36 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 318776909
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-AE-4F-EE-88-AE-1D-47-B9-C1
   DNS Servers . . . . . . . . . . . : 209.18.47.61
                                       209.18.47.62
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : sstx.org
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 88-AE-1D-47-B9-C1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{62379835-174E-4A68-AA97-6D81F56CCFEE}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:2ca7:409:3f57:fe95(Preferred)
   Link-local IPv6 Address . . . . . : fe80::2ca7:409:3f57:fe95%25(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{1A58FB2D-F71C-480F-958B-63B0A2629EB2}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.sstx.org:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.austin.rr.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : austin.rr.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #8
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    google.com
Addresses:  2607:f8b0:4000:807::1000
      173.194.115.9
      173.194.115.0
      173.194.115.4
      173.194.115.1
      173.194.115.2
      173.194.115.7
      173.194.115.6
      173.194.115.14
      173.194.115.8
      173.194.115.3
      173.194.115.5


Pinging google.com [216.58.218.174] with 32 bytes of data:
Reply from 216.58.218.174: bytes=32 time=22ms TTL=53
Reply from 216.58.218.174: bytes=32 time=16ms TTL=53

Ping statistics for 216.58.218.174:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 16ms, Maximum = 22ms, Average = 19ms
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=62ms TTL=46
Reply from 206.190.36.45: bytes=32 time=67ms TTL=46

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 62ms, Maximum = 67ms, Average = 64ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 23...00 ff 62 37 98 35 ......TAP-Win32 Adapter V9
 14...00 26 4d cb bc 63 ......Microsoft Virtual WiFi Miniport Adapter
 11...00 26 4d cb bc 63 ......Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
 10...88 ae 1d 47 b9 c1 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 25...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
 29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
 28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #8
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.106     30
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.106    286
    192.168.1.106  255.255.255.255         On-link     192.168.1.106    286
    192.168.1.255  255.255.255.255         On-link     192.168.1.106    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.106    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.106    286
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 25     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 25     58 2001::/32                On-link
 25    306 2001:0:9d38:90d7:2ca7:409:3f57:fe95/128
                                    On-link
 11    286 fe80::/64                On-link
 25    306 fe80::/64                On-link
 25    306 fe80::2ca7:409:3f57:fe95/128
                                    On-link
 11    286 fe80::b80d:9dc2:cee5:8051/128
                                    On-link
  1    306 ff00::/8                 On-link
 25    306 ff00::/8                 On-link
 11    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 04 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/30/2015 10:42:34 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 36670234

Error: (03/30/2015 10:42:34 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 36670234

Error: (03/30/2015 10:42:34 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/30/2015 10:42:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 36668986

Error: (03/30/2015 10:42:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 36668986

Error: (03/30/2015 10:42:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/30/2015 10:42:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 36667738

Error: (03/30/2015 10:42:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 36667738

Error: (03/30/2015 10:42:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/30/2015 00:31:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17597


System errors:
=============
Error: (03/29/2015 04:13:04 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%5

Error: (03/29/2015 04:13:03 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%5

Error: (03/29/2015 04:13:04 PM) (Source: PNRPSvc) (User: )
Description: 0x80070005

Error: (03/29/2015 04:13:02 PM) (Source: PNRPSvc) (User: )
Description: 0x80070005

Error: (03/29/2015 08:08:08 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (03/27/2015 05:57:37 PM) (Source: Service Control Manager) (User: )
Description: The AVG WatchDog service terminated with service-specific error %%-536805315.

Error: (03/27/2015 05:54:58 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.

Error: (03/27/2015 05:52:59 PM) (Source: DCOM) (User: )
Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}

Error: (03/27/2015 04:06:38 PM) (Source: Service Control Manager) (User: )
Description: The AVG WatchDog service terminated with service-specific error %%-536805315.

Error: (03/26/2015 00:49:55 PM) (Source: Service Control Manager) (User: )
Description: The AVG WatchDog service terminated with service-specific error %%-536805315.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-11-27 22:24:47.594
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-27 22:24:47.500
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-27 22:24:47.407
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-27 22:24:47.297
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-19 09:28:30.625
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Beejous\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-19 09:28:30.567
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Beejous\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-08 06:56:47.744
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-08 06:56:47.697
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-08 06:56:47.666
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-08 06:56:47.619
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.



 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
=========================== Installed Programs ============================
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.)
Adobe Shockwave Player 11.6 (HKLM-x32\...\{FF2A5498-4EFE-430F-A138-7EB365DBEBAD}) (Version: 11.6.1.629 - Adobe Systems, Inc)
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1998142702.48.56.37162218 - Audible, Inc.)
AVG 2012 (HKLM\...\AVG) (Version: 2012.0.1809 - AVG Technologies)
AVG 2012 (Version: 12.0.1809 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2085 - AVG Technologies) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.0.0 - Belkin International, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
COTM Reminder by We-Care.com v4.1.24.2 (HKLM-x32\...\{0228288D-975E-42F7-9993-E91A82E6BBD9}) (Version: 4.1.24.2 - We-Care.com)
Cypherix LE 10 (HKLM-x32\...\cyple10_is1) (Version: 10 - Cypherix Software)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.5.0.15 - DivX, LLC)
DJ_AIO_05_F4400_Software_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
DJ_AIO_06_F2400_SW_Min (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
emWave2 (HKLM-x32\...\emWave22.2.5.4848) (Version: 2.2.5.4848 - Quantum Intech, Inc.)
Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
F2400 (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
F4400 (x32 Version: 140.0.696.000 - Hewlett-Packard) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.82 - WildTangent) Hidden
FTDownloader (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - FTDownloader.com)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}) (Version: 13.0 - HP)
HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5 (HKLM\...\{A800FCC9-8E1E-4D84-9CED-47870701FDE1}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java Auto Updater (x32 Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.290 - Oracle)
Java™ 7 Update 4 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217004FF}) (Version: 7.0.40 - Oracle)
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Jewel Quest 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 2.0.181.2 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{AF5020D9-116A-46AC-A922-087592F37EC9}) (Version: 3.1.8.0 - Apple Inc.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 en-US)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Norton PC Checkup (HKLM-x32\...\Norton PC Checkup_is1) (Version: 3.0.2.90.0 - NortonLive Services)
OpenOffice.org 3.2 (HKLM-x32\...\{5A13987D-55F4-4271-A40E-76AC9B1B38FD}) (Version: 3.2.9502 - OpenOffice.org)
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Quickbooks Financial Center (HKLM-x32\...\{3B843B38-04B1-4CE6-8888-586273E0F289}) (Version: 2.02 - TOSHIBA Corporation)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
R for Windows 3.0.2 (HKLM\...\R for Windows 3.0.2_is1) (Version: 3.0.2 - R Core Team)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0012 - Realtek)
Rosetta Stone Version 3 (HKLM-x32\...\{99011A6E-5200-11DE-BDB8-7ACD56D89593}) (Version: 3.4.5.0 - Rosetta Stone Ltd.)
Safari (HKLM-x32\...\{6D172D0A-B9F1-4046-AFAB-8599288545BF}) (Version: 5.34.55.3 - Apple Inc.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Secunia PSI (2.0.0.4002) (HKLM-x32\...\Secunia PSI) (Version:  - )
Shred 1.06 (HKLM-x32\...\Shred_is1) (Version:  - AcmeBarGig Inc.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
SoulseekQt (HKLM-x32\...\SoulseekQt) (Version:  - )
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spotify (HKCU\...\Spotify) (Version: 1.0.2.6.g9977a14b - Spotify AB)
SpywareBlaster 4.6 (HKLM-x32\...\SpywareBlaster_is1) (Version: 4.6.0 - Javacool Software LLC)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
The Weather Channel Desktop 6 (HKLM-x32\...\The Weather Channel Desktop 6) (Version:  - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.0 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.10 - TOSHIBA)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.07.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.6.07.64 - TOSHIBA Corporation) Hidden
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.11.64 - TOSHIBA Corporation)
TOSHIBA eco Utility (Version: 1.2.11.64 - TOSHIBA Corporation) Hidden
TOSHIBA eco Utility (x32 Version: 1.2.11.64 - TOSHIBA Corporation) Hidden
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.6C - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (x32 Version: 1.63.0.6C - TOSHIBA CORPORATION) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.21C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (x32 Version: 1.63.0.21C - TOSHIBA CORPORATION) Hidden
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.3.198 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.5.10 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.38 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.6.06.64 - TOSHIBA Corporation) Hidden
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.9C - TOSHIBA CORPORATION)
TOSHIBA Supervisor Password (x32 Version: 1.63.0.9C - TOSHIBA CORPORATION) Hidden
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.3.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.3.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.3.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 1.9.2 - Tweaking.com)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Utility Common Driver (x32 Version: 1.0.52.1C - TOSHIBA) Hidden
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Veetle TV 0.9.17 (HKLM-x32\...\Veetle TV) (Version: 0.9.17 - Veetle, Inc)
Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
WebEx (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - WebEx Communications, Inc)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.0.80 - WildTangent)
WildTangent ORB Game Console (x32 Version:  - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinPatrol (HKLM\...\{302A1E2E-DD58-4673-BC99-9CC10EC2637A}) (Version: 24.5.2012 - BillP Studios)
WinRAR 4.01 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.1 - win.rar GmbH)
Zuma's Revenge (x32 Version: 2.2.0.82 - WildTangent) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 80%
Total physical RAM: 1906.67 MB
Available physical RAM: 364.94 MB
Total Pagefile: 5011.34 MB
Available Pagefile: 2438.26 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.57 MB

========================= Partitions: =====================================

1 Drive c: (TI105837W0G) (Fixed) (Total:454.17 GB) (Free:307.13 GB) NTFS

========================= Users: ========================================

User accounts for \\BRIANS-PC

Administrator            Beejous                  Guest                    


**** End of log ****

 

TDSSKiller:

11:08:22.0435 0x14b8  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
11:08:36.0897 0x14b8  ============================================================
11:08:36.0897 0x14b8  Current date / time: 2015/03/30 11:08:36.0897
11:08:36.0897 0x14b8  SystemInfo:
11:08:36.0898 0x14b8  
11:08:36.0898 0x14b8  OS Version: 6.1.7601 ServicePack: 1.0
11:08:36.0898 0x14b8  Product type: Workstation
11:08:36.0898 0x14b8  ComputerName: BRIANS-PC
11:08:36.0898 0x14b8  UserName: Beejous
11:08:36.0898 0x14b8  Windows directory: C:\windows
11:08:36.0898 0x14b8  System windows directory: C:\windows
11:08:36.0898 0x14b8  Running under WOW64
11:08:36.0898 0x14b8  Processor architecture: Intel x64
11:08:36.0898 0x14b8  Number of processors: 4
11:08:36.0898 0x14b8  Page size: 0x1000
11:08:36.0898 0x14b8  Boot type: Normal boot
11:08:36.0898 0x14b8  ============================================================
11:09:06.0391 0x14b8  KLMD registered as C:\windows\system32\drivers\82179179.sys
11:09:10.0435 0x14b8  System UUID: {BF55C71E-BD00-7599-87C7-C776396D0318}
11:09:19.0477 0x14b8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:09:19.0826 0x14b8  ============================================================
11:09:19.0826 0x14b8  \Device\Harddisk0\DR0:
11:09:19.0921 0x14b8  MBR partitions:
11:09:19.0921 0x14b8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38C58000
11:09:19.0921 0x14b8  ============================================================
11:09:20.0117 0x14b8  C: <-> \Device\Harddisk0\DR0\Partition1
11:09:21.0137 0x14b8  ============================================================
11:09:21.0137 0x14b8  Initialize success
11:09:21.0137 0x14b8  ============================================================
11:09:44.0405 0x25e8  ============================================================
11:09:44.0405 0x25e8  Scan started
11:09:44.0405 0x25e8  Mode: Manual;
11:09:44.0405 0x25e8  ============================================================
11:09:44.0405 0x25e8  KSN ping started
11:10:02.0923 0x25e8  KSN ping finished: true
11:10:20.0249 0x25e8  ================ Scan system memory ========================
11:10:20.0249 0x25e8  System memory - ok
11:10:20.0249 0x25e8  ================ Scan services =============================
11:10:21.0250 0x25e8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
11:10:21.0279 0x25e8  1394ohci - ok
11:10:21.0533 0x25e8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
11:10:21.0555 0x25e8  ACPI - ok
11:10:21.0783 0x25e8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
11:10:21.0785 0x25e8  AcpiPmi - ok
11:10:21.0990 0x25e8  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:10:21.0995 0x25e8  AdobeARMservice - ok
11:10:23.0331 0x25e8  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:10:23.0373 0x25e8  AdobeFlashPlayerUpdateSvc - ok
11:10:23.0749 0x25e8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
11:10:23.0767 0x25e8  adp94xx - ok
11:10:23.0857 0x25e8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
11:10:23.0868 0x25e8  adpahci - ok
11:10:23.0956 0x25e8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
11:10:23.0964 0x25e8  adpu320 - ok
11:10:24.0017 0x25e8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
11:10:24.0037 0x25e8  AeLookupSvc - ok
11:10:24.0157 0x25e8  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\windows\system32\drivers\afd.sys
11:10:24.0175 0x25e8  AFD - ok
11:10:24.0454 0x25e8  [ 7E077309910CE334C3B2B7B8665A55C4, 3DA0ABF8A6303F362DF08E39C23092192526F207F40DDCDEB6A0DB8EA576E03B ] AffinegyService C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
11:10:24.0560 0x25e8  AffinegyService - ok
11:10:24.0790 0x25e8  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\windows\system32\DRIVERS\agrsm64.sys
11:10:24.0883 0x25e8  AgereSoftModem - ok
11:10:24.0963 0x25e8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
11:10:24.0967 0x25e8  agp440 - ok
11:10:25.0011 0x25e8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
11:10:25.0045 0x25e8  ALG - ok
11:10:25.0108 0x25e8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
11:10:25.0110 0x25e8  aliide - ok
11:10:25.0172 0x25e8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
11:10:25.0174 0x25e8  amdide - ok
11:10:25.0243 0x25e8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
11:10:25.0249 0x25e8  AmdK8 - ok
11:10:25.0288 0x25e8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
11:10:25.0293 0x25e8  AmdPPM - ok
11:10:25.0425 0x25e8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
11:10:25.0433 0x25e8  amdsata - ok
11:10:25.0470 0x25e8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
11:10:25.0477 0x25e8  amdsbs - ok
11:10:25.0515 0x25e8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
11:10:25.0550 0x25e8  amdxata - ok
11:10:25.0675 0x25e8  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\windows\system32\drivers\appid.sys
11:10:25.0680 0x25e8  AppID - ok
11:10:25.0742 0x25e8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\windows\System32\appidsvc.dll
11:10:25.0745 0x25e8  AppIDSvc - ok
11:10:25.0832 0x25e8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll
11:10:25.0834 0x25e8  Appinfo - ok
11:10:26.0076 0x25e8  [ F518545E5B7623AD49ABE7F8776EFA46, CD39B6EC0D80C6DB857F34D4AC5C31085271B51B8851A56FEFC052B20B7CC40C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:10:26.0082 0x25e8  Apple Mobile Device - ok
11:10:26.0195 0x25e8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\DRIVERS\arc.sys
11:10:26.0200 0x25e8  arc - ok
11:10:26.0235 0x25e8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
11:10:26.0268 0x25e8  arcsas - ok
11:10:26.0615 0x25e8  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:10:27.0016 0x25e8  aspnet_state - ok
11:10:27.0101 0x25e8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
11:10:27.0104 0x25e8  AsyncMac - ok
11:10:27.0180 0x25e8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
11:10:27.0182 0x25e8  atapi - ok
11:10:27.0351 0x25e8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
11:10:27.0371 0x25e8  AudioEndpointBuilder - ok
11:10:27.0395 0x25e8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\windows\System32\Audiosrv.dll
11:10:27.0411 0x25e8  AudioSrv - ok
11:10:27.0515 0x25e8  [ 96B4456F1DCA4EDA506ED31C7D2D6B05, 29CC6D87E5A7B306DA2942B2254ED25565F10BF2C4EFB52050C1987AB0FB4EBC ] Avgfwfd         C:\windows\system32\DRIVERS\avgfwd6a.sys
11:10:27.0519 0x25e8  Avgfwfd - ok
11:10:27.0992 0x25e8  [ BB8214A1EC4F74D67B51DC3C1BA11343, E0506E1ECB548C0980168DEEA8F981AB9FA4572A97C98985BED45052BE49AF70 ] avgfws          C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
11:10:28.0136 0x25e8  avgfws - ok
11:10:29.0005 0x25e8  [ 6EAD3146A0894F5EB9AD02542B1C7DE5, 585E6CE1664F7F680974CBF8D22545785F668DD7701C7103A16C414897A08A06 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
11:10:29.0311 0x25e8  AVGIDSAgent - ok
11:10:29.0376 0x25e8  [ E29EA1A0EC7AB9FA2DC7E75A03F12A4F, E2F9F0B34465FCD101C6B0AD7CB3678623D608D581FB8463D79FE14B3FF5F7B2 ] AVGIDSDriver    C:\windows\system32\DRIVERS\AVGIDSDriver.Sys
11:10:29.0381 0x25e8  AVGIDSDriver - ok
11:10:29.0415 0x25e8  [ F823D184B8E8FFB8DA3EAD45DBF5BD6A, 13CE1976B89486D94D1DE55DF79CAB16BC0B9EB3789EB83F24B4D40C6BD81A65 ] AVGIDSEH        C:\windows\system32\DRIVERS\AVGIDSEH.Sys
11:10:29.0418 0x25e8  AVGIDSEH - ok
11:10:29.0437 0x25e8  [ ED2B25BD7FE35D1944211968842D30DA, C75AF165565D44350DF32B06123BFD4962EFD8B23C1AC8E9277C2A4CC8029C2A ] AVGIDSFilter    C:\windows\system32\DRIVERS\AVGIDSFilter.Sys
11:10:29.0465 0x25e8  AVGIDSFilter - ok
11:10:29.0537 0x25e8  [ DADFCCFB036DA99FA83E7E1D29290A6C, F4AA22DCE310E52EFA5A9C8F78252A4E862328FA83A6F1125B6C8D04F39D7E38 ] Avgldx64        C:\windows\system32\DRIVERS\avgldx64.sys
11:10:29.0549 0x25e8  Avgldx64 - ok
11:10:29.0577 0x25e8  [ 36B1A5843695766EAC714DAFFC5B84D1, F31D2FC1325E358173FC5C6453A371CA11D1C70B74803D287C1B1106DDCB3D17 ] Avgmfx64        C:\windows\system32\DRIVERS\avgmfx64.sys
11:10:29.0581 0x25e8  Avgmfx64 - ok
11:10:29.0627 0x25e8  [ 5A7AA579D4FA072FB9715F8D83EB1F00, B40921F89B593C9C9A98D9644D3BEECCBDDE5EE43830DB0AEFCDEC450D12D27A ] Avgrkx64        C:\windows\system32\DRIVERS\avgrkx64.sys
11:10:29.0631 0x25e8  Avgrkx64 - ok
11:10:29.0696 0x25e8  [ 11F36D3EA82D9DB9AA05A476A210551B, 97405A703CE3A5FF4EF0C9259235BF66E5055D78D2833F19B74109A2C29ADD51 ] Avgtdia         C:\windows\system32\DRIVERS\avgtdia.sys
11:10:29.0729 0x25e8  Avgtdia - ok
11:10:29.0781 0x25e8  [ 6699ECE24FE4B3F752A66C66A602EE86, DA101B794170FE81F6865004F239898D5623E9BCA0110F83ECBCD010567C73DB ] avgwd           C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
11:10:29.0829 0x25e8  avgwd - ok
11:10:29.0909 0x25e8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
11:10:29.0944 0x25e8  AxInstSV - ok
11:10:30.0036 0x25e8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\DRIVERS\bxvbda.sys
11:10:30.0055 0x25e8  b06bdrv - ok
11:10:30.0120 0x25e8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
11:10:30.0186 0x25e8  b57nd60a - ok
11:10:30.0240 0x25e8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
11:10:30.0267 0x25e8  BDESVC - ok
11:10:30.0308 0x25e8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
11:10:30.0310 0x25e8  Beep - ok
11:10:30.0562 0x25e8  [ 299E54DB3638A18E47BD3A2D2EF499F7, 7812C8F8EDA14CC74F43979B1C7E790EE15CFE10672C5F3E077AE6C87A69C27C ] Belkin Local Backup Service C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
11:10:30.0602 0x25e8  Belkin Local Backup Service - ok
11:10:30.0671 0x25e8  [ E62A04D615A8CAC83601E1F07C010D3C, BA9E08EE979C3898DF573B61514B3EAA6E5DAAA182DA3618BFA1BD94ABDA0266 ] Belkin Network USB Helper C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
11:10:30.0700 0x25e8  Belkin Network USB Helper - ok
11:10:30.0934 0x25e8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
11:10:30.0967 0x25e8  BFE - ok
11:10:31.0169 0x25e8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
11:10:31.0260 0x25e8  BITS - ok
11:10:31.0287 0x25e8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
11:10:31.0290 0x25e8  blbdrive - ok
11:10:31.0465 0x25e8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:10:31.0480 0x25e8  Bonjour Service - ok
11:10:31.0549 0x25e8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
11:10:31.0553 0x25e8  bowser - ok
11:10:31.0609 0x25e8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
11:10:31.0610 0x25e8  BrFiltLo - ok
11:10:31.0687 0x25e8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
11:10:31.0718 0x25e8  BrFiltUp - ok
11:10:31.0799 0x25e8  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\windows\system32\DRIVERS\bridge.sys
11:10:31.0804 0x25e8  BridgeMP - ok
11:10:31.0865 0x25e8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
11:10:31.0869 0x25e8  Browser - ok
11:10:31.0969 0x25e8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
11:10:31.0983 0x25e8  Brserid - ok
11:10:32.0019 0x25e8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
11:10:32.0026 0x25e8  BrSerWdm - ok
11:10:32.0065 0x25e8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
11:10:32.0067 0x25e8  BrUsbMdm - ok
11:10:32.0081 0x25e8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
11:10:32.0083 0x25e8  BrUsbSer - ok
11:10:32.0110 0x25e8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
11:10:32.0113 0x25e8  BTHMODEM - ok
11:10:32.0172 0x25e8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
11:10:32.0176 0x25e8  bthserv - ok
11:10:32.0216 0x25e8  catchme - ok
11:10:32.0299 0x25e8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
11:10:32.0304 0x25e8  cdfs - ok
11:10:32.0379 0x25e8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\drivers\cdrom.sys
11:10:32.0386 0x25e8  cdrom - ok
11:10:32.0518 0x25e8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
11:10:32.0522 0x25e8  CertPropSvc - ok
11:10:32.0598 0x25e8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
11:10:32.0601 0x25e8  circlass - ok
11:10:32.0655 0x25e8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys
11:10:32.0669 0x25e8  CLFS - ok
11:10:32.0756 0x25e8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:10:32.0844 0x25e8  clr_optimization_v2.0.50727_32 - ok
11:10:32.0894 0x25e8  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:10:32.0966 0x25e8  clr_optimization_v2.0.50727_64 - ok
11:10:33.0126 0x25e8  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:10:33.0348 0x25e8  clr_optimization_v4.0.30319_32 - ok
11:10:33.0386 0x25e8  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:10:33.0544 0x25e8  clr_optimization_v4.0.30319_64 - ok
11:10:33.0570 0x25e8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
11:10:33.0573 0x25e8  CmBatt - ok
11:10:33.0643 0x25e8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
11:10:33.0645 0x25e8  cmdide - ok
11:10:33.0719 0x25e8  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\windows\system32\Drivers\cng.sys
11:10:33.0735 0x25e8  CNG - ok
11:10:33.0784 0x25e8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
11:10:33.0786 0x25e8  Compbatt - ok
11:10:33.0858 0x25e8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
11:10:33.0899 0x25e8  CompositeBus - ok
11:10:33.0941 0x25e8  COMSysApp - ok
11:10:33.0990 0x25e8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
11:10:33.0993 0x25e8  crcdisk - ok
11:10:34.0095 0x25e8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\windows\system32\cryptsvc.dll
11:10:34.0104 0x25e8  CryptSvc - ok
11:10:35.0685 0x25e8  [ 8AEC9C2998620CA6946B7183DAD4ACF2, 2FCC1A367B83075DE9B0FF5F413E1EAACD2A9229AF89BD4C2F7B794C1AB2EF53 ] cypherix10service C:\windows\SysWOW64\cypxsrv10.exe
11:10:35.0716 0x25e8  cypherix10service - ok
11:10:36.0311 0x25e8  [ 8F1BA5DCFE8D9CE041B606DC661B5E5A, DC10F4DECE793347CBEF6B86ED181E2095AD362ED1E98A91FCFFA4942A2C83DF ] cypxdv10        C:\windows\system32\Drivers\cypxdv10.sys
11:10:36.0319 0x25e8  cypxdv10 - ok
11:10:36.0437 0x25e8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
11:10:36.0454 0x25e8  DcomLaunch - ok
11:10:36.0494 0x25e8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
11:10:36.0506 0x25e8  defragsvc - ok
11:10:36.0587 0x25e8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
11:10:36.0625 0x25e8  DfsC - ok
11:10:36.0771 0x25e8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
11:10:36.0786 0x25e8  Dhcp - ok
11:10:36.0841 0x25e8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
11:10:36.0873 0x25e8  discache - ok
11:10:36.0969 0x25e8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\DRIVERS\disk.sys
11:10:36.0974 0x25e8  Disk - ok
11:10:37.0099 0x25e8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
11:10:37.0108 0x25e8  Dnscache - ok
11:10:37.0217 0x25e8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
11:10:37.0227 0x25e8  dot3svc - ok
11:10:37.0352 0x25e8  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\windows\system32\DRIVERS\Dot4.sys
11:10:37.0358 0x25e8  Dot4 - ok
11:10:37.0426 0x25e8  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\windows\system32\drivers\Dot4Prt.sys
11:10:37.0429 0x25e8  Dot4Print - ok
11:10:37.0449 0x25e8  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\windows\system32\DRIVERS\dot4usb.sys
11:10:37.0477 0x25e8  dot4usb - ok
11:10:37.0563 0x25e8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
11:10:37.0573 0x25e8  DPS - ok
11:10:37.0661 0x25e8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
11:10:37.0663 0x25e8  drmkaud - ok
11:10:37.0792 0x25e8  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
11:10:37.0820 0x25e8  DXGKrnl - ok
11:10:37.0887 0x25e8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
11:10:37.0896 0x25e8  EapHost - ok
11:10:38.0625 0x25e8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\DRIVERS\evbda.sys
11:10:38.0841 0x25e8  ebdrv - ok
11:10:38.0985 0x25e8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\windows\System32\lsass.exe
11:10:38.0988 0x25e8  EFS - ok
11:10:39.0220 0x25e8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
11:10:39.0310 0x25e8  ehRecvr - ok
11:10:39.0358 0x25e8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
11:10:39.0403 0x25e8  ehSched - ok
11:10:39.0498 0x25e8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
11:10:39.0515 0x25e8  elxstor - ok
11:10:39.0565 0x25e8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
11:10:39.0606 0x25e8  ErrDev - ok
11:10:39.0682 0x25e8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
11:10:39.0701 0x25e8  EventSystem - ok
11:10:39.0760 0x25e8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
11:10:39.0771 0x25e8  exfat - ok
11:10:39.0816 0x25e8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
11:10:39.0857 0x25e8  fastfat - ok
11:10:40.0071 0x25e8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
11:10:40.0091 0x25e8  Fax - ok
11:10:40.0157 0x25e8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\DRIVERS\fdc.sys
11:10:40.0161 0x25e8  fdc - ok
11:10:40.0225 0x25e8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
11:10:40.0228 0x25e8  fdPHost - ok
11:10:40.0254 0x25e8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
11:10:40.0258 0x25e8  FDResPub - ok
11:10:40.0348 0x25e8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
11:10:40.0354 0x25e8  FileInfo - ok
11:10:40.0392 0x25e8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
11:10:40.0395 0x25e8  Filetrace - ok
11:10:40.0790 0x25e8  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:10:40.0914 0x25e8  FLEXnet Licensing Service - ok
11:10:40.0944 0x25e8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
11:10:40.0947 0x25e8  flpydisk - ok
11:10:41.0038 0x25e8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
11:10:41.0068 0x25e8  FltMgr - ok
11:10:41.0263 0x25e8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\windows\system32\FntCache.dll
11:10:41.0341 0x25e8  FontCache - ok
11:10:41.0466 0x25e8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:10:41.0473 0x25e8  FontCache3.0.0.0 - ok
11:10:41.0528 0x25e8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
11:10:41.0533 0x25e8  FsDepends - ok
11:10:41.0580 0x25e8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
11:10:41.0584 0x25e8  Fs_Rec - ok
11:10:41.0760 0x25e8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
11:10:41.0896 0x25e8  fvevol - ok
11:10:41.0941 0x25e8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
11:10:41.0946 0x25e8  gagp30kx - ok
11:10:42.0098 0x25e8  [ D154305DE6090E6E84E525F84BB08A06, 7B235178C3F26043AB7DB9EAD9A2185CEAF3C07BC48D63CA0EB6D56BCFEDF41A ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
11:10:42.0139 0x25e8  GameConsoleService - ok
11:10:42.0214 0x25e8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
11:10:42.0218 0x25e8  GEARAspiWDM - ok
11:10:42.0323 0x25e8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
11:10:42.0348 0x25e8  gpsvc - ok
11:10:42.0574 0x25e8  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:10:42.0583 0x25e8  gupdate - ok
11:10:42.0640 0x25e8  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:10:42.0648 0x25e8  gupdatem - ok
11:10:42.0701 0x25e8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
11:10:42.0704 0x25e8  hcw85cir - ok
11:10:42.0857 0x25e8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
11:10:42.0885 0x25e8  HdAudAddService - ok
11:10:42.0930 0x25e8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
11:10:42.0971 0x25e8  HDAudBus - ok
11:10:43.0026 0x25e8  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\windows\system32\DRIVERS\HECIx64.sys
11:10:43.0031 0x25e8  HECIx64 - ok
11:10:43.0086 0x25e8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
11:10:43.0090 0x25e8  HidBatt - ok
11:10:43.0134 0x25e8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
11:10:43.0142 0x25e8  HidBth - ok
11:10:43.0200 0x25e8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
11:10:43.0204 0x25e8  HidIr - ok
11:10:43.0236 0x25e8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\System32\hidserv.dll
11:10:43.0270 0x25e8  hidserv - ok
11:10:43.0347 0x25e8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
11:10:43.0671 0x25e8  HidUsb - ok
11:10:43.0728 0x25e8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
11:10:43.0734 0x25e8  hkmsvc - ok
11:10:43.0816 0x25e8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
11:10:43.0859 0x25e8  HomeGroupListener - ok
11:10:43.0943 0x25e8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
11:10:43.0952 0x25e8  HomeGroupProvider - ok
11:10:44.0095 0x25e8  [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
11:10:44.0105 0x25e8  hpqcxs08 - ok
11:10:44.0164 0x25e8  [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
11:10:44.0174 0x25e8  hpqddsvc - ok
11:10:44.0244 0x25e8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
11:10:44.0249 0x25e8  HpSAMD - ok
11:10:44.0361 0x25e8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys
11:10:44.0384 0x25e8  HTTP - ok
11:10:44.0418 0x25e8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
11:10:44.0421 0x25e8  hwpolicy - ok
11:10:44.0495 0x25e8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
11:10:44.0504 0x25e8  i8042prt - ok
11:10:44.0681 0x25e8  [ 42E00996DFC13C46366689C0EA8ABC5E, 1C73B7FADB3209D7C1CAA75531F789B47907129E418F91F23CBE9FC68B3056E4 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
11:10:44.0698 0x25e8  iaStor - ok
11:10:44.0800 0x25e8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
11:10:44.0815 0x25e8  iaStorV - ok
11:10:45.0076 0x25e8  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:10:45.0194 0x25e8  idsvc - ok
11:10:46.0773 0x25e8  [ F4F91789C7C7A159CE8215C1F69F2A85, E60155402FB647B55EAD6B090204A1AA497294D473A7CCF850BB21C0DCCCB49C ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
11:10:47.0296 0x25e8  igfx - ok
11:10:47.0420 0x25e8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
11:10:47.0425 0x25e8  iirsp - ok
11:10:47.0538 0x25e8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
11:10:47.0563 0x25e8  IKEEXT - ok
11:10:47.0609 0x25e8  [ 4B6363CD4610BB848531BB260B15DFCC, 13A8AA9571497086341AC00797EFF212FF76EE62F9CFF758D3C08B377EC7BF04 ] Impcd           C:\windows\system32\DRIVERS\Impcd.sys
11:10:47.0621 0x25e8  Impcd - ok
11:10:47.0967 0x25e8  [ 490947A9AFF7CA31EF2E08F5776105EB, C817D60DBA6B276AD4EF2E0FDF5547F152294AFEF6264C28B8F4DC20B3A85515 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
11:10:48.0158 0x25e8  IntcAzAudAddService - ok
11:10:48.0191 0x25e8  [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
11:10:48.0200 0x25e8  IntcDAud - ok
11:10:48.0246 0x25e8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
11:10:48.0248 0x25e8  intelide - ok
11:10:48.0309 0x25e8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
11:10:48.0313 0x25e8  intelppm - ok
11:10:48.0378 0x25e8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
11:10:48.0388 0x25e8  IPBusEnum - ok
11:10:48.0444 0x25e8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
11:10:48.0452 0x25e8  IpFilterDriver - ok
11:10:48.0569 0x25e8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
11:10:48.0594 0x25e8  iphlpsvc - ok
11:10:48.0638 0x25e8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
11:10:48.0641 0x25e8  IPMIDRV - ok
11:10:48.0704 0x25e8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
11:10:48.0713 0x25e8  IPNAT - ok
11:10:48.0861 0x25e8  [ F7ED08D4BC89D7AC6135C1556A89157F, 8F15F1E528F6513FCEF5D966880CBA8A2C7A4816393393F4B201CDD6227F36A3 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:10:48.0903 0x25e8  iPod Service - ok
11:10:48.0935 0x25e8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
11:10:48.0938 0x25e8  IRENUM - ok
11:10:48.0995 0x25e8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
11:10:49.0003 0x25e8  isapnp - ok
11:10:49.0071 0x25e8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
11:10:50.0200 0x25e8  iScsiPrt - ok
11:10:50.0268 0x25e8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\drivers\kbdclass.sys
11:10:50.0272 0x25e8  kbdclass - ok
11:10:50.0355 0x25e8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
11:10:50.0360 0x25e8  kbdhid - ok
11:10:50.0408 0x25e8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\windows\system32\lsass.exe
11:10:50.0412 0x25e8  KeyIso - ok
11:10:50.0486 0x25e8  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
11:10:50.0494 0x25e8  KSecDD - ok
11:10:50.0545 0x25e8  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
11:10:50.0557 0x25e8  KSecPkg - ok
11:10:50.0595 0x25e8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
11:10:50.0597 0x25e8  ksthunk - ok
11:10:50.0639 0x25e8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
11:10:50.0656 0x25e8  KtmRm - ok
11:10:50.0744 0x25e8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\System32\srvsvc.dll
11:10:50.0798 0x25e8  LanmanServer - ok
11:10:50.0860 0x25e8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
11:10:50.0867 0x25e8  LanmanWorkstation - ok
11:10:50.0938 0x25e8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
11:10:50.0942 0x25e8  lltdio - ok
11:10:50.0990 0x25e8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
11:10:51.0030 0x25e8  lltdsvc - ok
11:10:51.0082 0x25e8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
11:10:51.0085 0x25e8  lmhosts - ok
11:10:51.0228 0x25e8  [ A1C148801B4AF64847AEB9F3AD9594EF, FF6ED89EA47DF74C33CD8BFAC48FAED1B979348ABA6B6D94EE07CBD21810F37B ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:10:51.0244 0x25e8  LMS - ok
11:10:51.0324 0x25e8  [ 41E122F6D1448C94CC05196BC41D6BFB, DC027B897A14359669C6C93CCC7FCEEA2FDCEE281489589DDAEE008FAD0B15E2 ] LPCFilter       C:\windows\system32\DRIVERS\LPCFilter.sys
11:10:51.0329 0x25e8  LPCFilter - ok
11:10:51.0420 0x25e8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
11:10:51.0425 0x25e8  LSI_FC - ok
11:10:51.0455 0x25e8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
11:10:51.0492 0x25e8  LSI_SAS - ok
11:10:51.0536 0x25e8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
11:10:51.0566 0x25e8  LSI_SAS2 - ok
11:10:51.0614 0x25e8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
11:10:51.0619 0x25e8  LSI_SCSI - ok
11:10:51.0653 0x25e8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
11:10:51.0657 0x25e8  luafv - ok
11:10:51.0744 0x25e8  [ F453D1E6D881E8F8717E20CCD4199E85, 99864785355638479F0A005E5E1D22067A13EC41FDD1BD1E561577F38A134453 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
11:10:51.0784 0x25e8  McComponentHostService - ok
11:10:51.0839 0x25e8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
11:10:51.0843 0x25e8  Mcx2Svc - ok
11:10:51.0890 0x25e8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
11:10:51.0919 0x25e8  megasas - ok
11:10:51.0964 0x25e8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
11:10:51.0973 0x25e8  MegaSR - ok
11:10:52.0031 0x25e8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
11:10:52.0035 0x25e8  MMCSS - ok
11:10:52.0060 0x25e8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
11:10:52.0064 0x25e8  Modem - ok
11:10:52.0301 0x25e8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
11:10:52.0303 0x25e8  monitor - ok
11:10:52.0415 0x25e8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
11:10:52.0594 0x25e8  mouclass - ok
11:10:52.0775 0x25e8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
11:10:52.0778 0x25e8  mouhid - ok
11:10:52.0855 0x25e8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
11:10:52.0860 0x25e8  mountmgr - ok
11:10:52.0943 0x25e8  [ 0A68B3E37961CEC327EED518F6D62530, EDEB16545ECDDEA2ADFF73E4DF3E9FD87E4B7126C8CFB037ABAF883D157103DE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:10:52.0990 0x25e8  MozillaMaintenance - ok
11:10:53.0041 0x25e8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
11:10:53.0048 0x25e8  mpio - ok
11:10:53.0110 0x25e8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
11:10:53.0150 0x25e8  mpsdrv - ok
11:10:53.0276 0x25e8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
11:10:53.0308 0x25e8  MpsSvc - ok
11:10:53.0373 0x25e8  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
11:10:53.0388 0x25e8  MRxDAV - ok
11:10:53.0448 0x25e8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
11:10:53.0457 0x25e8  mrxsmb - ok
11:10:53.0528 0x25e8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
11:10:53.0540 0x25e8  mrxsmb10 - ok
11:10:53.0589 0x25e8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
11:10:53.0646 0x25e8  mrxsmb20 - ok
11:10:53.0688 0x25e8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
11:10:53.0692 0x25e8  msahci - ok
11:10:53.0784 0x25e8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
11:10:53.0790 0x25e8  msdsm - ok
11:10:53.0879 0x25e8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
11:10:53.0886 0x25e8  MSDTC - ok
11:10:53.0971 0x25e8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
11:10:53.0976 0x25e8  Msfs - ok
11:10:54.0010 0x25e8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
11:10:54.0013 0x25e8  mshidkmdf - ok
11:10:54.0060 0x25e8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
11:10:54.0095 0x25e8  msisadrv - ok
11:10:54.0169 0x25e8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
11:10:54.0177 0x25e8  MSiSCSI - ok
11:10:54.0182 0x25e8  msiserver - ok
11:10:54.0252 0x25e8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
11:10:54.0254 0x25e8  MSKSSRV - ok
11:10:54.0279 0x25e8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
11:10:54.0281 0x25e8  MSPCLOCK - ok
11:10:54.0303 0x25e8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
11:10:54.0318 0x25e8  MSPQM - ok
11:10:54.0427 0x25e8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
11:10:54.0459 0x25e8  MsRPC - ok
11:10:54.0523 0x25e8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
11:10:54.0528 0x25e8  mssmbios - ok
11:10:54.0579 0x25e8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
11:10:54.0581 0x25e8  MSTEE - ok
11:10:54.0666 0x25e8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
11:10:54.0710 0x25e8  MTConfig - ok
11:10:54.0782 0x25e8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
11:10:54.0785 0x25e8  Mup - ok
11:10:54.0895 0x25e8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
11:10:54.0913 0x25e8  napagent - ok
11:10:54.0988 0x25e8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
11:10:55.0001 0x25e8  NativeWifiP - ok
11:10:55.0296 0x25e8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
11:10:55.0420 0x25e8  NDIS - ok
11:10:55.0480 0x25e8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
11:10:55.0483 0x25e8  NdisCap - ok
11:10:55.0507 0x25e8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
11:10:55.0509 0x25e8  NdisTapi - ok
11:10:55.0574 0x25e8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
11:10:55.0578 0x25e8  Ndisuio - ok
11:10:55.0771 0x25e8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
11:10:55.0781 0x25e8  NdisWan - ok
11:10:55.0829 0x25e8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
11:10:55.0834 0x25e8  NDProxy - ok
11:10:55.0930 0x25e8  [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:10:55.0937 0x25e8  Net Driver HPZ12 - ok
11:10:56.0051 0x25e8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
11:10:56.0055 0x25e8  NetBIOS - ok
11:10:56.0138 0x25e8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
11:10:56.0149 0x25e8  NetBT - ok
11:10:56.0219 0x25e8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\windows\system32\lsass.exe
11:10:56.0221 0x25e8  Netlogon - ok
11:10:56.0337 0x25e8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
11:10:56.0402 0x25e8  Netman - ok
11:10:56.0599 0x25e8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:10:56.0665 0x25e8  NetMsmqActivator - ok
11:10:56.0680 0x25e8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:10:56.0689 0x25e8  NetPipeActivator - ok
11:10:56.0740 0x25e8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
11:10:56.0757 0x25e8  netprofm - ok
11:10:56.0807 0x25e8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:10:56.0811 0x25e8  NetTcpActivator - ok
11:10:56.0819 0x25e8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:10:56.0822 0x25e8  NetTcpPortSharing - ok
11:10:56.0877 0x25e8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
11:10:56.0885 0x25e8  nfrd960 - ok
11:10:56.0958 0x25e8  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\windows\System32\nlasvc.dll
11:10:56.0969 0x25e8  NlaSvc - ok
11:10:57.0035 0x25e8  Norton PC Checkup Application Launcher - ok
11:10:57.0082 0x25e8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
11:10:57.0087 0x25e8  Npfs - ok
11:10:57.0156 0x25e8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
11:10:57.0162 0x25e8  nsi - ok
11:10:57.0191 0x25e8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
11:10:57.0242 0x25e8  nsiproxy - ok
11:10:57.0379 0x25e8  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
11:10:57.0475 0x25e8  Ntfs - ok
11:10:57.0511 0x25e8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
11:10:57.0513 0x25e8  Null - ok
11:10:57.0596 0x25e8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
11:10:57.0603 0x25e8  nvraid - ok
11:10:57.0649 0x25e8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
11:10:57.0656 0x25e8  nvstor - ok
11:10:57.0686 0x25e8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
11:10:57.0693 0x25e8  nv_agp - ok
11:10:57.0888 0x25e8  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:10:57.0904 0x25e8  odserv - ok
11:10:57.0969 0x25e8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
11:10:57.0973 0x25e8  ohci1394 - ok
11:10:58.0090 0x25e8  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:10:58.0101 0x25e8  ose - ok
11:10:58.0168 0x25e8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
11:10:58.0186 0x25e8  p2pimsvc - ok
11:10:58.0242 0x25e8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
11:10:58.0256 0x25e8  p2psvc - ok
11:10:58.0311 0x25e8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\DRIVERS\parport.sys
11:10:58.0315 0x25e8  Parport - ok
11:10:58.0389 0x25e8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
11:10:58.0411 0x25e8  partmgr - ok
11:10:58.0482 0x25e8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\windows\System32\pcasvc.dll
11:10:58.0489 0x25e8  PcaSvc - ok
11:10:58.0604 0x25e8  [ 2F86BE1818C2D7AC90478E3323EE7FCB, CE721FCFFDC9D24483DEB6BB77DAFEBE79BA143CA2EE68BF28E2A9297AADB2D4 ] PCCUJobMgr      C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
11:10:58.0613 0x25e8  PCCUJobMgr - ok
11:10:58.0692 0x25e8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
11:10:58.0701 0x25e8  pci - ok
11:10:58.0763 0x25e8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
11:10:58.0765 0x25e8  pciide - ok
11:10:58.0849 0x25e8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
11:10:58.0860 0x25e8  pcmcia - ok
11:10:58.0914 0x25e8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
11:10:58.0945 0x25e8  pcw - ok
11:10:59.0007 0x25e8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
11:10:59.0032 0x25e8  PEAUTH - ok
11:11:00.0135 0x25e8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
11:11:00.0138 0x25e8  PerfHost - ok
11:11:00.0445 0x25e8  [ 663962900E7FEA522126BA287715BB4A, 95CE12CA11E705C293BE4E18845581037D819A7EC812349BCAF4EABC8E7087B1 ] PGEffect        C:\windows\system32\DRIVERS\pgeffect.sys
11:11:00.0447 0x25e8  PGEffect - ok
11:11:00.0555 0x25e8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
11:11:00.0659 0x25e8  pla - ok
11:11:00.0752 0x25e8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
11:11:00.0767 0x25e8  PlugPlay - ok
11:11:00.0854 0x25e8  [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:11:00.0863 0x25e8  Pml Driver HPZ12 - ok
11:11:00.0915 0x25e8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
11:11:00.0918 0x25e8  PNRPAutoReg - ok
11:11:00.0985 0x25e8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
11:11:00.0996 0x25e8  PNRPsvc - ok
11:11:01.0140 0x25e8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
11:11:01.0166 0x25e8  PolicyAgent - ok
11:11:01.0205 0x25e8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
11:11:01.0212 0x25e8  Power - ok
11:11:01.0272 0x25e8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
11:11:01.0277 0x25e8  PptpMiniport - ok
11:11:01.0329 0x25e8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\DRIVERS\processr.sys
11:11:01.0333 0x25e8  Processor - ok
11:11:01.0400 0x25e8  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\windows\system32\profsvc.dll
11:11:01.0416 0x25e8  ProfSvc - ok
11:11:01.0476 0x25e8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\windows\system32\lsass.exe
11:11:01.0478 0x25e8  ProtectedStorage - ok
11:11:01.0576 0x25e8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
11:11:01.0583 0x25e8  Psched - ok
11:11:01.0673 0x25e8  [ FB46E9A827A8799EBD7BFA9128C91F37, 7C40E9C1720522D76AF45A588DFF47BDF0E2A99AF3A396854A00F1273EA13193 ] PSI             C:\windows\system32\DRIVERS\psi_mf.sys
11:11:01.0685 0x25e8  PSI - ok
11:11:01.0951 0x25e8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
11:11:02.0049 0x25e8  ql2300 - ok
11:11:02.0086 0x25e8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
11:11:02.0091 0x25e8  ql40xx - ok
11:11:02.0127 0x25e8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
11:11:02.0137 0x25e8  QWAVE - ok
11:11:02.0172 0x25e8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
11:11:02.0176 0x25e8  QWAVEdrv - ok
11:11:02.0228 0x25e8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
11:11:02.0231 0x25e8  RasAcd - ok
11:11:02.0276 0x25e8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
11:11:02.0280 0x25e8  RasAgileVpn - ok
11:11:02.0375 0x25e8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
11:11:02.0385 0x25e8  RasAuto - ok
11:11:02.0473 0x25e8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
11:11:02.0481 0x25e8  Rasl2tp - ok
11:11:02.0583 0x25e8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
11:11:02.0603 0x25e8  RasMan - ok
11:11:02.0651 0x25e8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
11:11:02.0655 0x25e8  RasPppoe - ok
11:11:02.0673 0x25e8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
11:11:02.0706 0x25e8  RasSstp - ok
11:11:02.0771 0x25e8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
11:11:02.0785 0x25e8  rdbss - ok
11:11:02.0851 0x25e8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
11:11:02.0854 0x25e8  rdpbus - ok
11:11:02.0896 0x25e8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
11:11:02.0929 0x25e8  RDPCDD - ok
11:11:02.0963 0x25e8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
11:11:02.0965 0x25e8  RDPENCDD - ok
11:11:03.0039 0x25e8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
11:11:03.0041 0x25e8  RDPREFMP - ok
11:11:03.0109 0x25e8  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
11:11:03.0123 0x25e8  RDPWD - ok
11:11:03.0196 0x25e8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
11:11:03.0204 0x25e8  rdyboost - ok
11:11:03.0264 0x25e8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
11:11:03.0274 0x25e8  RemoteAccess - ok
11:11:03.0429 0x25e8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
11:11:03.0443 0x25e8  RemoteRegistry - ok
11:11:03.0490 0x25e8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
11:11:03.0494 0x25e8  RpcEptMapper - ok
11:11:03.0570 0x25e8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
11:11:03.0574 0x25e8  RpcLocator - ok
11:11:03.0671 0x25e8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\System32\rpcss.dll
11:11:03.0689 0x25e8  RpcSs - ok
11:11:03.0744 0x25e8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
11:11:03.0750 0x25e8  rspndr - ok
11:11:03.0846 0x25e8  [ 907C4464381B5EBDFDC60F6C7D0DEDFC, A39EB4C0858A3CA2D8AFE6D52809EC41795FD7A2F3F157D9CBCCB84BE7958A89 ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
11:11:03.0861 0x25e8  RSUSBSTOR - ok
11:11:03.0925 0x25e8  [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A, 9F6CFBE7E64A63E0AFEF546C4B8D889657B2055CE80279EA1B63EB5650E730F8 ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
11:11:03.0941 0x25e8  RTL8167 - ok
11:11:04.0020 0x25e8  [ A8ED9726734D403217A4861A6788B144, 8982F6A5C6567D7D765B2093617C943B30327037BC7DB6CB1BABE7BB0739F9FA ] rtl8192se       C:\windows\system32\DRIVERS\rtl8192se.sys
11:11:04.0049 0x25e8  rtl8192se - ok
11:11:04.0065 0x25e8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\windows\system32\lsass.exe
11:11:04.0067 0x25e8  SamSs - ok
11:11:04.0115 0x25e8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
11:11:04.0119 0x25e8  sbp2port - ok
11:11:04.0176 0x25e8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
11:11:04.0183 0x25e8  SCardSvr - ok
11:11:04.0217 0x25e8  SCardSvr32 - ok
11:11:04.0259 0x25e8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
11:11:04.0314 0x25e8  scfilter - ok
11:11:04.0506 0x25e8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
11:11:04.0567 0x25e8  Schedule - ok
11:11:04.0620 0x25e8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
11:11:04.0624 0x25e8  SCPolicySvc - ok
11:11:04.0702 0x25e8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
11:11:04.0710 0x25e8  SDRSVC - ok
11:11:04.0757 0x25e8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
11:11:04.0767 0x25e8  secdrv - ok
11:11:04.0812 0x25e8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
11:11:04.0816 0x25e8  seclogon - ok
11:11:04.0989 0x25e8  [ FC4842CECAF2A938BE13A6C534034088, 61593E6390D94B554660BA321D919368865BB2970A3E43EB9AD4A45277434F20 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
11:11:05.0020 0x25e8  Secunia PSI Agent - ok
11:11:05.0075 0x25e8  [ 401C960E9C95D35CFFB17CA57C4406FB, 5D742629A8FAEC2DCD68F5B75E883F8F02F157584D86AA25D82DD16447394823 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
11:11:05.0087 0x25e8  Secunia Update Agent - ok
11:11:05.0148 0x25e8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\system32\sens.dll
11:11:05.0153 0x25e8  SENS - ok
11:11:05.0193 0x25e8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
11:11:05.0198 0x25e8  SensrSvc - ok
11:11:05.0227 0x25e8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
11:11:05.0230 0x25e8  Serenum - ok
11:11:05.0290 0x25e8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\DRIVERS\serial.sys
11:11:05.0293 0x25e8  Serial - ok
11:11:05.0384 0x25e8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
11:11:05.0387 0x25e8  sermouse - ok
11:11:05.0474 0x25e8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
11:11:05.0480 0x25e8  SessionEnv - ok
11:11:05.0534 0x25e8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
11:11:05.0564 0x25e8  sffdisk - ok
11:11:05.0593 0x25e8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
11:11:05.0595 0x25e8  sffp_mmc - ok
11:11:05.0620 0x25e8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
11:11:05.0623 0x25e8  sffp_sd - ok
11:11:05.0660 0x25e8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
11:11:05.0664 0x25e8  sfloppy - ok
11:11:05.0815 0x25e8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
11:11:05.0828 0x25e8  SharedAccess - ok
11:11:05.0888 0x25e8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
11:11:05.0902 0x25e8  ShellHWDetection - ok
11:11:05.0949 0x25e8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
11:11:05.0953 0x25e8  SiSRaid2 - ok
11:11:05.0975 0x25e8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
11:11:05.0979 0x25e8  SiSRaid4 - ok
11:11:06.0017 0x25e8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
11:11:06.0022 0x25e8  Smb - ok
11:11:06.0061 0x25e8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
11:11:06.0063 0x25e8  SNMPTRAP - ok
11:11:06.0118 0x25e8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
11:11:06.0122 0x25e8  spldr - ok
11:11:06.0318 0x25e8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
11:11:06.0362 0x25e8  Spooler - ok
11:11:06.0685 0x25e8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
11:11:06.0869 0x25e8  sppsvc - ok
11:11:06.0940 0x25e8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
11:11:06.0949 0x25e8  sppuinotify - ok
11:11:07.0083 0x25e8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
11:11:07.0099 0x25e8  srv - ok
11:11:07.0219 0x25e8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
11:11:07.0243 0x25e8  srv2 - ok
11:11:07.0308 0x25e8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
11:11:07.0316 0x25e8  srvnet - ok
11:11:07.0364 0x25e8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
11:11:07.0375 0x25e8  SSDPSRV - ok
11:11:07.0394 0x25e8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
11:11:07.0400 0x25e8  SstpSvc - ok
11:11:07.0466 0x25e8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
11:11:07.0471 0x25e8  stexstor - ok
11:11:07.0597 0x25e8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
11:11:07.0616 0x25e8  stisvc - ok
11:11:07.0661 0x25e8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\drivers\swenum.sys
11:11:07.0663 0x25e8  swenum - ok
11:11:07.0757 0x25e8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
11:11:07.0776 0x25e8  swprv - ok
11:11:07.0828 0x25e8  [ 52EB25BD8AB4E331028C48B178441B36, 72A907F447ADB4EF307A06D2BC1052BB2F3ED0F10DC13391DB8B43665F81FD74 ] sxuptp          C:\windows\system32\DRIVERS\sxuptp.sys
11:11:07.0838 0x25e8  sxuptp - ok
11:11:07.0871 0x25e8  [ 470C47DABA9CA3966F0AB3F835D7D135, BF98E48B05F37F8ABE264BF77355391A08955057E24AE456A5637D56BDFD40A5 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
11:11:07.0882 0x25e8  SynTP - ok
11:11:08.0077 0x25e8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
11:11:08.0187 0x25e8  SysMain - ok
11:11:08.0328 0x25e8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
11:11:08.0336 0x25e8  TabletInputService - ok
11:11:08.0393 0x25e8  [ F0B9D3ED88E56D3CD713DFF21E42AAF0, D914422032A6EC6B161F20CD040B631F8AF18D4B942F6CBE7E32069EBF551B6A ] tap0901         C:\windows\system32\DRIVERS\tap0901.sys
11:11:08.0412 0x25e8  tap0901 - ok
11:11:08.0462 0x25e8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
11:11:08.0477 0x25e8  TapiSrv - ok
11:11:08.0652 0x25e8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
11:11:08.0657 0x25e8  TBS - ok
11:11:08.0947 0x25e8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\windows\system32\drivers\tcpip.sys
11:11:09.0083 0x25e8  Tcpip - ok
11:11:09.0197 0x25e8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
11:11:09.0239 0x25e8  TCPIP6 - ok
11:11:09.0293 0x25e8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
11:11:09.0333 0x25e8  tcpipreg - ok
11:11:09.0390 0x25e8  [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst        C:\windows\system32\DRIVERS\tdcmdpst.sys
11:11:09.0392 0x25e8  tdcmdpst - ok
11:11:09.0460 0x25e8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
11:11:09.0462 0x25e8  TDPIPE - ok
11:11:09.0510 0x25e8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
11:11:09.0526 0x25e8  TDTCP - ok
11:11:09.0627 0x25e8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
11:11:09.0655 0x25e8  tdx - ok
11:11:09.0697 0x25e8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\drivers\termdd.sys
11:11:09.0701 0x25e8  TermDD - ok
11:11:09.0832 0x25e8  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\windows\System32\termsrv.dll
11:11:09.0858 0x25e8  TermService - ok
11:11:09.0901 0x25e8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
11:11:09.0905 0x25e8  Themes - ok
11:11:09.0992 0x25e8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
11:11:09.0998 0x25e8  THREADORDER - ok
11:11:10.0129 0x25e8  [ 28644B0523D64EFF2FC7312A2EE74B0A, 09A36DE0B2B90842BD5B8353CC34B7C71C0FBBF6DD5862720FCEE760849C4561 ] TMachInfo       C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
11:11:10.0135 0x25e8  TMachInfo - ok
11:11:10.0209 0x25e8  [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
11:11:10.0353 0x25e8  TODDSrv - ok
11:11:11.0478 0x25e8  [ 98C864481D62F86EC8AF65BE3419A95B, 61F0C7CBFAB151FBB62081A37C655D4E818A558E140F3F3BA5C26B024AE24EBB ] TosCoSrv        C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
11:11:11.0497 0x25e8  TosCoSrv - ok
11:11:11.0588 0x25e8  [ 2AB7A4697462EDB0C9DFAFC529746BA9, 4EAF4839CA35C8FCE9C086D43E7417E52F0714A2227AE983C0B5C88A66A1B554 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
11:11:11.0596 0x25e8  TOSHIBA eco Utility Service - ok
11:11:11.0659 0x25e8  [ 74C2FA8C3765EE71A9C22182EC108457, A7073FAB6CE6FB9824544A9CDCCA441D08FD87D68EB564DCB1186FC257776221 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
11:11:11.0669 0x25e8  TOSHIBA HDD SSD Alert Service - ok
11:11:11.0874 0x25e8  [ 97687D094AA597DA366E1194B218CC6C, 8A617E1901235518FDB7504FCDCE641D9F7C5D256A11D5FEFD35E7696972E2B8 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
11:11:11.0922 0x25e8  TPCHSrv - ok
11:11:12.0113 0x25e8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
11:11:12.0126 0x25e8  TrkWks - ok
11:11:12.0208 0x25e8  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\windows\system32\drivers\truecrypt.sys
11:11:12.0252 0x25e8  truecrypt - ok
11:11:12.0457 0x25e8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
11:11:12.0469 0x25e8  TrustedInstaller - ok
11:11:12.0522 0x25e8  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
11:11:12.0559 0x25e8  tssecsrv - ok
11:11:12.0622 0x25e8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
11:11:12.0629 0x25e8  TsUsbFlt - ok
11:11:12.0730 0x25e8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
11:11:12.0738 0x25e8  tunnel - ok
11:11:12.0785 0x25e8  [ 550B567F9364D8F7684C3FB3EA665A72, A214BBBBAB9F0DD525FA5A818CEB8E9294B4A96676317255D7ACF6049049C933 ] TVALZ           C:\windows\system32\DRIVERS\TVALZ_O.SYS
11:11:12.0788 0x25e8  TVALZ - ok
11:11:12.0804 0x25e8  [ 9C7191F4B2E49BFF47A6C1144B5923FA, DF4E663499946F4E68B7528CA399574D1EB69797FF81F681943B84F3E5E6A40E ] TVALZFL         C:\windows\system32\DRIVERS\TVALZFL.sys
11:11:12.0806 0x25e8  TVALZFL - ok
11:11:12.0867 0x25e8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
11:11:12.0874 0x25e8  uagp35 - ok
11:11:12.0955 0x25e8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
11:11:12.0968 0x25e8  udfs - ok
11:11:13.0013 0x25e8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
11:11:13.0021 0x25e8  UI0Detect - ok
11:11:13.0115 0x25e8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
11:11:13.0120 0x25e8  uliagpkx - ok
11:11:13.0174 0x25e8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\drivers\umbus.sys
11:11:13.0178 0x25e8  umbus - ok
11:11:13.0224 0x25e8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
11:11:13.0227 0x25e8  UmPass - ok
11:11:13.0789 0x25e8  [ 41118D920B2B268C0ADC36421248CDCF, 4F99C4913DCFE02B0783FD97F02558E4DD4D7C98553D95A8E26FAAA0C0D67616 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:11:13.0934 0x25e8  UNS - ok
11:11:14.0037 0x25e8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
11:11:14.0060 0x25e8  upnphost - ok
11:11:14.0201 0x25e8  [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys
11:11:14.0208 0x25e8  USBAAPL64 - ok
11:11:14.0270 0x25e8  [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
11:11:14.0580 0x25e8  usbccgp - ok
11:11:14.0655 0x25e8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
11:11:14.0660 0x25e8  usbcir - ok
11:11:14.0720 0x25e8  [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
11:11:14.0724 0x25e8  usbehci - ok
11:11:14.0760 0x25e8  [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
11:11:14.0772 0x25e8  usbhub - ok
11:11:14.0818 0x25e8  [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci         C:\windows\system32\drivers\usbohci.sys
11:11:14.0822 0x25e8  usbohci - ok
11:11:14.0901 0x25e8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
11:11:14.0905 0x25e8  usbprint - ok
11:11:14.0970 0x25e8  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\windows\system32\drivers\usbscan.sys
11:11:14.0973 0x25e8  usbscan - ok
11:11:15.0021 0x25e8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
11:11:15.0026 0x25e8  USBSTOR - ok
11:11:15.0070 0x25e8  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
11:11:15.0072 0x25e8  usbuhci - ok
11:11:15.0161 0x25e8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
11:11:15.0172 0x25e8  usbvideo - ok
11:11:15.0216 0x25e8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
11:11:15.0221 0x25e8  UxSms - ok
11:11:15.0266 0x25e8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\windows\system32\lsass.exe
11:11:15.0269 0x25e8  VaultSvc - ok
11:11:15.0323 0x25e8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
11:11:15.0325 0x25e8  vdrvroot - ok
11:11:15.0492 0x25e8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
11:11:15.0586 0x25e8  vds - ok
11:11:15.0665 0x25e8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
11:11:15.0668 0x25e8  vga - ok
11:11:15.0712 0x25e8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
11:11:15.0716 0x25e8  VgaSave - ok
11:11:15.0787 0x25e8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
11:11:15.0798 0x25e8  vhdmp - ok
11:11:15.0893 0x25e8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
11:11:15.0898 0x25e8  viaide - ok
11:11:15.0929 0x25e8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
11:11:15.0933 0x25e8  volmgr - ok
11:11:16.0001 0x25e8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
11:11:16.0016 0x25e8  volmgrx - ok
11:11:16.0116 0x25e8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys
11:11:16.0128 0x25e8  volsnap - ok
11:11:16.0242 0x25e8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
11:11:16.0250 0x25e8  vsmraid - ok
11:11:16.0473 0x25e8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
11:11:16.0543 0x25e8  VSS - ok
11:11:16.0619 0x25e8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
11:11:16.0654 0x25e8  vwifibus - ok
11:11:16.0700 0x25e8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
11:11:16.0704 0x25e8  vwififlt - ok
11:11:16.0839 0x25e8  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
11:11:16.0843 0x25e8  vwifimp - ok
11:11:16.0957 0x25e8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
11:11:16.0973 0x25e8  W32Time - ok
11:11:17.0024 0x25e8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
11:11:17.0027 0x25e8  WacomPen - ok
11:11:17.0098 0x25e8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
11:11:17.0107 0x25e8  WANARP - ok
11:11:17.0118 0x25e8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
11:11:17.0121 0x25e8  Wanarpv6 - ok
11:11:17.0342 0x25e8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
11:11:17.0492 0x25e8  WatAdminSvc - ok
11:11:17.0722 0x25e8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
11:11:17.0827 0x25e8  wbengine - ok
11:11:17.0883 0x25e8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
11:11:17.0929 0x25e8  WbioSrvc - ok
11:11:17.0984 0x25e8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
11:11:17.0998 0x25e8  wcncsvc - ok
11:11:18.0039 0x25e8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
11:11:18.0043 0x25e8  WcsPlugInService - ok
11:11:18.0083 0x25e8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\DRIVERS\wd.sys
11:11:18.0088 0x25e8  Wd - ok
11:11:18.0193 0x25e8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
11:11:18.0258 0x25e8  Wdf01000 - ok
11:11:18.0303 0x25e8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\windows\system32\wdi.dll
11:11:18.0308 0x25e8  WdiServiceHost - ok
11:11:18.0314 0x25e8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\windows\system32\wdi.dll
11:11:18.0318 0x25e8  WdiSystemHost - ok
11:11:18.0404 0x25e8  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll
11:11:18.0419 0x25e8  WebClient - ok
11:11:18.0463 0x25e8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
11:11:18.0472 0x25e8  Wecsvc - ok
11:11:18.0507 0x25e8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
11:11:18.0512 0x25e8  wercplsupport - ok
11:11:18.0526 0x25e8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
11:11:18.0553 0x25e8  WerSvc - ok
11:11:18.0618 0x25e8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
11:11:18.0620 0x25e8  WfpLwf - ok
11:11:18.0766 0x25e8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
11:11:18.0770 0x25e8  WIMMount - ok
11:11:18.0820 0x25e8  WinDefend - ok
11:11:18.0848 0x25e8  WinHttpAutoProxySvc - ok
11:11:18.0910 0x25e8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
11:11:18.0922 0x25e8  Winmgmt - ok
11:11:19.0322 0x25e8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\windows\system32\WsmSvc.dll
11:11:19.0485 0x25e8  WinRM - ok
11:11:19.0782 0x25e8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
11:11:19.0829 0x25e8  WinUsb - ok
11:11:20.0007 0x25e8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
11:11:20.0035 0x25e8  Wlansvc - ok
11:11:20.0600 0x25e8  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:11:20.0751 0x25e8  wlidsvc - ok
11:11:20.0871 0x25e8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
11:11:20.0875 0x25e8  WmiAcpi - ok
11:11:21.0005 0x25e8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
11:11:21.0019 0x25e8  wmiApSrv - ok
11:11:21.0088 0x25e8  WMPNetworkSvc - ok
11:11:21.0201 0x25e8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
11:11:21.0207 0x25e8  WPCSvc - ok
11:11:21.0338 0x25e8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
11:11:21.0349 0x25e8  WPDBusEnum - ok
11:11:21.0517 0x25e8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
11:11:21.0521 0x25e8  ws2ifsl - ok
11:11:21.0654 0x25e8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\system32\wscsvc.dll
11:11:21.0663 0x25e8  wscsvc - ok
11:11:21.0670 0x25e8  WSearch - ok
11:11:22.0043 0x25e8  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\windows\system32\wuaueng.dll
11:11:22.0141 0x25e8  wuauserv - ok
11:11:22.0234 0x25e8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
11:11:22.0283 0x25e8  WudfPf - ok
11:11:22.0513 0x25e8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
11:11:22.0528 0x25e8  WUDFRd - ok
11:11:22.0632 0x25e8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
11:11:22.0682 0x25e8  wudfsvc - ok
11:11:22.0816 0x25e8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll
11:11:22.0834 0x25e8  WwanSvc - ok
11:11:22.0897 0x25e8  ================ Scan global ===============================
11:11:23.0017 0x25e8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
11:11:23.0135 0x25e8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
11:11:23.0156 0x25e8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
11:11:23.0379 0x25e8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
11:11:23.0543 0x25e8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
11:11:23.0583 0x25e8  [ Global ] - ok
11:11:23.0583 0x25e8  ================ Scan MBR ==================================
11:11:23.0613 0x25e8  [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
11:11:24.0050 0x25e8  \Device\Harddisk0\DR0 - ok
11:11:24.0053 0x25e8  ================ Scan VBR ==================================
11:11:24.0090 0x25e8  [ 76E9B72374F429C7BF393FE2F6C1EA4C ] \Device\Harddisk0\DR0\Partition1
11:11:24.0092 0x25e8  \Device\Harddisk0\DR0\Partition1 - ok
11:11:24.0092 0x25e8  ================ Scan generic autorun ======================
11:11:24.0167 0x25e8  [ 810A5F70CEB063CEC85360394BEC2C56, FCC289B23B2347AD7C34B48E6EFB1914B5ED8D9DD397B0816D94747B168DFD64 ] C:\windows\system32\igfxtray.exe
11:11:24.0179 0x25e8  IgfxTray - ok
11:11:24.0375 0x25e8  [ 2FE8F6A30802B69A3F501607F346DEEA, CD603DB6055861E9EAD397234120FBE0D3CACEFADB0D6001099CF0DA9DF1CC34 ] C:\windows\system32\hkcmd.exe
11:11:24.0398 0x25e8  HotKeysCmds - ok
11:11:24.0479 0x25e8  [ CA1941B93BA45B7EA4D7D9F451B25C84, B0648762862931CB12004C92CD7A7EF8E3B1C14DD33C980A490D8AA56F7AA723 ] C:\windows\system32\igfxpers.exe
11:11:24.0499 0x25e8  Persistence - ok
11:11:24.0661 0x25e8  [ F6F938C8D91C88B2E3536D4F4CDC8E91, 2718C62B52FF2E32DB2C2890A9D0FF9DA6F1C0CF04DE4C66E98019358308BC33 ] C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
11:11:24.0679 0x25e8  WinPatrol - ok
11:11:24.0680 0x25e8  TPwrMain - ok
11:11:24.0683 0x25e8  TosWaitSrv - ok
11:11:24.0801 0x25e8  [ F82483A80D49ACCA81193A294FB233CD, 7EEA9E7F62A92AD98569B1A4F4809D91D7ED671821A738EB75BC6E469DB44494 ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
11:11:24.0804 0x25e8  TosVolRegulator - ok
11:11:24.0998 0x25e8  [ F9EF20F6FDA1444C0864BD7AEDC10CAF, E6A18BD7200E7DE7599753DA27469AEC479A315931956D457547F243FCB92C2A ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
11:11:25.0020 0x25e8  TosSENotify - ok
11:11:25.0023 0x25e8  TosReelTimeMonitor - ok
11:11:25.0025 0x25e8  TosNC - ok
11:11:25.0050 0x25e8  Teco - ok
11:11:25.0050 0x25e8  SynTPEnh - ok
11:11:25.0053 0x25e8  SmoothView - ok
11:11:25.0055 0x25e8  SmartFaceVWatcher - ok
11:11:27.0978 0x25e8  [ 12A5B2D07E28D9BF17CFE60255AE7448, 15CEBC602FC6241C23162DF9ECC847B056A997CBB5DE2C95A3E448288C60DA48 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:11:28.0453 0x25e8  RtHDVCpl - ok
11:11:28.0839 0x25e8  [ B8E26DEBBC8C732E12F6F941C3983277, 4320FFBD8DF3F0A00B6F7DDAB7306921345E7FC8FB0BDBEB466F3AFBA2C44B6D ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:11:28.0992 0x25e8  RtHDVBg - ok
11:11:28.0994 0x25e8  HSON - ok
11:11:28.0998 0x25e8  00TCrdMain - ok
11:11:29.0202 0x25e8  [ 995BEB69AE5C50D354894354F5A6CD5A, 5BA25F2C6FBA9F8B790AFBB47B6F59BD70FCEEE55AD3D061027D3951A734F299 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
11:11:29.0213 0x25e8  SunJavaUpdateSched - ok
11:11:29.0447 0x25e8  [ EE1111977B9995D5E8CBB72C0591EA0E, E96503B78041412EEBE639FFCFBEF81EF900EA5AA4D8D8744CF5711007CEDF56 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
11:11:29.0657 0x25e8  APSDaemon - ok
11:11:29.0841 0x25e8  [ 714C602C1B8CEF17E25C753F1BACF78D, E0B0DC548CA9DA7F3D0EEE9EDACC9058D5C845E8B03B841434EB1E03683A9B73 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
11:11:29.0891 0x25e8  AppleSyncNotifier - ok
11:11:30.0234 0x25e8  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
11:11:30.0283 0x25e8  Adobe ARM - ok
11:11:30.0397 0x25e8  [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files (x86)\QuickTime\QTTask.exe
11:11:30.0473 0x25e8  QuickTime Task - ok
11:11:30.0544 0x25e8  [ 085BE68B52CE5A5FA4621507AD518CF3, A1761157760F68FE00F34B0182D1D8629EFE7753F4582C6F5ECD422627A8489E ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
11:11:30.0615 0x25e8  iTunesHelper - ok
11:11:30.0950 0x25e8  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
11:11:30.0980 0x25e8  RESTART_STICKY_NOTES - ok
11:11:32.0105 0x25e8  [ 32E8A4FCE03B255E7C7448F3B4910BC0, 56EA3F53A5636549271C18FE6126D7F572F97415852D27B966E32304B4A70004 ] C:\Users\Beejous\AppData\Roaming\Spotify\SpotifyWebHelper.exe
11:11:32.0228 0x25e8  Spotify Web Helper - ok
11:11:32.0234 0x25e8  MobileDocuments - ok
11:11:32.0431 0x25e8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Beejous\AppData\Local\Google\Update\GoogleUpdate.exe
11:11:32.0435 0x25e8  Google Update - ok
11:11:33.0813 0x25e8  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\windows\SysWOW64\Rundll32.exe
11:11:33.0815 0x25e8  BackgroundContainer - ok
11:11:34.0001 0x25e8  Skype - ok
11:11:35.0774 0x25e8  [ 60428B7F66FE3A08DE7FCB12A5EA58F6, 3C0F9FD7646B324F3EB5775D75BAA72E1B90AA0ADD8F812603565769943954DF ] C:\Users\Beejous\AppData\Roaming\Spotify\Spotify.exe
11:11:36.0160 0x25e8  Spotify - ok
11:11:42.0719 0x25e8  [ 2EC58592401DF51E46BF79523A5E35F2, 2B3CFC4FD12D2C1DF33E7F815F4453FDBDF4C6672BFE32D038CED0F16398EB46 ] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe
11:11:42.0842 0x25e8  FlashPlayerUpdate - ok
11:11:42.0843 0x25e8  Waiting for KSN requests completion. In queue: 14
11:11:43.0845 0x25e8  Waiting for KSN requests completion. In queue: 14
11:11:44.0846 0x25e8  Waiting for KSN requests completion. In queue: 1
11:11:45.0847 0x25e8  Waiting for KSN requests completion. In queue: 1
11:11:46.0848 0x25e8  Waiting for KSN requests completion. In queue: 1
11:11:50.0411 0x25e8  Win FW state via NFP2: disabled
11:11:55.0414 0x25e8  ============================================================
11:11:55.0414 0x25e8  Scan finished
11:11:55.0414 0x25e8  ============================================================
11:11:55.0432 0x1480  Detected object count: 0
11:11:55.0432 0x1480  Actual detected object count: 0
 



#7 bjohnson1982

bjohnson1982
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:09:23 PM

Posted 30 March 2015 - 11:30 AM

AdwCleaner:

# AdwCleaner v4.200 - Logfile created 30/03/2015 at 11:16:47
# Updated 29/03/2015 by Xplode
# Database : 2015-03-29.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Beejous - BRIANS-PC
# Running from : C:\Users\Beejous\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage
File Found : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage-journal
File Found : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage
File Found : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage-journal
File Found : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Found : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
File Found : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_utorrent.en.softonic.com_0.localstorage
File Found : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_utorrent.en.softonic.com_0.localstorage-journal
File Found : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Found : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Found : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta.com_0.localstorage
File Found : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta.com_0.localstorage-journal
File Found : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage
File Found : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage-journal
File Found : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.delta.com_0.localstorage
File Found : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.delta.com_0.localstorage-journal
File Found : C:\Users\Beejous\AppData\LocalLow\SkwConfig.bin
File Found : C:\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\invalidprefs.js
File Found : C:\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\searchplugins\conduit-search.xml
File Found : C:\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\user.js
File Found : C:\windows\System32\dmwu.exe
File Found : C:\windows\System32\ImhxxpComm.dll
Folder Found : C:\Program Files (x86)\AVG\AVG10\Toolbar
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\Conduit
Folder Found : C:\Users\Beejous\AppData\Local\apn
Folder Found : C:\Users\Beejous\AppData\Local\Conduit
Folder Found : C:\Users\Beejous\AppData\Local\PutLockerDownloader
Folder Found : C:\Users\Beejous\AppData\LocalLow\AVG Security Toolbar
Folder Found : C:\Users\Beejous\AppData\LocalLow\Conduit
Folder Found : C:\Users\Beejous\AppData\LocalLow\HPAppData
Folder Found : C:\Users\Beejous\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Beejous\AppData\Roaming\HPAppData
Folder Found : C:\Users\Beejous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
Folder Found : C:\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\Extensions\{7e8a1050-cf67-4575-92df-dcc60e7d952d}
Folder Found : C:\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\Extensions\ftdownloader4@ftdownloader.com.xpi
Folder Found : C:\Users\Beejous\AppData\Roaming\Mozilla\Firefox\Profiles\i4rz5632.default\Extensions\wecarereminder@bryan
Folder Found : C:\Users\Beejous\AppData\Roaming\pccustubinstaller
Folder Found : C:\windows\System32\ljkb
Folder Found : C:\windows\SysWOW64\ARFC
Folder Found : C:\windows\SysWOW64\jmdp
Folder Found : C:\windows\SysWOW64\WNLT

***** [ Scheduled tasks ] *****

Task Found : BackgroundContainer Startup Task

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PassShow
Key Found : HKCU\Software\AppDataLow\Software\SweetPacks
Key Found : HKCU\Software\AppDataLow\Software\SweetPacks
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Bitberry
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DownLite
Key Found : HKCU\Software\Google\Chrome\Extensions\banjjklfojcdbofbhbgiedekefohoaff
Key Found : HKCU\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DA0037CB-F947-45D2-89FE-7C9D62D8D3F1}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E5F48AA8-25CE-4DAB-A5F1-819B428DA417}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\wecarereminder
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\Bitberry
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\DownLite
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\ImInstaller
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DA0037CB-F947-45D2-89FE-7C9D62D8D3F1}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E5F48AA8-25CE-4DAB-A5F1-819B428DA417}
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\wecarereminder
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Classes\FTDownloader
Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\banjjklfojcdbofbhbgiedekefohoaff
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bebnnlollpcjnfpkafhoclljaojgnfok
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD17920C-5AD1-4FAB-97D0-BD9CBA0A0C5C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB46BC47-9C94-45AA-AEB2-E88AB9E8AFCC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Found : HKLM\SOFTWARE\SweetPacks
Key Found : HKLM\SOFTWARE\SweetPacks
Key Found : HKLM\SOFTWARE\Uniblue
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Key Found : [x64] HKLM\SOFTWARE\WNLT
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]

***** [ Web browsers ] *****

-\\ Internet Explorer v9.0.8112.16490


-\\ Mozilla Firefox v36.0.4 (x86 en-US)

[i4rz5632.default] - Line Found : user_pref("CT3310511.smartbar.homepage", "true");
[i4rz5632.default] - Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
[i4rz5632.default] - Line Found : user_pref("browser.search.defaultthis.engineName", "SweetPacks Customized Web Search");
[i4rz5632.default] - Line Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3310511&CUI=UN16010581272129944&UM=2&SearchSource=3&q={searchTerms}");
[i4rz5632.default] - Line Found : user_pref("browser.search.selectedEngine", "Conduit Search");
[i4rz5632.default] - Line Found : user_pref("extensions.enabledItems", "vshare@toolbar:1.0.0,{88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.2.3.3,{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906,{23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2[...]
[i4rz5632.default] - Line Found : user_pref("extensions.wecarereminder.merchHash", "{\"AFFILIATES\":{\"1-Sale-A-Day\":{\"name\":\"1 Sale A Day\",\"autordr\":1,\"n\":\"3\",\"td\":1.5},\"1and1Internet\":{\"name\":\"1&1 Internet Inc.\",\[...]
[i4rz5632.default] - Line Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3310511&SearchSource=2&CUI=UN16010581272129944&UM=2&q=");
[i4rz5632.default] - Line Found : user_pref("smartbar.addressBarOwnerCTID", "CT3310511");
[i4rz5632.default] - Line Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3310511&CUI=UN16010581272129944&UM=2&SearchSource=13");
[i4rz5632.default] - Line Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3310511&SearchSource=2&CUI=UN16010581272129944&UM=2&q=");
[i4rz5632.default] - Line Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT3310511");
[i4rz5632.default] - Line Found : user_pref("smartbar.homePageOwnerCTID", "CT3310511");
[i4rz5632.default] - Line Found : user_pref("smartbar.machineId", "FDLRV4ZBLFAXH71PKUKHFV6RAWBIKEKTTX6CHQKDA+MFQEDWUOZ2KKXVBEUUJ01QAJKMYYGF9KOJLZEMLDVJ3A");

-\\ Google Chrome v

[C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
[C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : flpcjncodpafbgdpnkljologafpionhb
[C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : dknkjnkhedbanphkkpbpcgoblmkbfhlf
[C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : banjjklfojcdbofbhbgiedekefohoaff

*************************

AdwCleaner[R0].txt - [20125 bytes] - [30/03/2015 11:16:47]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [20185 bytes] ##########
 

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.8 (03.30.2015:1)
OS: Windows 7 Home Premium x64
Ran by Beejous on Mon 03/30/2015 at 11:23:46.81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?

    Value Name          Type                             Value Data                     
========================================================================================
    BackgroundContainer    REG_SZ    "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Beejous\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun




~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskPartnerCobrandingTool_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskPartnerCobrandingTool_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnStub_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnStub_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskPartnerCobrandingTool_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskPartnerCobrandingTool_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7C7C4D22-CD15-4A24-BBDD-ADCF1513DB7C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AD51669A-A40D-4A39-BA9F-71F67D909978}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DA0037CB-F947-45D2-89FE-7C9D62D8D3F1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E5F48AA8-25CE-4DAB-A5F1-819B428DA417}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F331D829-A93A-4003-B743-7505521DD065}



~~~ Files

Successfully deleted: [File] "C:\Users\Beejous\appdata\local\google\chrome\user data\default\local storage\http_www.ask.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Beejous\appdata\local\google\chrome\user data\default\local storage\http_www.ask.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\Beejous\appdata\local\google\chrome\user data\default\local storage\http_www.azlyrics.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Beejous\appdata\local\google\chrome\user data\default\local storage\http_www.azlyrics.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\Beejous\appdata\locallow\skwconfig.bin"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\conduit"
Successfully deleted: [Folder] "C:\ProgramData\flexnet"
Successfully deleted: [Folder] "C:\Users\Beejous\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\Beejous\AppData\Roaming\pccustubinstaller"
Successfully deleted: [Folder] "C:\Users\Beejous\appdata\local\apn"
Successfully deleted: [Folder] "C:\Users\Beejous\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Beejous\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Beejous\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Beejous\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\Beejous\appdata\locallow\sweetpacks"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\windows\system32\arfc"
Successfully deleted: [Folder] "C:\windows\system32\jmdp"
Successfully deleted: [Folder] "C:\windows\system32\wnlt"



~~~ FireFox

Successfully deleted: [File] C:\Users\Beejous\AppData\Roaming\mozilla\firefox\profiles\i4rz5632.default\user.js
Successfully deleted: [File] C:\Users\Beejous\AppData\Roaming\mozilla\firefox\profiles\i4rz5632.default\invalidprefs.js
Successfully deleted: [File] C:\Users\Beejous\AppData\Roaming\mozilla\firefox\profiles\i4rz5632.default\extensions\ftdownloader4@ftdownloader.com.xpi
Successfully deleted: [File] C:\Users\Beejous\AppData\Roaming\mozilla\firefox\profiles\i4rz5632.default\searchplugins\conduit-search.xml
Successfully deleted: [Folder] C:\Users\Beejous\AppData\Roaming\mozilla\firefox\profiles\i4rz5632.default\extensions\wecarereminder@bryan
Failed to delete: [Folder] C:\Users\Beejous\AppData\Roaming\mozilla\firefox\profiles\i4rz5632.default\extensions\{7e8a1050-cf67-4575-92df-dcc60e7d952d}
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\{184aa5e6-741d-464a-820e-94b3abc2f3b4}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{184aa5e6-741d-464a-820e-94b3abc2f3b4}
Successfully deleted the following from C:\Users\Beejous\AppData\Roaming\mozilla\firefox\profiles\i4rz5632.default\prefs.js

user_pref("CT3310511.FF19Solved", "true");
user_pref("CT3310511.UserID", "UN16010581272129944");
user_pref("CT3310511.browser.search.defaultthis.engineName", "true");
user_pref("CT3310511.fullUserID", "UN16010581272129944.IN.20131009093307");
user_pref("CT3310511.installDate", "09/10/2013 09:33:16");
user_pref("CT3310511.installSessionId", "{63378279-0046-4D17-B34D-DF6123E1DC2E}");
user_pref("CT3310511.installSp", "TRUE");
user_pref("CT3310511.installerVersion", "1.7.1.4");
user_pref("CT3310511.keyword", "true");
user_pref("CT3310511.originalHomepage", "GOOGLE.COM");
user_pref("CT3310511.originalSearchAddressUrl", "");
user_pref("CT3310511.originalSearchEngine", "");
user_pref("CT3310511.originalSearchEngineName", "");
user_pref("CT3310511.searchRevert", "false");
user_pref("CT3310511.searchUserMode", "2");
user_pref("CT3310511.smartbar.homepage", "true");
user_pref("CT3310511.versionFromInstaller", "10.20.1.8");
user_pref("CT3310511.xpeMode", "0");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
user_pref("browser.search.defaultthis.engineName", "SweetPacks Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3310511&CUI=UN16010581272129944&UM=2&SearchSource=3&q={searchTerms}");
user_pref("browser.search.selectedEngine", "Conduit Search");
user_pref("extensions.wecarereminder.merchHash", "{\"AFFILIATES\":{\"1-Sale-A-Day\":{\"name\":\"1 Sale A Day\",\"autordr\":1,\"n\":\"3\",\"td\":1.5},\"1and1Internet\":{\"name\
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3310511&SearchSource=2&CUI=UN16010581272129944&UM=2&q=");
user_pref("smartbar.addressBarOwnerCTID", "CT3310511");
user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3310511&CUI=UN16010581272129944&UM=2&SearchSource=13");
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3310511&SearchSource=2&CUI=UN16010581272129944&UM=2&q=");
user_pref("smartbar.defaultSearchOwnerCTID", "CT3310511");
user_pref("smartbar.homePageOwnerCTID", "CT3310511");
user_pref("smartbar.machineId", "FDLRV4ZBLFAXH71PKUKHFV6RAWBIKEKTTX6CHQKDA+MFQEDWUOZ2KKXVBEUUJ01QAJKMYYGF9KOJLZEMLDVJ3A");
Emptied folder: C:\Users\Beejous\AppData\Roaming\mozilla\firefox\profiles\i4rz5632.default\minidumps [182 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\banjjklfojcdbofbhbgiedekefohoaff
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\banjjklfojcdbofbhbgiedekefohoaff
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bebnnlollpcjnfpkafhoclljaojgnfok
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 03/30/2015 at 11:28:52.30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#8 bjohnson1982

bjohnson1982
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:09:23 PM

Posted 30 March 2015 - 02:36 PM

ESET:

C:\Qoobox\Quarantine\C\Windows\assembly\tmp\U\80000064.@.vir    a variant of Win64/Olmarik.AX trojan    cleaned by deleting - quarantined
C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000001    Win32/AdWare.1ClickDownload.AT application    cleaned by deleting - quarantined
C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000    Win32/AdWare.1ClickDownload.AV application    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (1).exe    NSIS/TrojanDownloader.Adload.AB trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (10).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (11).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (12).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (13).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (14).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (15).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (16).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (17).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (18).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (19).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (2).exe    NSIS/TrojanDownloader.Adload.AB trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (20).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (21).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (22).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (23).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (3).exe    NSIS/TrojanDownloader.Adload.AA trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (4).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (5).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (6).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (7).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (8).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome (9).exe    NSIS/TrojanDownloader.Adload.AP trojan    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\FLVPlayer-Chrome.exe    Win32/AdWare.1ClickDownload.AV application    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\Player-Chrome.exe    a variant of Win32/AdWare.iBryte.X application    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\Setup (1).exe    Win32/AdWare.iBryte.BI application    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\Setup.exe    Win32/AdWare.iBryte.BI application    cleaned by deleting - quarantined
C:\Users\Beejous\Downloads\StartDownload.exe    a variant of MSIL/Adware.WiseInstaller.A application    cleaned by deleting - quarantined
 



#9 bjohnson1982

bjohnson1982
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:09:23 PM

Posted 30 March 2015 - 04:02 PM

Malwarebytes

 

I appologize, I don't see how to attach a file..

Here's the contents.  If you want it attached please send instructions and I'll resend.

Thank you

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 3/30/2015
Scan Time: 2:42:33 PM
Logfile: MalwareBytes' Anti-Malware log file.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.03.30.08
Rootkit Database: v2015.03.26.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Beejous

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 389965
Time Elapsed: 50 min, 14 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 15
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1933893740-360370380-219397616-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, No Action By User, [d9d70f3c1d6d0234c1d56dc00ef5d12f],
PUP.Optional.BitTorrentBar.A, HKU\S-1-5-21-1933893740-360370380-219397616-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}, No Action By User, [416f60eb731772c4859ab475986bfc04],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, No Action By User, [357b2526a6e44fe763f3dd5593705ba5],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, No Action By User, [575969e25139e650b1a536fcf112ae52],
PUP.Optional.SweetPacks.A, HKLM\SOFTWARE\WOW6432NODE\SweetPacks, No Action By User, [87292e1d6228d36307f8884bac57a060],
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mhfdcmehmjcclgopdodkjdicohagipid, No Action By User, [cae6d27974164ee838f05872798a9e62],
PUP.Optional.WeCare, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{0228288D-975E-42F7-9993-E91A82E6BBD9}, No Action By User, [3080f4578208ca6cafe00ed34eb5f709],
PUP.Optional.WeCare, HKU\S-1-5-21-1933893740-360370380-219397616-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\wecarereminder, No Action By User, [9d13272496f41b1b7d1a41a0e122ff01],
PUP.Optional.Conduit.A, HKU\S-1-5-21-1933893740-360370380-219397616-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\ConduitSearchScopes, No Action By User, [3f716ae1e3a7ca6c252b2f9feb18db25],
PUP.Optional.Getsavin.A, HKU\S-1-5-21-1933893740-360370380-219397616-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\GetSavin, No Action By User, [4c641635c3c771c576770dc46b986b95],
PUP.Optional.PassShow.A, HKU\S-1-5-21-1933893740-360370380-219397616-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PassShow, No Action By User, [585882c9c9c1d0668326676c1ee556aa],
PUP.Optional.SweetPacks.A, HKU\S-1-5-21-1933893740-360370380-219397616-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\SweetPacks, No Action By User, [426e3b101872bc7a60a125afe023fa06],
PUP.Optional.WeCare, HKU\S-1-5-21-1933893740-360370380-219397616-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\EXTENSIONS\{6ED0A312-78F5-493C-A90C-5DAF321D0BF8}, No Action By User, [a80888c34347a690e3ba875a16ed5ba5],
Trojan.Banker, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CLASSES\linkrdr.AIEbho, Quarantined, [f0c01d2e08829d9953ef72d59f64817f],
Trojan.Banker, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CLASSES\linkrdr.AIEbho.1, Quarantined, [b9f7c08b9feb72c4e959fc4bd2318080],

Registry Values: 2
PUP.Optional.Conduit, HKU\S-1-5-21-1933893740-360370380-219397616-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BackgroundContainer, "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Beejous\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun, No Action By User, [9f1167e49bef0432a2663fef0afbc937]
Hijacker.Application, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ASSOCIATIONS|bak_application, http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s, Quarantined, [ecc4ea611872c76faec1335dbc4847b9]

Registry Data: 1
Hijacker.Application, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ASSOCIATIONS|Application, http://www.helpmeopen.com/?n=app&ext=%s, Good: (http://shell.windows.com/fileassoc/Bad: (http://www.helpmeopen.com/?n=app&ext=%s),Replaced,[3977e96288025adcad6527d128ddc13f]x/xml/redir.asp?Ext=%s), %5

Folders: 1
PUP.Optional.FTDownloader.A, C:\Users\Beejous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com, No Action By User, [a20e70db98f2bd79df9f623ff112ab55],

Files: 23
PUP.Optional.SearchProtect.A, C:\Users\Beejous\AppData\Local\Temp\Runner.exe, No Action By User, [bef24dfe7c0ed2642fd1982204fd27d9],
PUP.Optional.DomaIQ, C:\Users\Beejous\Downloads\Player (1).exe, No Action By User, [0fa1c08b5a308fa7763fcb8af10fdb25],
PUP.Optional.DomaIQ, C:\Users\Beejous\Downloads\Player (2).exe, No Action By User, [6b45da713852290d763fa5b04cb4dd23],
PUP.Optional.DomaIQ, C:\Users\Beejous\Downloads\Player (3).exe, No Action By User, [5f51ba9164266ec8a411cb8a34cc649c],
PUP.Optional.DomaIQ, C:\Users\Beejous\Downloads\Player (4).exe, No Action By User, [dbd559f27911ca6cb3bbff58eb155ea2],
PUP.Optional.DomaIQ, C:\Users\Beejous\Downloads\Player (5).exe, No Action By User, [9e1219326b1fc57182ec11469c649769],
PUP.Optional.DomaIQ, C:\Users\Beejous\Downloads\Player (6).exe, No Action By User, [486863e8c7c3b581b4ba59fe1de34cb4],
PUP.Optional.DomaIQ, C:\Users\Beejous\Downloads\Player.exe, No Action By User, [377916355832cf674963540049b708f8],
PUP.Optional.SafeInstall.A, C:\Users\Beejous\Downloads\Unconfirmed 157642.crdownload, No Action By User, [5060004be8a2c96d10812b4ed13051af],
PUP.Optional.SoftPulse, C:\Users\Beejous\Downloads\Unconfirmed 312361.crdownload, No Action By User, [654b52f9711942f438ca53b4cd3522de],
PUP.Optional.FullSpectrumAdmin, C:\Users\Beejous\Downloads\HDvideo-v4 (1).exe, No Action By User, [0ea24dfeed9d6ccac338b6e7b2531ee2],
PUP.Optional.FullSpectrumAdmin, C:\Users\Beejous\Downloads\HDvideo-v4.exe, No Action By User, [8927b2999af010261dde7e1fef16c838],
PUP.Optional.OutBrowse.gen, C:\Users\Beejous\Downloads\setup (2).exe, No Action By User, [763ae368b1d939fd9611889533cf6898],
PUP.Optional.OutBrowse, C:\Users\Beejous\Downloads\Installation (1).exe, No Action By User, [a8085cef9feb5dd910f1f84f2bd76a96],
PUP.Optional.OutBrowse, C:\Users\Beejous\Downloads\Installation (2).exe, No Action By User, [aa0619320e7cb4822eb8f2205ea4748c],
PUP.Optional.OutBrowse, C:\Users\Beejous\Downloads\Installation.exe, No Action By User, [f7b9f05ba8e2261084f4d7ffa160ad53],
PUP.Optional.SimplyTech, C:\Users\Beejous\Downloads\PDF_Creator (1).exe, No Action By User, [e3cded5e75154aec51af447756aff010],
PUP.Optional.SimplyTech, C:\Users\Beejous\Downloads\PDF_Creator (2).exe, No Action By User, [664a49020c7e2c0aeb15d8e37c8915eb],
PUP.Optional.SimplyTech, C:\Users\Beejous\Downloads\PDF_Creator.exe, No Action By User, [f6ba0645abdf22142fd16952e61f2fd1],
PUP.Optional.SquareNet.A, C:\Users\Beejous\Downloads\java_installer.exe, No Action By User, [d4dc3e0ddeac30067f6afb4f976904fc],
PUP.Optional.DownLoadAdmin.A, C:\Users\Beejous\Downloads\uplayermediaplayer-setup (1).exe, No Action By User, [a30d91ba5e2c83b352303b8149bcba46],
PUP.Optional.DownLoadAdmin.A, C:\Users\Beejous\Downloads\uplayermediaplayer-setup.exe, No Action By User, [416f5eede7a37db9c0c2b30911f40af6],
PUP.Optional.Conduit, C:\Windows\System32\Tasks\BackgroundContainer Startup Task, No Action By User, [7937d97246444bebf87d58d2d62fb54b],

Physical Sectors: 0
(No malicious items detected)


(end)



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,239 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:23 PM

Posted 31 March 2015 - 01:40 PM

Ok, sorry for the delay..

How long ago did you run ComboFix?

Need to Remove what ADW ,MBAM and ESET found.

Double click on AdwCleaner.exe to run the tool again. Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
>>>MBAM
2.0 Threat Scan
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
>>>ESET
ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your currently installed Anti-Virus, how to do so can be read here.

Vista/Windows 7 users: You will need to right-click on either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
  • Please go here to run the scan.

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: EOLS2.gif
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats IS checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: EOLS3.gif
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: EOLS4.gif
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

Edited by boopme, 31 March 2015 - 01:42 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 bjohnson1982

bjohnson1982
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:09:23 PM

Posted 01 April 2015 - 12:35 AM

I'm not sure when I ran ComboFix last.  It was based on a recomendation from a moderator on this site.  It was possibly around November 2012.

 

AdwCleaner:

# AdwCleaner v4.200 - Logfile created 01/04/2015 at 00:26:08
# Updated 29/03/2015 by Xplode
# Database : 2015-03-29.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Beejous - BRIANS-PC
# Running from : C:\Users\Beejous\Downloads\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\AVG\AVG10\Toolbar
Folder Deleted : C:\windows\System32\ljkb
Folder Deleted : C:\Users\Beejous\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\Beejous\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\Beejous\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Beejous\AppData\Roaming\HPAppData
Folder Deleted : C:\Users\Beejous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
File Deleted : C:\END
File Deleted : C:\windows\System32\dmwu.exe
File Deleted : C:\windows\System32\ImhxxpComm.dll
File Deleted : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.delta.com_0.localstorage
File Deleted : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.delta.com_0.localstorage-journal
File Deleted : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage
File Deleted : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage-journal
File Deleted : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage
File Deleted : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage-journal
File Deleted : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Deleted : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
File Deleted : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_utorrent.en.softonic.com_0.localstorage
File Deleted : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_utorrent.en.softonic.com_0.localstorage-journal
File Deleted : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta.com_0.localstorage
File Deleted : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta.com_0.localstorage-journal
File Deleted : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage
File Deleted : C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage-journal

***** [ Scheduled tasks ] *****

Task Deleted : BackgroundContainer Startup Task

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD17920C-5AD1-4FAB-97D0-BD9CBA0A0C5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB46BC47-9C94-45AA-AEB2-E88AB9E8AFCC}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Bitberry
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\DownLite
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SweetPacks
Key Deleted : HKCU\Software\AppDataLow\Software\PassShow
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\SweetPacks
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : [x64] HKLM\SOFTWARE\WNLT
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7

***** [ Web browsers ] *****

-\\ Internet Explorer v9.0.8112.16490


-\\ Mozilla Firefox v36.0.4 (x86 en-US)

[i4rz5632.default\prefs.js] - Line Deleted : user_pref("extensions.enabledItems", "vshare@toolbar:1.0.0,{88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.2.3.3,{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906,{23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2[...]
[i4rz5632.default\prefs.js] - Line Deleted : user_pref("extensions.wecarereminder.merchHash", "{\"AFFILIATES\":{\"1-Sale-A-Day\":{\"name\":\"1 Sale A Day\",\"autordr\":1,\"n\":\"3\",\"td\":1.5},\"1and1Internet\":{\"name\":\"1&1 Internet Inc.\",\[...]

-\\ Google Chrome v

[C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={354FC17F-8BA4-4BE8-A124-306D7E607927}&mid=d5baf220ea2247d1828c59e75ba35032-9ddfa1b138ca8ce2e11369892c009bcca052358a&ds=AVG&lang=en&v=&pr=pr&d=&sap=dsp&q={searchTerms}
[C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}
[C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.internet-search-results.com/?s={searchTerms}&sid=10101182100
[C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN22558582822033881&ctid=CT3310511&UM=2&sspv=CHNTR4B
[C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trademe.co.nz/Browse/SearchResults.aspx?searchstring={searchTerms}
[C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
[C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
[C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : dknkjnkhedbanphkkpbpcgoblmkbfhlf
[C:\Users\Beejous\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : banjjklfojcdbofbhbgiedekefohoaff

*************************

AdwCleaner[R0].txt - [20525 bytes] - [30/03/2015 11:16:47]
AdwCleaner[R1].txt - [18029 bytes] - [01/04/2015 00:00:15]
AdwCleaner[S0].txt - [17619 bytes] - [01/04/2015 00:26:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17679  bytes] ##########
 



#12 bjohnson1982

bjohnson1982
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:09:23 PM

Posted 01 April 2015 - 11:29 AM

ESET:

C:\Users\Beejous\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFIJFLEY\TBUpdaterLogic[1].dll    a variant of Win32/Conduit.SearchProtect.N potentially unwanted application    deleted - quarantined
C:\Users\Beejous\AppData\Local\Temp\Runner.exe    a variant of Win32/ClientConnect.A potentially unwanted application    deleted - quarantined
C:\Users\Beejous\AppData\Local\Temp\uttD8C9.tmp.exe    a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application    deleted - quarantined
C:\Users\Beejous\Downloads\ccsetup410.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\Beejous\Downloads\faceless_vpn_setup.exe    Win32/Toolbar.Conduit potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\HDvideo-v4 (1).exe    Win32/DownloadAdmin.G potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\HDvideo-v4.exe    Win32/DownloadAdmin.G potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\install-flashplayer.exe    Win32/OutBrowse.T potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\Installation (1).exe    Win32/OutBrowse.BK potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\Installation (2).exe    Win32/OutBrowse.BU potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\Installation.exe    Win32/OutBrowse.AN potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\java_installer.exe    a variant of Win32/SquareNet.A potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\mkvplayer_setup.exe    Win32/OutBrowse.G potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\PDF_Creator (1).exe    a variant of Win32/Toolbar.Widdit.A potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\PDF_Creator (2).exe    a variant of Win32/Toolbar.Widdit.A potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\PDF_Creator.exe    a variant of Win32/Toolbar.Widdit.A potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\Player (1).exe    a variant of Win32/SoftPulse.O potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\Player (2).exe    a variant of Win32/SoftPulse.O potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\Player (3).exe    a variant of Win32/SoftPulse.O potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\Player (4).exe    a variant of Win32/SoftPulse.O potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\Player (5).exe    a variant of Win32/SoftPulse.O potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\Player (6).exe    a variant of Win32/SoftPulse.O potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\Player.exe    a variant of Win32/SoftPulse.O potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\setup (2).exe    Win32/OutBrowse.BU potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\spsetup128.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\Beejous\Downloads\u.exe    Win32/UltraReach potentially unsafe application    deleted - quarantined
C:\Users\Beejous\Downloads\Unconfirmed 157642.crdownload    a variant of Win32/InstallIQ.A potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\Unconfirmed 312361.crdownload    a variant of Win32/SoftPulse.S potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\uplayermediaplayer-setup (1).exe    Win32/DownloadAdmin.G potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\uplayermediaplayer-setup.exe    Win32/DownloadAdmin.G potentially unwanted application    deleted - quarantined
C:\Users\Beejous\Downloads\Yahoo Messenger.exe    a variant of Win32/AirAdInstaller.A potentially unwanted application    deleted - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\axxyySivD3\iqYXkUUeOB.exe    Win32/Adware.WinAntiVirus.AD application    cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\bekIrOONyx0uS2\IbbFF3pnG.exe    Win32/Adware.WinAntiVirus.AD application    cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\CfffEL9gZqjYwIr\QhYYCkVOtxyS1v3.exe    Win32/Adware.WinAntiVirus.AD application    cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\dfffRLL9gTXqYCk\QVVVrzzONtx.exe    Win32/Adware.WinAntiVirus.AD application    cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\eAAA1uuvS2ob3m5\PLL9XekIrONyAuS.exe    Win32/Adware.WinAntiVirus.AD application    cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\finH79jkOu\t7gjIO0iDo4ms.exe    Win32/Adware.WinAntiVirus.AD application    cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\j4mssWJ7E8TZqYk\EonnFaHH5sJ7dLZ.exe    Win32/Adware.WinAntiVirus.AD application    cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\jK77fELLgTZjCwI\JYYYCkUVrOt0c1v.exe    Win32/Adware.WinAntiVirus.AD application    cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\L1ibDoonG4m6Wfg\Eonn4m5sWJdL8qh.exe    Win32/Adware.WinAntiVirus.AD application    cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\WoKevJwxGLrbWC0\aEku4ECBiaEXB1p.exe    Win32/Adware.WinAntiVirus.AD application    cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11042011_174811\C_Users\Beejous\AppData\Roaming\XRZ99hYXjVelBtP\cyccc11uvD2oFpm.exe    Win32/Adware.WinAntiVirus.AD application    cleaned by deleting - quarantined
C:\_OTL\MovedFiles\11072011_215432\C_Program Files (x86)\BitTorrentBar\tbBitT.dll    a variant of Win32/Toolbar.Conduit.B potentially unwanted application    deleted - quarantined
C:\_OTL\MovedFiles\11072011_215432\C_Program Files (x86)\ConduitEngine\ConduitEngine.dll    a variant of Win32/Toolbar.Conduit.B potentially unwanted application    deleted - quarantined
 



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,239 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:23 PM

Posted 01 April 2015 - 02:45 PM

Ok that was good... How is it now?

Just want to do this quick look.
Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 bjohnson1982

bjohnson1982
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:09:23 PM

Posted 01 April 2015 - 10:47 PM

It seems better, but I'm going to monitor it over the next day and I'll have a better idea. 

 

Do you want a report from Rkill??

It lists 7 no issues found.



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,239 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:23 PM

Posted 02 April 2015 - 11:06 AM

No then, lets just do this and we'll wait a few days.

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista or above, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users