Jump to content

Trojan BHO.WPO in svchost.exe


Recommended Posts

Hi, I've been having problems with this virus for awhile now. I use AVG antivirus and whenever i scan it always says i have 2 of this type of trojan on my computer. When I hit remove it says they were successfully removed but when i rescan they're back. So I would appreciate it if someone helped me remove this virus,

Link to post
Share on other sites

  • Replies 116
  • Created
  • Last Reply

Top Posters In This Topic

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.


 
 
 
 
 
Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt




Please attach this file to your next reply.

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-08-2014 01

Ran by Justin (administrator) on HOME on 19-08-2014 04:53:29

Running from C:\Users\Justin\Downloads

Platform: Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) OS Language: English (United States)

Internet Explorer Version 9

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe

(Lavasoft Limited) C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe

(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe

() C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe

(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe

( ) C:\Windows\System32\dlbacoms.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

(Lexmark International, Inc.) C:\Windows\System32\spool\drivers\w32x86\3\lxdxserv.exe

( ) C:\Windows\System32\lxdxcoms.exe

(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe

(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe

(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe

(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe

(Microsoft Corporation) C:\Program Files\Zune\ZuneNss.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

() C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe

(Lexmark International Inc.) C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe

(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe

(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe

(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Lavasoft Limited) C:\Program Files\Ad-Aware Antivirus\AdAware.exe

(GFI Software) C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe

(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\IHAMCNotify.exe

(Microsoft Corporation) C:\Windows\System32\wuauclt.exe

(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\VzDetectAgent.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]

HKU\.DEFAULT\...\Run: [DelayShred] => c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\users\rac\appdata\local\temp\Low\GOOGLE~1.SH! C:\Users\RAC\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\S1K3LX7G\INDEX_~2.SH! C:\Users\RAC\AppData\Lo (the data entry has 63 more characters). <===== ATTENTION

HKU\.DEFAULT\...0c966feabec1\InprocServer32: [Default-shell32] C:\Windows\system32\config\systemprofile\AppData\Local\{a91807f3-bc51-d71c-eefe-8807493b10b5}\n. ATTENTION! ====> ZeroAccess/Alureon?

HKU\S-1-5-21-3272686857-3468428945-150708638-1000\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-13] (Microsoft Corporation)

HKU\S-1-5-21-3272686857-3468428945-150708638-1000\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5717272 2013-12-11] (SUPERAntiSpyware)

HKU\S-1-5-21-3272686857-3468428945-150708638-1000\...\Run: [Google Update] => C:\Users\RAC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-11] (Google Inc.)

HKU\S-1-5-21-3272686857-3468428945-150708638-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)

HKU\S-1-5-21-3272686857-3468428945-150708638-1000\...\Run: [NextLive] => C:\Windows\system32\rundll32.exe "C:\Users\RAC\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

HKU\S-1-5-21-3272686857-3468428945-150708638-1000\...\Run: [browser Infrastructure Helper] => C:\Users\RAC\AppData\Local\Smartbar\Application\Muvic.exe startup

HKU\S-1-5-21-3272686857-3468428945-150708638-1000\...\Run: [slimCleaner Plus] => "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /minimize 

HKU\S-1-5-21-3272686857-3468428945-150708638-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe [851632 2014-08-06] (Adobe Systems Incorporated)

HKU\S-1-5-21-3272686857-3468428945-150708638-1000\...\Policies\Explorer: [HideSCAHealth] 1

HKU\S-1-5-21-3272686857-3468428945-150708638-1000\...\MountPoints2: K - K:\HTC_Sync_Manager_PC.exe

HKU\S-1-5-21-3272686857-3468428945-150708638-1000\...\MountPoints2: {06443e8b-f622-11e2-9986-00219b0a8bab} - K:\HTC_Sync_Manager_PC.exe

HKU\S-1-5-21-3272686857-3468428945-150708638-1000\...\MountPoints2: {1a2c81ca-e444-11e0-a7cb-00219b0a8bab} - J:\PcOptions.exe

HKU\S-1-5-21-3272686857-3468428945-150708638-1000\...\MountPoints2: {4389e501-83a8-11e1-a980-00219b0a8bab} - J:\PcOptions.exe

HKU\S-1-5-21-3272686857-3468428945-150708638-1000\...\MountPoints2: {68bf0a62-5c77-11e3-9109-00219b0a8bab} - K:\HTC_Sync_Manager_PC.exe

HKU\S-1-5-21-3272686857-3468428945-150708638-1000\...\MountPoints2: {9f042215-809a-11e1-8175-00219b0a8bab} - J:\PcOptions.exe

HKU\S-1-5-21-3272686857-3468428945-150708638-1000\...\MountPoints2: {d1e170fe-5c33-11e2-86f5-00219b0a8bab} - J:\HTC_Sync_Manager_PC.exe

HKU\S-1-5-21-3272686857-3468428945-150708638-1000\...\MountPoints2: {fdf5d809-d591-11e0-82b4-00219b0a8bab} - J:\PcOptions.exe

HKU\S-1-5-21-3272686857-3468428945-150708638-1001\...\Run: [Weather] => C:\Program Files\AWS\WeatherBug\Weather.exe 1

HKU\S-1-5-21-3272686857-3468428945-150708638-1001\...\Run: [swg] => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

HKU\S-1-5-21-3272686857-3468428945-150708638-1001\...\Run: [DW6] => "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"

HKU\S-1-5-21-3272686857-3468428945-150708638-1001\...\Run: [Exetender] => "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup

HKU\S-1-5-21-3272686857-3468428945-150708638-1001\...\Run: [lime pro] => "C:\Program Files\Lime PRO\LimePro.exe" -h

HKU\S-1-5-21-3272686857-3468428945-150708638-1001\...\Run: [searchEngineProtection] => C:\Program Files\Gamesbar\SearchEngineProtection.exe

HKU\S-1-5-21-3272686857-3468428945-150708638-1001\...\Run: [ares] => "C:\Program Files\Ares\ares.exe" -h

HKU\S-1-5-21-3272686857-3468428945-150708638-1001\...\Run: [uTorrent] => "C:\Program Files\uTorrent\uTorrent.exe"  /MINIMIZED

HKU\S-1-5-21-3272686857-3468428945-150708638-1001\...\Run: [Google Update] => C:\Users\RAC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-11] (Google Inc.)

HKU\S-1-5-21-3272686857-3468428945-150708638-1001\...\Run: [ROC_ROC_APR2013_AV] => C:\Users\Justin\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid edc7e3b1b51f47d39c5ad168ddee6258-2dece9001358d403473148b4b50201b0a73688ad --CMPID ROC_APR2013_AV --CM (the data entry has 13 more characters).

HKU\S-1-5-21-3272686857-3468428945-150708638-1001\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)

HKU\S-1-5-21-3272686857-3468428945-150708638-1001\...\Run: [spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)

HKU\S-1-5-21-3272686857-3468428945-150708638-1001\...\RunOnce: [Application Restart #2] => C:\Program Files\Google\Chrome\Application\chrome.exe [860488 2014-08-06] (Google Inc.)

HKU\S-1-5-21-3272686857-3468428945-150708638-1001\...\MountPoints2: {1a2c81ca-e444-11e0-a7cb-00219b0a8bab} - J:\PcOptions.exe

HKU\S-1-5-21-3272686857-3468428945-150708638-1001\...\MountPoints2: {4389e501-83a8-11e1-a980-00219b0a8bab} - J:\PcOptions.exe

HKU\S-1-5-21-3272686857-3468428945-150708638-1001\...\MountPoints2: {9f042215-809a-11e1-8175-00219b0a8bab} - J:\PcOptions.exe

HKU\S-1-5-21-3272686857-3468428945-150708638-1001\...\MountPoints2: {fdf5d809-d591-11e0-82b4-00219b0a8bab} - J:\PcOptions.exe

AppInit_DLLs: c:\progra~1\searchprotect\searchprotect\bin\spvc32loader.dll => c:\progra~1\searchprotect\searchprotect\bin\spvc32loader.dll File Not Found

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk

ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk

ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk

ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk

ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\RAC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk

ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

ProxyServer:



HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080929


HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://start.facemoods.com/?a=w7th1

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080929

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080929

HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 

URLSearchHook: HKLM - Connect DLC 5 Toolbar - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files\Connect_DLC_5\prxtbConn.dll No File



SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}


SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = http://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60529

SearchScopes: HKCU - {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.iplay.com/searchresults.aspx?o=chrome&q={searchTerms}


SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=ZqLHftNSn2-z88MkkRJG9kT8OYM?q={searchTerms}


SearchScopes: HKCU - {86F14831-D88C-4BC8-B871-C8FB24D95D9B} URL = http://www.questbasic.com/?prt=QstbscWD2&keywords={searchTerms}



SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ieb&appid=222&systemid=1&sr=0&q={searchTerms}

SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2418376


SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80114&lng=en

SearchScopes: HKCU - {E519AA1F-E8A8-47ED-92E3-BCFB65055819} URL = http://search.comcast.net/search?cat=Web&con=toolbar&q={searchTerms}

SearchScopes: HKCU - {E5F5D888-2587-E012-A817-7038F5690F26} URL = http://mmb.bingstart.com/s/?q={searchTerms}&iesrc=IE-SearchBox&site=Bing&cfg=2-152-0-QYbW

 

SearchScopes: HKCU - {E721428C-EC38-4485-A2BA-936A3B4238C5} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1320680

BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File

BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO: Wincore Mediabar -> {28387537-e3f9-4ed7-860c-11e69af4a8a0} -> C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll No File

BHO: Ad-Aware Security Add-on -> {6c97a91e-4524-4019-86af-2aa2d567bf5c} -> C:\Program Files\adawaretb\adawareDx.dll ()

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: WordExtra -> {8BA97046-C600-4264-B367-5DEFD9FC505F} -> C:\Users\RAC\AppData\Roaming\WordExtra\temp.dat ()

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

BHO: Updater For XFIN_PORTAL -> {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} -> C:\Program Files\xfin_portal\auxi\comcastAu.dll No File

BHO: Updater For Simppull Toolbar -> {C4B8BAB4-1667-11DF-A242-BA9455D89593} ->  No File

BHO: Connect DLC 5 Toolbar -> {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} -> C:\Program Files\Connect_DLC_5\prxtbConn.dll No File

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll No File

Toolbar: HKLM - No Name - !{3392cfec-56f8-41ee-bdb4-4e301efd2c93} -  No File

Toolbar: HKLM - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} -  No File

Toolbar: HKLM - No Name - !{f92a9fe4-2850-4198-b9d5-279880e49b16} -  No File

Toolbar: HKLM - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()

Toolbar: HKLM - Connect DLC 5 Toolbar - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files\Connect_DLC_5\prxtbConn.dll No File

Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File

Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} -  No File

Toolbar: HKCU - No Name - {9565115D-C7D6-46D3-BD63-B67B481A4368} -  No File

Toolbar: HKCU - No Name - {E30A55B9-F1B7-43A4-B3F6-EC90CDC4FE60} -  No File

Toolbar: HKCU - No Name - {F92A9FE4-2850-4198-B9D5-279880E49B16} -  No File


DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-18] (SuperAdBlocker.com)

Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.4.4

Tcpip\..\Interfaces\{A9E48C68-6CC4-4C13-ACD4-794241AB6C26}: [NameServer]8.8.8.8,8.8.4.4

Tcpip\..\Interfaces\{d8932e52-6a6f-11db-b6ab-806e6f6e6963}: [NameServer]8.8.8.8,8.8.4.4

 

FireFox:

========

FF ProfilePath: C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default

FF NewTab: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X0KDOEhEk0ltGEXK0fPnC1SpNg5g2-iFyL99wBcuK_6H9lyFC3n5rcm6KZnCkEY3ATcmP092ldz458lrrX292IMkdUScKZVSCY1-n9ZZK2EI89sTQIkUphHUARSjqkHzg,,

FF DefaultSearchEngine: Web Search

FF SelectedSearchEngine: Web Search

FF Homepage: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X0KDOEhEk0ltGEXK0fPnC1SpNg5g2-iFyL99wBcuK_6H9lyFC3n5rcm6KZnCkEY3ATaXcvVpDW81gr5HHgCl2V96iuddIk5onAfrevtmiX7RB3WGRo4Dxpy3Zq0wh60Ew,,

FF Keyword.URL: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X0KDOEhEk0ltGEXK0fPnC1SpNg5g2-iFyL99wBcuK_6H9lyFC3n5rcm6KZnCkEY3ATWZygivJbJRU1UuNGvkUOvLQwNx8ZooCSnoz43_zWYDxKn8F-Fh0v5a0s-n4knhQ,,&q=

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)

FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin: @checkpoint.com/FFApi -> C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll No File

FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File

FF Plugin: @oberon-media.com/ONCAdapter -> C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )

FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF user.js: detected! => C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\user.js

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml

FF Extension: Wincore Mediabar - C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\Extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0} [2011-12-12]

FF Extension: Test Pilot - C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-03-12]

FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2014-02-15]

FF Extension: Linksicle - C:\Program Files\Mozilla Firefox\extensions\linksicle@linksicle.com [2014-02-15]

FF Extension: QuestBasic - C:\Program Files\Mozilla Firefox\extensions\{1CE72EFA-E2D1-48FA-A5EC-D7111C2C5BB6} [2014-02-15]

FF Extension: WordExtra - C:\Program Files\Mozilla Firefox\browser\extensions\korey@markus.me [2014-03-03]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-21]

FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn

FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox

FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2012-03-11]

FF HKLM\...\Firefox\Extensions: [linksicle@linksicle.com] - C:\Program Files\Mozilla Firefox\extensions\linksicle@linksicle.com

FF HKCU\...\Firefox\Extensions: [info@friendschecker.com] - C:\Program Files\FriendsChecker\Firefox

FF HKCU\...\Firefox\Extensions: [sp2@sp.com] - C:\Program Files\Social Privacy\FF

 

Chrome: 

=======

CHR HomePage: hxxp://search.imesh.com/

CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}

CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll ()

CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll ()

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)

CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Oberon com adapter) - C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )

CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

CHR Plugin: (Java Deployment Toolkit 7.0.650.20) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

CHR Plugin: (Java Platform SE 7 U65) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

CHR Extension: (Google Drive) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-12]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-02]

CHR Extension: (YouTube) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-12]

CHR Extension: (iWebar) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam [2014-03-03]

CHR Extension: (Google Search) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-12]

CHR Extension: (CodecC) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjakmojkcnhgipgkkbiempkfdndcnlah [2012-11-12]

CHR Extension: (Freemake Video Converter) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2012-11-12]

CHR Extension: (Object Browser) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan [2014-03-05]

CHR Extension: (Connect DLC 5) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lipgolpfajiadodbcbljdpmbmbdmfcil [2013-12-19]

CHR Extension: (Video-for-PC-1.2) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna [2014-08-02]

CHR Extension: (Google Wallet) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]

CHR Extension: (Lavasoft NewTab) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole [2013-06-28]

CHR Extension: (Gmail) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-12]

CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\RAC\AppData\Local\Temp\ccex.crx [2012-11-12]

CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-11-12]

CHR HKLM\...\Chrome\Extension: [gohhkpbcblcpnaghfmnkfangnkkagacg] - C:\Program Files\Linksicle\Chrome\gohhkpbcblcpnaghfmnkfangnkkagacg.crx [2012-11-12]

CHR HKLM\...\Chrome\Extension: [hjakmojkcnhgipgkkbiempkfdndcnlah] - C:\ProgramData\CodecC\hjakmojkcnhgipgkkbiempkfdndcnlah.crx [2012-04-01]

CHR HKLM\...\Chrome\Extension: [ippenodjaoidmkkfdlmdhofiebnpjddb] - C:\Program Files\BrowseSmart\ippenodjaoidmkkfdlmdhofiebnpjddb.crx [2012-04-01]

CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2012-03-11]

CHR HKLM\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\RAC\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-12-12]

CHR HKLM\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files\adawaretb\chrome-newtab-search.crx [2013-06-13]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

========================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-07-11] (SUPERAntiSpyware.com) [File not signed]

R2 Ad-Aware Service; C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-06-13] (Lavasoft Limited)

R2 AdobeActiveFileMonitor11.0; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)

R2 AntiSpywareService; C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [616408 2009-06-17] ()

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3244048 2014-08-11] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-11] (AVG Technologies CZ, s.r.o.)

S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [409304 2014-07-22] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384728 2014-07-22] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [777944 2014-07-22] (BlueStack Systems, Inc.)

R2 dlba_device; C:\Windows\system32\dlbacoms.exe [538096 2007-03-05] ( )

R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [161048 2008-05-02] (Stardock Corporation)

R2 IHA_MessageCenter; C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [358984 2014-05-21] (Verizon) [File not signed]

R2 lxdxCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdxserv.exe [98984 2009-08-19] (Lexmark International, Inc.)

R2 lxdx_device; C:\Windows\system32\lxdxcoms.exe [594600 2008-02-27] ( )

R2 SBAMSvc; C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)

R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)

R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)

S2 Update BrowseSmart; "C:\Program Files\BrowseSmart\updateBrowseSmart.exe" [X]

S2 Util BrowseSmart; "C:\Program Files\BrowseSmart\bin\utilBrowseSmart.exe" [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [199960 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)

R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [112344 2014-07-22] (BlueStack Systems)

R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2014-08-09] (GFI Software)

S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2013-12-27] (Malwarebytes Corporation)

R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2014-08-18] ()

U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)

S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]

U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [26600 2009-05-18] (GEAR Software Inc.)

S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 MREMP50; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [X]

S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]

S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]

S3 MRESP50; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [X]

S1 {7f2b4ad0-671a-477b-bcd4-79d041f50d27}Gt; system32\drivers\{7f2b4ad0-671a-477b-bcd4-79d041f50d27}Gt.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-08-19 04:53 - 2014-08-19 04:54 - 00038726 _____ () C:\Users\Justin\Downloads\FRST.txt

2014-08-19 04:53 - 2014-08-19 04:53 - 00000000 ____D () C:\FRST

2014-08-19 04:52 - 2014-08-19 04:52 - 01093632 _____ (Farbar) C:\Users\Justin\Downloads\FRST.exe

2014-08-18 20:02 - 2014-08-18 20:02 - 00000000 ____D () C:\Users\RAC\AppData\Local\{562DE164-FD30-4F3D-A9D3-FE3759BF540D}

2014-08-17 01:35 - 2014-08-17 01:46 - 00000000 ____D () C:\Program Files\Audacity

2014-08-17 01:35 - 2014-08-17 01:35 - 00000818 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk

2014-08-17 01:35 - 2014-08-17 01:35 - 00000806 _____ () C:\Users\Public\Desktop\Audacity.lnk

2014-08-17 00:30 - 2014-08-17 00:31 - 22180353 _____ (Audacity Team ) C:\Users\Justin\Downloads\audacity-win-2.0.5.exe

2014-08-17 00:25 - 2014-08-17 00:25 - 01445348 _____ () C:\Users\Justin\Downloads\lame-3.99.5.tar.gz

2014-08-15 19:31 - 2014-08-15 19:31 - 00001917 _____ () C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OldSchool RuneScape.lnk

2014-08-15 19:31 - 2014-08-15 19:31 - 00001887 _____ () C:\Users\Justin\Desktop\OldSchool RuneScape.lnk

2014-08-15 19:31 - 2014-08-15 19:31 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OldSchool RuneScape

2014-08-15 19:29 - 2014-08-15 19:30 - 23646208 _____ () C:\Users\Justin\Downloads\OldSchool.msi

2014-08-15 02:39 - 2014-08-15 02:39 - 00000522 _____ () C:\cleanup.bat

2014-08-15 02:38 - 2014-08-15 02:39 - 07615636 _____ () C:\Users\Justin\Desktop\AVG_SysInfo_15-08-2014_07h-38m.7z

2014-08-15 02:34 - 2014-08-15 02:34 - 00000000 ____D () C:\Users\Justin\AppData\Local\Avg

2014-08-15 02:11 - 2014-08-15 02:39 - 00000000 ____D () C:\AVG_SysInfo

2014-08-15 02:11 - 2014-08-15 02:11 - 04020096 _____ ( ) C:\Users\Justin\Downloads\AVG_SysInfo.exe

2014-08-15 02:06 - 2014-08-15 02:06 - 00000000 _____ () C:\Windows\setuperr.log

2014-08-15 02:06 - 2014-08-15 02:06 - 00000000 _____ () C:\Windows\setupact.log

2014-08-14 21:01 - 2014-08-15 00:15 - 00149430 _____ () C:\rmall.log

2014-08-14 20:57 - 2014-08-14 20:57 - 73901208 _____ () C:\Users\Justin\Desktop\VirusRemover.log

2014-08-14 20:56 - 2014-08-14 20:57 - 73901208 _____ () C:\VirusRemover.log

2014-08-14 18:05 - 2014-08-14 18:05 - 03440688 _____ (AVG Technologies CZ) C:\Users\Justin\Downloads\avg_remover_all(1).exe

2014-08-14 03:00 - 2014-07-31 23:42 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-08-13 03:12 - 2014-06-26 18:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe

2014-08-13 03:12 - 2014-06-26 18:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll

2014-08-13 03:12 - 2014-06-26 18:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll

2014-08-13 03:12 - 2014-06-06 00:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe

2014-08-12 18:03 - 2014-07-25 00:26 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-08-12 18:03 - 2014-07-24 22:53 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-08-12 18:03 - 2014-07-24 14:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-08-12 18:03 - 2014-07-24 13:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-08-12 18:03 - 2014-07-24 13:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-08-12 18:03 - 2014-07-24 13:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-08-12 18:03 - 2014-07-24 13:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-08-12 18:03 - 2014-07-24 13:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-08-12 18:03 - 2014-07-24 13:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-08-12 18:03 - 2014-07-24 13:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-08-12 18:03 - 2014-07-24 13:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-08-12 18:03 - 2014-07-24 13:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-08-12 18:03 - 2014-07-24 13:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-08-12 18:03 - 2014-07-24 13:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-08-12 18:03 - 2014-07-24 13:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-08-12 18:03 - 2014-07-24 13:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-08-12 18:03 - 2014-07-24 13:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-08-12 18:03 - 2014-07-24 13:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-08-12 18:03 - 2014-07-24 13:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-08-12 18:03 - 2014-07-24 13:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-08-12 18:03 - 2014-07-24 13:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-08-12 18:03 - 2014-07-24 13:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-08-12 18:03 - 2014-07-24 13:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-08-12 18:03 - 2014-07-07 20:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-08-12 18:03 - 2014-06-13 20:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2014-08-12 18:03 - 2014-06-13 20:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

2014-08-12 18:03 - 2014-06-02 06:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-08-12 18:03 - 2014-06-02 06:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2014-08-12 18:03 - 2014-06-02 06:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2014-08-12 18:03 - 2014-06-02 06:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2014-08-12 18:03 - 2014-06-02 04:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2014-08-10 04:31 - 2014-08-10 04:31 - 00319456 _____ (Microsoft Corporation) C:\Windows\DIFxAPI.dll

2014-08-10 04:25 - 2014-08-10 04:25 - 00918440 _____ (Oracle Corporation) C:\Users\Justin\Downloads\jre-7u67-windows-i586-iftw.exe

2014-08-09 01:18 - 2014-08-09 01:18 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft

2014-08-09 01:17 - 2014-08-09 01:17 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\LavasoftStatistics

2014-08-08 16:44 - 2014-08-08 16:44 - 00000860 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-08-08 16:44 - 2014-08-08 16:44 - 00000848 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-08-08 16:44 - 2014-08-08 16:44 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

2014-08-08 16:40 - 2014-08-08 16:41 - 00244120 _____ () C:\Users\Justin\Downloads\Firefox Setup Stub 31.0.exe

2014-08-08 01:34 - 2014-08-08 01:35 - 00000000 ____D () C:\Users\Public\Desktop\CC Support

2014-08-08 01:16 - 2014-08-13 01:34 - 00001929 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-08-08 01:16 - 2014-08-08 01:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-08-08 01:15 - 2014-08-18 20:37 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-08-08 01:15 - 2014-08-17 18:26 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-08-07 19:38 - 2014-08-07 19:38 - 00000000 ____D () C:\Users\Justin\.android

2014-08-07 19:30 - 2014-08-07 19:30 - 00001678 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk

2014-08-07 19:28 - 2014-08-07 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks

2014-08-07 19:28 - 2014-08-07 19:29 - 00000000 ____D () C:\ProgramData\BlueStacks

2014-08-07 19:28 - 2014-08-07 19:29 - 00000000 ____D () C:\Program Files\BlueStacks

2014-08-07 19:27 - 2014-08-07 19:27 - 00000027 _____ () C:\Users\Justin\Documents\jp bf info.txt

2014-08-07 19:24 - 2014-08-07 19:24 - 00000000 ____D () C:\Users\Justin\AppData\Local\Bluestacks

2014-08-07 19:22 - 2014-08-07 19:22 - 13045984 _____ (BlueStack Systems Inc.) C:\Users\Justin\Downloads\BlueStacks-SplitInstaller_native_c.exe

2014-08-07 04:05 - 2014-08-07 04:06 - 68620242 _____ () C:\Users\Justin\Documents\clip0095.avi

2014-08-07 02:58 - 2014-08-07 03:14 - 50151668 _____ () C:\Users\Justin\Documents\clip0094.avi

2014-08-06 23:04 - 2014-08-06 23:04 - 00000000 ____D () C:\Users\Justin\AppData\Local\Adobe

2014-08-06 03:04 - 2014-08-06 03:06 - 04257920 _____ (Gaijin Entertainment ) C:\Users\Justin\Downloads\wt_launcher_doi_1.0.1.388.exe

2014-08-02 15:13 - 2014-08-16 18:04 - 01550352 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-08-02 13:40 - 2014-08-02 13:40 - 00001917 _____ () C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk

2014-08-02 13:40 - 2014-08-02 13:40 - 00001887 _____ () C:\Users\Justin\Desktop\RuneScape.lnk

2014-08-02 13:40 - 2014-08-02 13:40 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape

2014-08-02 13:38 - 2014-08-02 13:39 - 23810048 _____ () C:\Users\Justin\Downloads\RuneScape (2).msi

2014-08-02 11:38 - 2014-08-02 11:39 - 00000000 ____D () C:\Users\RAC\AppData\Local\{381104DD-2A7B-4A8D-9D6E-68782F6F1A97}

2014-08-02 11:27 - 2014-08-15 19:33 - 00000000 ____D () C:\Users\Justin\jagexcache

2014-08-02 11:24 - 2014-08-02 11:24 - 23810048 _____ () C:\Users\Justin\Downloads\RuneScape (1).msi

2014-08-02 10:49 - 2014-08-02 10:49 - 04814696 _____ (Piriform Ltd) C:\Users\Justin\Downloads\ccsetup416pro.exe

2014-08-02 01:11 - 2014-08-02 05:24 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job

2014-08-02 01:10 - 2014-08-18 20:36 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job

2014-08-02 01:10 - 2014-08-13 00:33 - 00000616 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job

2014-08-02 01:07 - 2014-08-02 01:07 - 00001972 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk

2014-08-02 01:07 - 2014-08-02 01:07 - 00001960 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

2014-08-02 01:07 - 2014-08-02 01:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

2014-08-02 01:06 - 2014-08-06 00:30 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

2014-08-02 01:06 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe

2014-08-02 01:05 - 2014-08-02 06:54 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2

2014-08-02 01:01 - 2014-08-02 01:04 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Justin\Downloads\spybot-2.4.exe

2014-08-02 00:07 - 2014-08-02 00:07 - 00000000 ____D () C:\Program Files\Common Files\Java

2014-08-02 00:07 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2014-08-02 00:06 - 2014-07-11 03:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2014-08-02 00:06 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2014-08-02 00:06 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2014-08-01 23:33 - 2014-08-14 17:52 - 00000800 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

2014-08-01 23:33 - 2014-08-14 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-08-01 23:13 - 2014-08-01 23:13 - 04755832 _____ (AVG Technologies) C:\Users\Justin\Downloads\avg_free_stb_all_2014_4744_cnet.exe

2014-08-01 23:11 - 2014-08-01 23:11 - 04755832 _____ (AVG Technologies) C:\Users\Justin\Downloads\avg_isct_stb_all_2014_4744.exe

2014-08-01 23:11 - 2014-08-01 23:11 - 04755832 _____ (AVG Technologies) C:\Users\Justin\Downloads\avg_isct_stb_all_2014_4744 (1).exe

2014-08-01 22:34 - 2014-06-06 04:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-08-01 22:34 - 2014-05-30 02:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-08-01 22:34 - 2014-04-26 12:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-08-01 22:34 - 2014-04-04 23:23 - 00915392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-08-01 22:34 - 2014-04-04 21:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys

2014-08-01 22:34 - 2014-03-25 09:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-08-01 22:34 - 2014-03-09 21:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-08-01 22:34 - 2014-03-09 21:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-08-01 22:33 - 2014-02-05 21:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-08-19 04:54 - 2014-08-19 04:53 - 00038726 _____ () C:\Users\Justin\Downloads\FRST.txt

2014-08-19 04:53 - 2014-08-19 04:53 - 00000000 ____D () C:\FRST

2014-08-19 04:52 - 2014-08-19 04:52 - 01093632 _____ (Farbar) C:\Users\Justin\Downloads\FRST.exe

2014-08-19 04:51 - 2006-11-02 08:45 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-08-19 04:51 - 2006-11-02 08:45 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-08-19 04:47 - 2013-03-01 21:48 - 00000024 _____ () C:\Users\Justin\random.dat

2014-08-19 04:37 - 2013-02-21 03:24 - 01828958 _____ () C:\Windows\WindowsUpdate.log

2014-08-19 02:03 - 2014-03-03 08:50 - 00000024 _____ () C:\Users\Justin\jagexappletviewer.preferences

2014-08-18 21:17 - 2011-12-06 11:45 - 00000045 ____H () C:\Users\Justin\jagex_cl_runescape_LIVE.dat

2014-08-18 20:37 - 2014-08-08 01:15 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-08-18 20:36 - 2014-08-02 01:10 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job

2014-08-18 20:36 - 2014-03-10 15:07 - 00000390 _____ () C:\Windows\Tasks\DriverUpdate Startup.job

2014-08-18 20:36 - 2014-03-04 12:04 - 00002568 _____ () C:\Windows\Tasks\Video-for-PC-1.2-firefoxinstaller.job

2014-08-18 20:36 - 2014-03-04 12:04 - 00001524 _____ () C:\Windows\Tasks\Video-for-PC-1.2-updater.job

2014-08-18 20:36 - 2014-03-04 12:04 - 00001480 _____ () C:\Windows\Tasks\Video-for-PC-1.2-codedownloader.job

2014-08-18 20:36 - 2014-03-04 12:04 - 00001378 _____ () C:\Windows\Tasks\Video-for-PC-1.2-enabler.job

2014-08-18 20:36 - 2014-03-04 12:03 - 00003096 _____ () C:\Windows\Tasks\Video-for-PC-1.2-chromeinstaller.job

2014-08-18 20:36 - 2011-11-11 14:05 - 00000416 _____ () C:\Windows\Tasks\PCConfidential.job

2014-08-18 20:36 - 2011-06-16 18:50 - 00000402 _____ () C:\Windows\Tasks\PC Optimizer Pro startups.job

2014-08-18 20:27 - 2011-11-23 18:40 - 00000000 ____D () C:\Users\RAC\Desktop\Justin's St00f

2014-08-18 20:22 - 2011-06-16 18:26 - 00000000 ____D () C:\Users\RAC\Documents\Disputes

2014-08-18 20:22 - 2011-06-14 17:16 - 00000000 ____D () C:\Users\RAC\Documents\Photos

2014-08-18 20:02 - 2014-08-18 20:02 - 00000000 ____D () C:\Users\RAC\AppData\Local\{562DE164-FD30-4F3D-A9D3-FE3759BF540D}

2014-08-18 20:01 - 2010-03-11 15:58 - 00000000 ____D () C:\Users\RAC\Tracing

2014-08-18 20:00 - 2014-03-10 15:06 - 00013464 _____ () C:\Windows\system32\Drivers\SWDUMon.sys

2014-08-18 18:29 - 2013-03-02 02:45 - 00000000 ____D () C:\ProgramData\MFAData

2014-08-17 18:47 - 2012-08-30 23:07 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3272686857-3468428945-150708638-1000UA.job

2014-08-17 18:26 - 2014-08-08 01:15 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-08-17 18:08 - 2012-08-24 14:48 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-08-17 12:38 - 2014-03-12 09:54 - 00000426 _____ () C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - RAC).job

2014-08-17 11:47 - 2012-08-30 23:07 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3272686857-3468428945-150708638-1000Core.job

2014-08-17 06:03 - 2012-10-16 06:13 - 00000434 _____ () C:\Windows\Tasks\PC Optimizer Pro Updates.job

2014-08-17 02:37 - 2013-03-25 13:50 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\Audacity

2014-08-17 01:46 - 2014-08-17 01:35 - 00000000 ____D () C:\Program Files\Audacity

2014-08-17 01:35 - 2014-08-17 01:35 - 00000818 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk

2014-08-17 01:35 - 2014-08-17 01:35 - 00000806 _____ () C:\Users\Public\Desktop\Audacity.lnk

2014-08-17 00:31 - 2014-08-17 00:30 - 22180353 _____ (Audacity Team ) C:\Users\Justin\Downloads\audacity-win-2.0.5.exe

2014-08-17 00:25 - 2014-08-17 00:25 - 01445348 _____ () C:\Users\Justin\Downloads\lame-3.99.5.tar.gz

2014-08-16 19:05 - 2012-11-21 11:42 - 00000000 ____D () C:\Program Files\CCleaner

2014-08-16 18:05 - 2006-11-02 08:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-08-16 18:04 - 2014-08-02 15:13 - 01550352 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-08-16 18:01 - 2006-11-02 08:58 - 00032610 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-08-15 19:33 - 2014-08-02 11:27 - 00000000 ____D () C:\Users\Justin\jagexcache

2014-08-15 19:33 - 2013-03-01 21:48 - 00000045 _____ () C:\Users\Justin\jagex_cl_oldschool_LIVE.dat

2014-08-15 19:31 - 2014-08-15 19:31 - 00001917 _____ () C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OldSchool RuneScape.lnk

2014-08-15 19:31 - 2014-08-15 19:31 - 00001887 _____ () C:\Users\Justin\Desktop\OldSchool RuneScape.lnk

2014-08-15 19:31 - 2014-08-15 19:31 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OldSchool RuneScape

2014-08-15 19:30 - 2014-08-15 19:29 - 23646208 _____ () C:\Users\Justin\Downloads\OldSchool.msi

2014-08-15 09:26 - 2014-03-04 12:05 - 00000366 _____ () C:\Windows\Tasks\APSnotifierCA.job

2014-08-15 02:39 - 2014-08-15 02:39 - 00000522 _____ () C:\cleanup.bat

2014-08-15 02:39 - 2014-08-15 02:38 - 07615636 _____ () C:\Users\Justin\Desktop\AVG_SysInfo_15-08-2014_07h-38m.7z

2014-08-15 02:39 - 2014-08-15 02:11 - 00000000 ____D () C:\AVG_SysInfo

2014-08-15 02:34 - 2014-08-15 02:34 - 00000000 ____D () C:\Users\Justin\AppData\Local\Avg

2014-08-15 02:11 - 2014-08-15 02:11 - 04020096 _____ ( ) C:\Users\Justin\Downloads\AVG_SysInfo.exe

2014-08-15 02:06 - 2014-08-15 02:06 - 00000000 _____ () C:\Windows\setuperr.log

2014-08-15 02:06 - 2014-08-15 02:06 - 00000000 _____ () C:\Windows\setupact.log

2014-08-15 00:58 - 2011-11-11 22:04 - 00000000 ____D () C:\Windows\Minidump

2014-08-15 00:15 - 2014-08-14 21:01 - 00149430 _____ () C:\rmall.log

2014-08-14 20:57 - 2014-08-14 20:57 - 73901208 _____ () C:\Users\Justin\Desktop\VirusRemover.log

2014-08-14 20:57 - 2014-08-14 20:56 - 73901208 _____ () C:\VirusRemover.log

2014-08-14 18:05 - 2014-08-14 18:05 - 03440688 _____ (AVG Technologies CZ) C:\Users\Justin\Downloads\avg_remover_all(1).exe

2014-08-14 17:52 - 2014-08-01 23:33 - 00000800 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

2014-08-14 17:52 - 2014-08-01 23:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-08-14 17:33 - 2013-08-15 03:07 - 00000000 ____D () C:\Windows\system32\MRT

2014-08-14 17:24 - 2013-06-25 11:51 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection

2014-08-13 06:24 - 2013-10-14 20:08 - 00000000 ____D () C:\ProgramData\AVG2014

2014-08-13 03:50 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\rescache

2014-08-13 03:49 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\Microsoft.NET

2014-08-13 03:41 - 2006-11-02 06:33 - 00765776 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-08-13 01:34 - 2014-08-08 01:16 - 00001929 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-08-13 00:33 - 2014-08-02 01:10 - 00000616 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job

2014-08-10 04:31 - 2014-08-10 04:31 - 00319456 _____ (Microsoft Corporation) C:\Windows\DIFxAPI.dll

2014-08-10 04:31 - 2008-09-29 06:37 - 00000000 ____D () C:\Windows\system32\RTCOM

2014-08-10 04:30 - 2013-12-17 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallConverter

2014-08-10 04:25 - 2014-08-10 04:25 - 00918440 _____ (Oracle Corporation) C:\Users\Justin\Downloads\jre-7u67-windows-i586-iftw.exe

2014-08-10 01:25 - 2012-02-17 03:19 - 00000000 ____D () C:\ProgramData\Freemake

2014-08-10 01:22 - 2013-12-17 18:39 - 00000000 ____D () C:\Program Files\DSP-worx

2014-08-09 09:20 - 2006-11-02 07:18 - 00000000 ____D () C:\Program Files\Common Files\System

2014-08-09 09:15 - 2013-11-18 22:57 - 00000000 ____D () C:\Program Files\sp

2014-08-09 09:14 - 2014-03-04 12:03 - 00000000 ____D () C:\Program Files\Video-for-PC-1.2

2014-08-09 01:18 - 2014-08-09 01:18 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft

2014-08-09 01:17 - 2014-08-09 01:17 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\LavasoftStatistics

2014-08-09 01:17 - 2013-06-25 11:51 - 00000000 ____D () C:\ProgramData\Lavasoft

2014-08-09 01:17 - 2013-06-25 11:47 - 00044424 _____ (GFI Software) C:\Windows\system32\sbbd.exe

2014-08-09 01:17 - 2013-06-25 11:47 - 00013560 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys

2014-08-08 23:42 - 2012-03-05 14:47 - 00006826 _____ () C:\Windows\WININIT.INI

2014-08-08 22:00 - 2014-02-18 16:39 - 00000936 _____ () C:\Users\Public\Desktop\Vz  In-Home Agent.lnk

2014-08-08 16:44 - 2014-08-08 16:44 - 00000860 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-08-08 16:44 - 2014-08-08 16:44 - 00000848 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-08-08 16:44 - 2014-08-08 16:44 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

2014-08-08 16:44 - 2014-02-15 15:56 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-08-08 16:41 - 2014-08-08 16:40 - 00244120 _____ () C:\Users\Justin\Downloads\Firefox Setup Stub 31.0.exe

2014-08-08 01:35 - 2014-08-08 01:34 - 00000000 ____D () C:\Users\Public\Desktop\CC Support

2014-08-08 01:16 - 2014-08-08 01:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-08-08 01:16 - 2008-09-29 11:55 - 00000000 ____D () C:\Program Files\Google

2014-08-07 19:38 - 2014-08-07 19:38 - 00000000 ____D () C:\Users\Justin\.android

2014-08-07 19:38 - 2011-11-24 11:57 - 00000000 ___HD () C:\Users\Justin

2014-08-07 19:30 - 2014-08-07 19:30 - 00001678 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk

2014-08-07 19:29 - 2014-08-07 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks

2014-08-07 19:29 - 2014-08-07 19:28 - 00000000 ____D () C:\ProgramData\BlueStacks

2014-08-07 19:29 - 2014-08-07 19:28 - 00000000 ____D () C:\Program Files\BlueStacks

2014-08-07 19:27 - 2014-08-07 19:27 - 00000027 _____ () C:\Users\Justin\Documents\jp bf info.txt

2014-08-07 19:24 - 2014-08-07 19:24 - 00000000 ____D () C:\Users\Justin\AppData\Local\Bluestacks

2014-08-07 19:22 - 2014-08-07 19:22 - 13045984 _____ (BlueStack Systems Inc.) C:\Users\Justin\Downloads\BlueStacks-SplitInstaller_native_c.exe

2014-08-07 04:06 - 2014-08-07 04:05 - 68620242 _____ () C:\Users\Justin\Documents\clip0095.avi

2014-08-07 03:25 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\system32\LogFiles

2014-08-07 03:14 - 2014-08-07 02:58 - 50151668 _____ () C:\Users\Justin\Documents\clip0094.avi

2014-08-06 23:04 - 2014-08-06 23:04 - 00000000 ____D () C:\Users\Justin\AppData\Local\Adobe

2014-08-06 21:42 - 2012-08-24 14:48 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-08-06 21:42 - 2011-06-12 09:06 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-08-06 03:06 - 2014-08-06 03:04 - 04257920 _____ (Gaijin Entertainment ) C:\Users\Justin\Downloads\wt_launcher_doi_1.0.1.388.exe

2014-08-06 00:30 - 2014-08-02 01:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

2014-08-02 13:40 - 2014-08-02 13:40 - 00001917 _____ () C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk

2014-08-02 13:40 - 2014-08-02 13:40 - 00001887 _____ () C:\Users\Justin\Desktop\RuneScape.lnk

2014-08-02 13:40 - 2014-08-02 13:40 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape

2014-08-02 13:39 - 2014-08-02 13:38 - 23810048 _____ () C:\Users\Justin\Downloads\RuneScape (2).msi

2014-08-02 11:54 - 2014-03-04 12:04 - 00000000 ____D () C:\Users\RAC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup

2014-08-02 11:51 - 2014-03-12 09:53 - 00000000 ____D () C:\Program Files\SlimCleaner Plus

2014-08-02 11:49 - 2009-03-09 08:44 - 00000000 ____D () C:\Users\RAC\AppData\Roaming\Mozilla

2014-08-02 11:47 - 2014-03-05 08:58 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar

2014-08-02 11:42 - 2009-10-25 18:36 - 00000000 ____D () C:\Program Files\Yahoo!

2014-08-02 11:39 - 2014-08-02 11:38 - 00000000 ____D () C:\Users\RAC\AppData\Local\{381104DD-2A7B-4A8D-9D6E-68782F6F1A97}

2014-08-02 11:32 - 2014-03-12 11:36 - 00000000 ____D () C:\ProgramData\BoostSoftware

2014-08-02 11:24 - 2014-08-02 11:24 - 23810048 _____ () C:\Users\Justin\Downloads\RuneScape (1).msi

2014-08-02 10:50 - 2012-11-21 11:42 - 00000806 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-08-02 10:50 - 2012-11-21 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2014-08-02 10:49 - 2014-08-02 10:49 - 04814696 _____ (Piriform Ltd) C:\Users\Justin\Downloads\ccsetup416pro.exe

2014-08-02 10:37 - 2006-11-02 06:23 - 00000246 _____ () C:\Windows\win.ini

2014-08-02 06:54 - 2014-08-02 01:05 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2

2014-08-02 05:24 - 2014-08-02 01:11 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job

2014-08-02 05:23 - 2009-11-20 18:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-08-02 03:23 - 2010-06-05 03:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-08-02 02:51 - 2013-12-17 17:17 - 00000000 ____D () C:\Users\RAC\AppData\Roaming\newnext.me

2014-08-02 02:49 - 2014-03-04 12:03 - 00000000 ____D () C:\Users\RAC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage

2014-08-02 02:21 - 2014-03-04 12:04 - 00000000 ____D () C:\Users\RAC\AppData\Local\LPT

2014-08-02 02:19 - 2013-12-17 17:17 - 00000000 ____D () C:\Users\RAC\AppData\Local\genienext

2014-08-02 01:46 - 2012-02-10 16:46 - 00000000 ____D () C:\temp

2014-08-02 01:07 - 2014-08-02 01:07 - 00001972 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk

2014-08-02 01:07 - 2014-08-02 01:07 - 00001960 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

2014-08-02 01:07 - 2014-08-02 01:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

2014-08-02 01:04 - 2014-08-02 01:01 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Justin\Downloads\spybot-2.4.exe

2014-08-02 01:04 - 2014-03-04 12:06 - 00000000 ____D () C:\Program Files\LPT

2014-08-02 01:04 - 2013-12-17 17:17 - 00000000 ____D () C:\Program Files\Mobogenie

2014-08-02 00:49 - 2014-03-04 12:03 - 00000000 ____D () C:\Program Files\AnyProtectEx

2014-08-02 00:19 - 2012-12-29 20:06 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware

2014-08-02 00:07 - 2014-08-02 00:07 - 00000000 ____D () C:\Program Files\Common Files\Java

2014-08-02 00:06 - 2013-06-24 09:36 - 00000000 ____D () C:\Program Files\Java

2014-08-01 23:40 - 2013-12-19 08:17 - 00068232 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT

2014-08-01 23:32 - 2013-03-13 18:09 - 00000000 ___HD () C:\$AVG

2014-08-01 23:26 - 2013-06-25 11:55 - 00000000 ____D () C:\ProgramData\Ad-Aware Antivirus

2014-08-01 23:13 - 2014-08-01 23:13 - 04755832 _____ (AVG Technologies) C:\Users\Justin\Downloads\avg_free_stb_all_2014_4744_cnet.exe

2014-08-01 23:11 - 2014-08-01 23:11 - 04755832 _____ (AVG Technologies) C:\Users\Justin\Downloads\avg_isct_stb_all_2014_4744.exe

2014-08-01 23:11 - 2014-08-01 23:11 - 04755832 _____ (AVG Technologies) C:\Users\Justin\Downloads\avg_isct_stb_all_2014_4744 (1).exe

2014-08-01 22:59 - 2013-11-21 20:57 - 00000000 ____D () C:\Users\Justin\AppData\Local\Avg2014

2014-07-31 23:42 - 2014-08-14 03:00 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-07-25 00:26 - 2014-08-12 18:03 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-07-24 22:53 - 2014-08-12 18:03 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-07-24 14:07 - 2014-08-12 18:03 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-07-24 13:58 - 2014-08-12 18:03 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-07-24 13:57 - 2014-08-12 18:03 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-07-24 13:52 - 2014-08-12 18:03 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-07-24 13:51 - 2014-08-12 18:03 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-07-24 13:51 - 2014-08-12 18:03 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-07-24 13:50 - 2014-08-12 18:03 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-07-24 13:50 - 2014-08-12 18:03 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-07-24 13:49 - 2014-08-12 18:03 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-07-24 13:49 - 2014-08-12 18:03 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-07-24 13:49 - 2014-08-12 18:03 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-07-24 13:49 - 2014-08-12 18:03 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-07-24 13:49 - 2014-08-12 18:03 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-07-24 13:48 - 2014-08-12 18:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-07-24 13:48 - 2014-08-12 18:03 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-07-24 13:48 - 2014-08-12 18:03 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-07-24 13:48 - 2014-08-12 18:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-07-24 13:48 - 2014-08-12 18:03 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-07-24 13:48 - 2014-08-12 18:03 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-07-24 13:48 - 2014-08-12 18:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-07-24 13:47 - 2014-08-12 18:03 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

 

ZeroAccess:

C:\Windows\System32\config\systemprofile\AppData\Local\{a91807f3-bc51-d71c-eefe-8807493b10b5}

C:\Windows\System32\config\systemprofile\AppData\Local\{a91807f3-bc51-d71c-eefe-8807493b10b5}\@

 

Files to move or delete:

====================

C:\ProgramData\bos821Dyr.dat

C:\Users\Justin\jagex_cl_oldschool_LIVE.dat

C:\Users\Justin\jagex_cl_runescape_LIVE.dat

C:\Users\Justin\jagex_cl_runescape_LIVE1.dat

C:\Users\Justin\jagex_cl_runescape_LIVE_BETA.dat

C:\Users\Justin\random.dat

C:\Users\Public\RemoveSGP.exe

C:\Users\Public\RemoveSGP0.exe

C:\Users\RAC\dementhium_runescape_preferences.dat

C:\Users\RAC\dementhium_runescape_preferences2.dat

C:\Users\RAC\jagex_cl_loginapplet_LIVE.dat

C:\Users\RAC\jagex_cl_oldschool_LIVE.dat

C:\Users\RAC\jagex_cl_runescape_LIVE.dat

C:\Users\RAC\jagex_cl_runescape_LIVE1.dat

C:\Users\RAC\jagex_cl_runescape_LIVE_BETA.dat

C:\Users\RAC\jagex_runescape_preferences.dat

C:\Users\RAC\jagex_runescape_preferences2.dat

C:\Users\RAC\jagex__preferences3.dat

C:\Users\RAC\MetricCollection.dll

C:\Users\RAC\random.dat

 

 

Some content of TEMP:

====================

C:\Users\RAC\AppData\Local\Temp\UNINSTALL.EXE

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-08-18 18:22

 

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x86) Version:17-08-2014 01

Ran by Justin at 2014-08-19 04:55:18

Running from C:\Users\Justin\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AV: Lavasoft Ad-Aware (Disabled - Up to date) {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Lavasoft Ad-Aware (Disabled - Up to date) {5BB89C30-6480-BC7C-9F17-199BD76F557A}

AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

FW: Lavasoft Ad-Aware (Disabled) {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)

Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden

Ad-Aware Antivirus (HKLM\...\{944167EA-7F89-4705-8DCD-1D63B53141B0}) (Version: 10.5.3.4405 - Lavasoft)

Ad-Aware Security Add-on (HKLM\...\adawaretb) (Version: 3.1.0.2 - Lavasoft)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)

Adobe AIR (Version: 3.4.0.2710 - Adobe Systems Incorporated) Hidden

Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)

Adobe Download Assistant (Version: 1.2.3 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Photoshop Elements 11 (HKLM\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)

Adobe Photoshop Elements 11 (Version: 11.0 - Adobe Systems Incorporated) Hidden

Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)

Apple Application Support (HKLM\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{459699C3-9430-4381-964B-4248D87B49F9}) (Version: 6.0.1.3 - Apple Inc.)

Apple Software Update (HKLM\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)

Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.0.20007 - Ask.com) <==== ATTENTION

Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)

AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4745 - AVG Technologies)

AVG 2014 (Version: 14.0.4007 - AVG Technologies) Hidden

AVG 2014 (Version: 14.0.4745 - AVG Technologies) Hidden

BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.9.0.4049 - BlueStack Systems, Inc.)

BlueStacks Notification Center (HKLM\...\{50DA15C1-0161-40EE-A325-0BE5BA03C026}) (Version: 0.9.0.4049 - BlueStack Systems, Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)

Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Conexant D850 PCI V.92 Modem (HKLM\...\CNXT_MODEM_PCI_HSF) (Version: 7.74.00 - Conexant)

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

Dell Best of Web (HKLM\...\{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}) (Version: 1.00.0000 - Dell)

Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)

Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell Support Center (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.1.08060 - Dell)

Dell-eBay (HKLM\...\{B935C985-A17F-484B-8470-09E4FC27DC26}) (Version: 1.00.0000 - Dell)

Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)

DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)

DriverUpdate (HKLM\...\{2B353DA2-A8FD-4238-B207-62A1921158D7}) (Version: 2.2.35415 - SlimWare Utilities, Inc.)

EarthLink Setup Files (HKLM\...\{255909FA-8E58-4BC2-A83A-3C71EB5DD6EC}) (Version: 2008.1.18.0 - EarthLink, Inc.)

Elements 11 Organizer (Version: 11.0 - Adobe Systems Incorporated) Hidden

EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)

Freemake Video Converter version 3.0.1 (HKLM\...\Freemake Video Converter_is1) (Version: 3.0.1 - Ellora Assets Corporation)

GIMP 2.6.11 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)

Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)

Google Talk Plugin (HKLM\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden

Horizon v2.7.3.0 (HKLM\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.3.0 - Daring Development Inc.)

HyperCam 2 (HKLM\...\HyperCam 2) (Version: 2.27.01 - Hyperionics Technology LLC)

IHA_MessageCenter (HKLM\...\{45F447E8-E029-4CA5-B4CD-38820D4CFE5D}) (Version: 1.9.7 - Verizon)

Intel® PRO Network Connections 12.1.11.0 (HKLM\...\PROSetDX) (Version:  - Intel)

Intel® PRO Network Connections 12.1.11.0 (Version:  - Intel) Hidden

iTunes (HKLM\...\{B0261E53-B6F1-474A-864B-E7C3CBF468E0}) (Version: 11.0.1.12 - Apple Inc.)

Java 7 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.650 - Oracle)

Java Auto Updater (Version: 2.1.65.20 - Oracle, Inc.) Hidden

Java 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)

Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Lagarith Lossless Codec (1.3.27) (HKLM\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )

Lexmark 3600-4600 Series (HKLM\...\Lexmark 3600-4600 Series) (Version:  - Lexmark International, Inc.)

LPT System Updater Service (Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION

Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)

mmth (HKLM\...\{24217A28-B8A8-402B-AF46-C80694D86AC6}) (Version: 1.0.0 - FileSubmit)

Modem Diagnostic Tool (HKLM\...\{294EAADF-E50F-4DD8-AD8D-19587EA10512}) (Version: 1.0.24.0 - Dell)

Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)

MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

MusicOasis (HKLM\...\MusicOasis) (Version: 1.0.3 - W3i, LLC)

MusicOasis (Version: 1.0.3 - W3i, LLC) Hidden

Muvic Smartbar (HKLM\...\{AA236AFD-B26E-4BC7-9A13-76BD5F9887AC}) (Version: 10.211.58.15493 - PinWid Ltd.) <==== ATTENTION

NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.53 - BVRP Software, Inc)

OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden

OldSchool RuneScape Launcher 1.2.3 (HKLM\...\{CCCEAAD4-3D2F-42C1-9AAA-08D458DB3509}) (Version: 1.2.3 - Jagex Ltd)

PSE11 STI Installer (Version: 11.0 - Adobe Systems Incorporated) Hidden

ptsunset (HKLM\...\{014ED72C-2BF4-4501-8046-91CC1E4C8427}) (Version: 1.0.0 - FileSubmit)

QuickTime (HKLM\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)

RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden

RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden

RuneScape Launcher 1.2.3 (HKLM\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)

SavingsBull (HKLM\...\Level Quality Watcher) (Version: SavingsBull - SavingsBull) <==== ATTENTION

Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden

Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)

Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1008 - SUPERAntiSpyware.com)

swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

System Requirements Lab CYRI (HKLM\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

VC 9.0 Runtime (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden

VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden

Video-for-PC-1.2 (HKLM\...\Video-for-PC-1.2) (Version: 1.34.2.13 - fun-games) <==== ATTENTION

Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

Vz In-Home Agent (HKLM\...\VzInHomeAgent) (Version: 9.0.63.0 - Verizon)

Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Mobile Device Updater Component (Version: 04.07.1404.01 - Microsoft Corporation) Hidden

Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4040.0 - Microsoft Corporation)

WinRAR 4.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )

Zune (HKLM\...\Zune) (Version: 04.07.1404.01 - Microsoft Corporation)

Zune (Version: 04.07.1404.01 - Microsoft Corporation) Hidden

Zune Language Pack (DEU) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden

Zune Language Pack (ESP) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden

Zune Language Pack (FRA) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden

Zune Language Pack (ITA) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden

Zune Language Pack (NLD) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden

Zune Language Pack (PTB) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden

Zune Language Pack (PTG) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\RAC\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\RAC\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\RAC\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Justin\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\Justin\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Justin\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\RAC\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Justin\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\RAC\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Justin\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{4cff1016-c2e2-4fdd-9c67-e32200c25ff9}\InprocServer32 -> C:\Program Files\Retrogamer_4w\bar\1.bin\4wSrcAs.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\RAC\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{8040829d-1177-46e2-9157-8282438b79c7}\InprocServer32 -> C:\Program Files\MyWebFace_5a\bar\1.bin\5aSrcAs.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Justin\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Justin\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Justin\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\RAC\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Justin\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-3272686857-3468428945-150708638-1001_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Justin\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File

 

==================== Restore Points  =========================

 

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2006-11-02 06:23 - 2013-08-24 21:00 - 00000815 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

::1             localhost

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {0288EFD3-FAAA-413D-8F19-F056E0510AFB} - System32\Tasks\Updater12759.exe => C:\Users\Justin\AppData\Local\Updater12759\Updater12759.exe <==== ATTENTION

Task: {09E03D82-E74F-434F-860D-3D6693261F29} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2

Task: {0A5AA21C-60E1-47BD-B56C-F59FA1D93586} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {18DFD9FC-082E-4E9B-8285-5F21D2B4EDAE} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {18EFA3BE-3523-4D3B-A4FE-F20687D21791} - System32\Tasks\Norton Product InstallerIdle => C:\Windows\system32\Macromed\Shockwave 10\SymInstallStub.exe

Task: {1A08D4B3-EFB0-4FB9-A28C-149E17CF4A2F} - System32\Tasks\APSnotifierCA => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: {1E1AA725-A2CC-4724-9777-3F55C1EBFACE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3272686857-3468428945-150708638-1000Core => C:\Users\RAC\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-11] (Google Inc.)

Task: {3028434B-C831-4006-A274-F5BF798DF90F} - System32\Tasks\RealCreateProcessScheduledTask34024364S-1-5-21-3272686857-3468428945-150708638-1000 => C:\Program Files\Real\RealPlayer\update\realsched.exe

Task: {36EF75AC-2C32-4E02-B353-8DF1856612A6} - System32\Tasks\RealCreateProcessScheduledTask40639758S-1-5-21-3272686857-3468428945-150708638-1000 => C:\Program Files\Real\RealPlayer\update\realsched.exe

Task: {3B969330-CC1C-4F74-BEAA-FFD868D6312B} - System32\Tasks\RealCreateProcessScheduledTask100634716S-1-5-21-3272686857-3468428945-150708638-1000 => C:\Program Files\Real\RealPlayer\update\realsched.exe

Task: {47325405-ABE9-4917-B76F-1E0A93067053} - System32\Tasks\Video-for-PC-1.2-firefoxinstaller => C:\Program Files\Video-for-PC-1.2\Video-for-PC-1.2-firefoxinstaller.exe

Task: {4CAB09B0-E482-426B-8EA2-F333B618AF02} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-08] (Google Inc.)

Task: {5916F864-469C-4391-8604-E4EA141A2699} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()

Task: {625C8434-B932-4FFD-A59B-EF65B56954D8} - System32\Tasks\RealCreateProcessScheduledTask115686301S-1-5-21-3272686857-3468428945-150708638-1000 => C:\Program Files\Real\RealPlayer\update\realsched.exe

Task: {62A03219-1614-4322-B38D-BEDC0C3DF53C} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe

Task: {67C208BA-D071-472D-8AB5-732A470873E5} - System32\Tasks\PC Optimizer Pro Updates => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION

Task: {67ED619B-F427-4B70-8966-4E64DF41EC39} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3272686857-3468428945-150708638-1000UA => C:\Users\RAC\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-11] (Google Inc.)

Task: {6D92D913-9D89-40C4-BA60-254327F3E534} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1

Task: {74214678-3BDD-4F3E-85FF-81BD0FA83C13} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - RAC) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe

Task: {7C5A51E8-1AD7-48C6-8879-257A8A9609F5} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

Task: {7E1F829B-2CFC-4979-AABB-5F5A19016390} - System32\Tasks\Video-for-PC-1.2-chromeinstaller => C:\Program Files\Video-for-PC-1.2\Video-for-PC-1.2-chromeinstaller.exe

Task: {7E3AEE39-099B-4B86-A5BA-9FB0CE9BC11A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-08] (Google Inc.)

Task: {83A5D8B2-5670-4A6D-BF3B-2802205A048C} - System32\Tasks\DriverUpdate Startup => C:\Program Files\DriverUpdate\DriverUpdate.exe [2014-01-15] (SlimWare Utilities, Inc.)

Task: {886D3A41-E308-49D8-A445-C86FA0C93BFF} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe

Task: {8B0E6FAB-F43A-4988-AF0A-A21646C212F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {90686B1D-539A-4747-A341-683473876DEC} - System32\Tasks\RealCreateProcessScheduledTask109676315S-1-5-21-3272686857-3468428945-150708638-1000 => C:\Program Files\Real\RealPlayer\update\realsched.exe

Task: {9ED703A9-5FFD-40D5-895A-4385EE1509DE} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)

Task: {A8DEBF96-39F7-43B4-AFE7-8D08AA1B64DE} - System32\Tasks\DealPly => C:\Users\Justin\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

Task: {AB35194F-F0B3-4CA3-95DA-C98648299028} - System32\Tasks\IHUninstallTrackingTASK => CMD

Task: {B43CDE02-070E-470D-AAF6-427078D39CAF} - System32\Tasks\0 => Iexplore.exe 

Task: {B7E0A8F8-8F24-4C9D-9450-66887665A46B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)

Task: {B9B5DDF0-5F89-4CF6-BE65-26076AE80E1D} - System32\Tasks\Video-for-PC-1.2-updater => C:\Program Files\Video-for-PC-1.2\Video-for-PC-1.2-updater.exe

Task: {C0709C02-2EA9-43C5-8486-B7380276E7E0} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)

Task: {C8B0C511-2154-43CF-94C9-54BDE58FBECB} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe

Task: {CD8BD98A-844D-45B2-AC4F-6D6F8F34E342} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe [2013-06-13] (Lavasoft Limited)

Task: {D1B910E1-2CCC-4375-AD0E-348CF2DEF01C} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3

Task: {D94DDDA0-6BC8-44EB-8D50-8AE8862B380D} - System32\Tasks\PCConfidential => C:\Program Files\Winferno\PC Confidential\PCConfidential.exe

Task: {DB815165-23F1-406E-9C49-FC55B941815A} - System32\Tasks\Video-for-PC-1.2-enabler => C:\Program Files\Video-for-PC-1.2\Video-for-PC-1.2-enabler.exe

Task: {DDF16DB7-B248-4FEF-B94E-54C7973D7510} - System32\Tasks\RealCreateProcessScheduledTask85528827S-1-5-21-3272686857-3468428945-150708638-1000 => C:\Program Files\Real\RealPlayer\update\realsched.exe

Task: {E32B7C9C-BE22-4669-B916-1E4D1F6CAA9F} - System32\Tasks\Video-for-PC-1.2-codedownloader => C:\Program Files\Video-for-PC-1.2\Video-for-PC-1.2-codedownloader.exe

Task: {EB49832C-47E7-4F2E-A909-5597845A8710} - System32\Tasks\PC Optimizer Pro startups => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION

Task: {EDB3C153-5414-47BA-BBDA-1354088CEE2F} - System32\Tasks\4395 => Wscript.exe C:\Users\RAC\AppData\Local\Temp\launchie.vbs //B

Task: {F2A571B3-F207-4AE7-8C36-F30AEE30C9D5} - System32\Tasks\RealCreateProcessScheduledTask99432884S-1-5-21-3272686857-3468428945-150708638-1000 => C:\Program Files\Real\RealPlayer\update\realsched.exe

Task: {FCCD7C24-FA3B-4B74-BDBD-35BB6E650ABF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-06] (Adobe Systems Incorporated)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\APSnotifierCA.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: C:\Windows\Tasks\CandyUpdater.job => C:\Users\RAC\AppData\Local\ArcadeCandy\candyUpdater.exe

Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe

Task: C:\Windows\Tasks\DriverUpdate Startup.job => C:\Program Files\DriverUpdate\DriverUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3272686857-3468428945-150708638-1000Core.job => C:\Users\RAC\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3272686857-3468428945-150708638-1000UA.job => C:\Users\RAC\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\PC Optimizer Pro startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION

Task: C:\Windows\Tasks\PC Optimizer Pro Updates.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION

Task: C:\Windows\Tasks\PCConfidential.job => C:\Program Files\Winferno\PC Confidential\PCConfidential.exe

Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe

Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe

Task: C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - RAC).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe

Task: C:\Windows\Tasks\User_Feed_Synchronization-{B1CE7117-A96E-4E1E-B62F-5A61453D78B3}.job => C:\Windows\system32\msfeedssync.exe

Task: C:\Windows\Tasks\Video-for-PC-1.2-chromeinstaller.job => C:\Program Files\Video-for-PC-1.2\Video-for-PC-1.2-chromeinstaller.exe <==== ATTENTION

Task: C:\Windows\Tasks\Video-for-PC-1.2-codedownloader.job => C:\Program Files\Video-for-PC-1.2\Video-for-PC-1.2-codedownloader.exe <==== ATTENTION

Task: C:\Windows\Tasks\Video-for-PC-1.2-enabler.job => C:\Program Files\Video-for-PC-1.2\Video-for-PC-1.2-enabler.exe <==== ATTENTION

Task: C:\Windows\Tasks\Video-for-PC-1.2-firefoxinstaller.job => C:\Program Files\Video-for-PC-1.2\Video-for-PC-1.2-firefoxinstaller.exe <==== ATTENTION

Task: C:\Windows\Tasks\Video-for-PC-1.2-updater.job => C:\Program Files\Video-for-PC-1.2\Video-for-PC-1.2-updater.exe <==== ATTENTION

 

==================== Loaded Modules (whitelisted) =============

 

2012-01-01 15:36 - 2007-08-21 14:32 - 00098304 _____ () C:\Windows\System32\redmonnt.dll

2011-05-10 09:21 - 2007-02-20 12:27 - 00102400 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\dlbapp5c.dll

2011-06-22 13:12 - 2009-08-19 14:10 - 00147968 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\lxdxdrpp.dll

2009-06-17 13:49 - 2009-06-17 13:49 - 00616408 _____ () C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe

2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2014-08-02 01:06 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl

2014-08-02 01:06 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl

2014-08-02 01:06 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl

2014-08-02 01:06 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll

2014-08-02 01:06 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll

2011-06-14 17:06 - 2011-05-28 22:04 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll

2011-06-22 13:12 - 2008-03-20 02:25 - 00668328 _____ () C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe

2011-06-22 13:12 - 2008-03-20 01:24 - 00380928 _____ () C:\Program Files\Lexmark 3600-4600 Series\lxdxscw.dll

2011-06-22 13:12 - 2008-03-20 01:17 - 00589824 _____ () C:\Program Files\Lexmark 3600-4600 Series\lxdxdatr.dll

2011-06-22 13:12 - 2008-03-20 01:24 - 00782336 _____ () C:\Program Files\Lexmark 3600-4600 Series\lxdxDRS.dll

2011-06-22 13:12 - 2008-03-20 01:24 - 00081920 _____ () C:\Program Files\Lexmark 3600-4600 Series\lxdxcaps.dll

2011-06-22 13:12 - 2008-03-20 01:17 - 00069632 _____ () C:\Program Files\Lexmark 3600-4600 Series\lxdxcnv4.dll

2011-06-22 13:11 - 2008-03-20 01:23 - 00364544 _____ () C:\Program Files\Lexmark 3600-4600 Series\iptk.dll

2011-06-22 13:12 - 2007-09-06 14:11 - 00151552 _____ () C:\Program Files\Lexmark 3600-4600 Series\lxdxptp.dll

2014-08-13 03:41 - 2014-08-13 03:41 - 00284160 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\d63d18ef3b08f14ce66d39ebb9e92c1c\VistaBridgeLibrary.ni.dll

2013-06-25 11:53 - 2014-06-20 06:08 - 00192376 _____ () C:\Program Files\Ad-Aware Antivirus\Definitions\libBase64.dll

2013-06-25 11:53 - 2014-06-20 06:08 - 00180088 _____ () C:\Program Files\Ad-Aware Antivirus\Definitions\libMachoUniv.dll

2014-08-13 01:33 - 2014-08-06 23:20 - 08537928 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll

2014-08-13 01:33 - 2014-08-06 23:20 - 00353096 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll

2014-08-13 01:33 - 2014-08-06 23:20 - 01732936 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll

2014-08-13 01:33 - 2014-08-06 23:20 - 14669128 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

AlternateDataStreams: C:\ProgramData\TEMP:26566B27

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service => ""="Ad-Aware Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ad-Aware Service => ""="Ad-Aware Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

 

==================== Faulty Device Manager Devices =============

 

Name: Xbox 360

Description: Xbox 360

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (08/19/2014 03:00:49 AM) (Source: System Restore) (EventID: 8193) (User: )

Description: Failed to create restore point on volume (Process = C:\Windows\system32\svchost.exe -k netsvcs; Descripton = Windows Update; Hr = 0x800423f4).

 

Error: (08/19/2014 03:00:48 AM) (Source: SPP) (EventID: 16387) (User: )

Description: Shadow copy creation failed because of error reported by ASR Writer.

 

More info: The parameter is incorrect. (0x80070057).

 

Error: (08/19/2014 00:30:30 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

 

Error: (08/19/2014 00:30:24 AM) (Source: Perflib) (EventID: 1010) (User: )

Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

 

Error: (08/18/2014 03:00:44 AM) (Source: System Restore) (EventID: 8193) (User: )

Description: Failed to create restore point on volume (Process = C:\Windows\system32\svchost.exe -k netsvcs; Descripton = Windows Update; Hr = 0x800423f4).

 

Error: (08/18/2014 03:00:44 AM) (Source: SPP) (EventID: 16387) (User: )

Description: Shadow copy creation failed because of error reported by ASR Writer.

 

More info: The parameter is incorrect. (0x80070057).

 

Error: (08/17/2014 08:19:38 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

 

Error: (08/17/2014 08:19:35 PM) (Source: Perflib) (EventID: 1010) (User: )

Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

 

Error: (08/17/2014 04:21:49 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)

Description: Chrome has encountered a fatal error.

ver=36.0.1985.143;lang=;guid=EBFCC2423B76463DAC2A036813AB76A5;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\f0c38aa1-9722-4e37-8ba6-5563b04dbc7a.dmp

 

Error: (08/17/2014 03:00:46 AM) (Source: System Restore) (EventID: 8193) (User: )

Description: Failed to create restore point on volume (Process = C:\Windows\system32\svchost.exe -k netsvcs; Descripton = Windows Update; Hr = 0x800423f4).

 

 

System errors:

=============

Error: (08/19/2014 03:02:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: 0x80070643Security Update for Windows Vista (KB2859537){992E6C42-7B83-4B97-8A93-F05D0859B149}201

 

Error: (08/18/2014 08:46:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: IPsec Policy Agent23000001Restart the service

 

Error: (08/18/2014 08:46:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Terminal Services2600001Restart the service

 

Error: (08/18/2014 08:46:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Telephony23000001Restart the service

 

Error: (08/18/2014 08:46:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Network Location Awareness21001Restart the service

 

Error: (08/18/2014 08:46:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: KtmRm for Distributed Transaction Coordinator2110001Restart the service

 

Error: (08/18/2014 08:46:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: DNS Client23000001Restart the service

 

Error: (08/18/2014 08:46:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Cryptographic Services2

 

Error: (08/18/2014 08:36:39 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

 

Error: (08/18/2014 08:35:48 PM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: 1Restart the serviceCryptographic Services%%1056

 

 

Microsoft Office Sessions:

=========================

Error: (08/19/2014 03:00:49 AM) (Source: System Restore) (EventID: 8193) (User: )

Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x800423f4

 

Error: (08/19/2014 03:00:48 AM) (Source: SPP) (EventID: 16387) (User: )

Description: ASR WriterThe parameter is incorrect. (0x80070057)

 

Error: (08/19/2014 00:30:30 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

 

Error: (08/19/2014 00:30:24 AM) (Source: Perflib) (EventID: 1010) (User: )

Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

 

Error: (08/18/2014 03:00:44 AM) (Source: System Restore) (EventID: 8193) (User: )

Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x800423f4

 

Error: (08/18/2014 03:00:44 AM) (Source: SPP) (EventID: 16387) (User: )

Description: ASR WriterThe parameter is incorrect. (0x80070057)

 

Error: (08/17/2014 08:19:38 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

 

Error: (08/17/2014 08:19:35 PM) (Source: Perflib) (EventID: 1010) (User: )

Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

 

Error: (08/17/2014 04:21:49 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)

Description: Chrome has encountered a fatal error.

ver=36.0.1985.143;lang=;guid=EBFCC2423B76463DAC2A036813AB76A5;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\f0c38aa1-9722-4e37-8ba6-5563b04dbc7a.dmp

 

Error: (08/17/2014 03:00:46 AM) (Source: System Restore) (EventID: 8193) (User: )

Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x800423f4

 

 

CodeIntegrity Errors:

===================================

  Date: 2014-08-19 04:54:14.901

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-08-19 04:54:14.360

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-08-19 04:54:13.858

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-08-19 04:54:13.360

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-08-19 04:54:12.596

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-08-19 04:54:12.113

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-08-19 04:54:11.622

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-08-19 04:54:11.050

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-08-15 02:36:22.562

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-08-15 02:36:21.279

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Processor: Intel® Pentium® Dual CPU E2200 @ 2.20GHz

Percentage of memory in use: 60%

Total physical RAM: 2036.45 MB

Available physical RAM: 802.43 MB

Total Pagefile: 5493.16 MB

Available Pagefile: 3421.69 MB

Total Virtual: 2047.88 MB

Available Virtual: 1893.17 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:222.78 GB) (Free:20.78 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:3.5 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.8 GB) (Disk ID: 40000000)

Partition 1: (Not Active) - (Size=55 MB) - (Type=DE)

Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)

Partition 3: (Active) - (Size=222.8 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites

05:05:35.0616 0x045c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58

05:05:40.0543 0x045c  ============================================================

05:05:40.0543 0x045c  Current date / time: 2014/08/19 05:05:40.0543

05:05:40.0543 0x045c  SystemInfo:

05:05:40.0543 0x045c  

05:05:40.0543 0x045c  OS Version: 6.0.6002 ServicePack: 2.0

05:05:40.0543 0x045c  Product type: Workstation

05:05:40.0543 0x045c  ComputerName: HOME

05:05:40.0544 0x045c  UserName: Justin

05:05:40.0544 0x045c  Windows directory: C:\Windows

05:05:40.0544 0x045c  System windows directory: C:\Windows

05:05:40.0544 0x045c  Processor architecture: Intel x86

05:05:40.0544 0x045c  Number of processors: 2

05:05:40.0544 0x045c  Page size: 0x1000

05:05:40.0544 0x045c  Boot type: Normal boot

05:05:40.0544 0x045c  ============================================================

05:05:43.0221 0x045c  KLMD registered as C:\Windows\system32\drivers\47098764.sys

05:05:44.0190 0x045c  System UUID: {86CB5289-63D9-E22B-225C-B938C6F5F6E6}

05:05:46.0681 0x045c  Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 ( 232.83 Gb ), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

05:05:46.0737 0x045c  ============================================================

05:05:46.0737 0x045c  \Device\Harddisk0\DR0:

05:05:46.0737 0x045c  MBR partitions:

05:05:46.0737 0x045c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1400000

05:05:46.0737 0x045c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x1BD8D000

05:05:46.0737 0x045c  ============================================================

05:05:46.0765 0x045c  C: <-> \Device\Harddisk0\DR0\Partition2

05:05:46.0796 0x045c  D: <-> \Device\Harddisk0\DR0\Partition1

05:05:46.0797 0x045c  ============================================================

05:05:46.0797 0x045c  Initialize success

05:05:46.0797 0x045c  ============================================================

05:05:59.0269 0x1458  ============================================================

05:05:59.0269 0x1458  Scan started

05:05:59.0269 0x1458  Mode: Manual; 

05:05:59.0269 0x1458  ============================================================

05:05:59.0269 0x1458  KSN ping started

05:06:15.0207 0x1458  KSN ping finished: true

05:06:16.0781 0x1458  ================ Scan system memory ========================

05:06:16.0781 0x1458  System memory - ok

05:06:16.0784 0x1458  ================ Scan services =============================

05:06:16.0900 0x1458  [ 01E81C84AD1D0ACC61CF3CFD06632210, 1140756BA2F28CA8DFCFF8FD223654E6A78BA1B770A169CC557ECE0E01381B17 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

05:06:16.0903 0x1458  !SASCORE - ok

05:06:17.0309 0x1458  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys

05:06:17.0318 0x1458  ACPI - ok

05:06:17.0470 0x1458  [ AE1671A3C798A3467DE5E7DD12179803, 102DCD7552F27AB8B55C61601208705538F60AFDB81F8C3D0A82F575DDCF808A ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe

05:06:17.0545 0x1458  Ad-Aware Service - ok

05:06:17.0748 0x1458  [ 835CE0647E4E9F01BEB26201DA6705B4, C90CBED7E066ECE2F380CE84B95EAD0E120C02720DB31483BDF0E7EDF7FB4EE1 ] AdobeActiveFileMonitor11.0 C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe

05:06:17.0757 0x1458  AdobeActiveFileMonitor11.0 - ok

05:06:17.0849 0x1458  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

05:06:17.0857 0x1458  AdobeFlashPlayerUpdateSvc - ok

05:06:17.0918 0x1458  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

05:06:17.0930 0x1458  adp94xx - ok

05:06:17.0990 0x1458  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys

05:06:18.0034 0x1458  adpahci - ok

05:06:18.0061 0x1458  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys

05:06:18.0065 0x1458  adpu160m - ok

05:06:18.0085 0x1458  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

05:06:18.0090 0x1458  adpu320 - ok

05:06:18.0157 0x1458  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

05:06:18.0158 0x1458  AeLookupSvc - ok

05:06:18.0243 0x1458  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys

05:06:18.0251 0x1458  AFD - ok

05:06:18.0294 0x1458  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys

05:06:18.0296 0x1458  agp440 - ok

05:06:18.0313 0x1458  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys

05:06:18.0316 0x1458  aic78xx - ok

05:06:18.0331 0x1458  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe

05:06:18.0333 0x1458  ALG - ok

05:06:18.0366 0x1458  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys

05:06:18.0367 0x1458  aliide - ok

05:06:18.0380 0x1458  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys

05:06:18.0383 0x1458  amdagp - ok

05:06:18.0389 0x1458  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys

05:06:18.0390 0x1458  amdide - ok

05:06:18.0402 0x1458  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys

05:06:18.0404 0x1458  AmdK7 - ok

05:06:18.0419 0x1458  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

05:06:18.0421 0x1458  AmdK8 - ok

05:06:18.0524 0x1458  [ F9DAC844B1D370DA4C984D4C22F5E696, 753B08E4D4CC09C91C16394F6A420E6DA033D41FDE510A41F900C1CED0E6B946 ] AntiSpywareService C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe

05:06:18.0541 0x1458  AntiSpywareService - ok

05:06:18.0621 0x1458  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll

05:06:18.0623 0x1458  Appinfo - ok

05:06:18.0752 0x1458  [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

05:06:18.0755 0x1458  Apple Mobile Device - ok

05:06:18.0814 0x1458  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys

05:06:18.0817 0x1458  arc - ok

05:06:18.0879 0x1458  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys

05:06:18.0882 0x1458  arcsas - ok

05:06:19.0000 0x1458  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

05:06:19.0026 0x1458  aspnet_state - ok

05:06:19.0061 0x1458  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

05:06:19.0063 0x1458  AsyncMac - ok

05:06:19.0096 0x1458  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys

05:06:19.0097 0x1458  atapi - ok

05:06:19.0171 0x1458  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

05:06:19.0181 0x1458  AudioEndpointBuilder - ok

05:06:19.0196 0x1458  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll

05:06:19.0205 0x1458  Audiosrv - ok

05:06:19.0328 0x1458  [ 21C2F3000A7233E517D7AB62F97BF509, 07169A2512D616E4AE7FE0F6B66D2B84D526F6022985871CC29E9F53FDCFCB6D ] Avgdiskx        C:\Windows\system32\DRIVERS\avgdiskx.sys

05:06:19.0336 0x1458  Avgdiskx - ok

05:06:19.0618 0x1458  [ 76AB36635951D8C96B485C9F8DCE7DE1, 1F57E2D85A0E766F79DCAC2CD2BBCBFDFBF88982CC01C2399255218B3DE18164 ] AVGIDSAgent     C:\Program Files\AVG\AVG2014\avgidsagent.exe

05:06:19.0700 0x1458  AVGIDSAgent - ok

05:06:19.0754 0x1458  [ 572AA32C47BDFD17D3F7411503215D1B, 62E2F46A4E45CE44B4DF8F898FF7CFE75B69B349F3C91959D353BBEC0F4DC83D ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys

05:06:19.0758 0x1458  AVGIDSDriver - ok

05:06:19.0806 0x1458  [ C0701A3C53F0A0F5E4900F26365A10A1, 2755AF8C98F4855FD467F0174D6AE7AC3E7050D95008FE521918194593684D51 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys

05:06:19.0811 0x1458  AVGIDSHX - ok

05:06:19.0852 0x1458  [ E7FEE532CEF01C97D7682E35D156244F, CF54B4B83E1A060FF52BDEAC4E20492ACFAABC87BC6BE784D6AB4CD64C965B92 ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys

05:06:19.0853 0x1458  AVGIDSShim - ok

05:06:19.0870 0x1458  [ FA868D5784DE755DD8A1B4B1A80574E4, 9300B4ACBDA96FA4FEE9265ED0E50F750C2B6F7BE854953B8FB73904679DBCA3 ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys

05:06:19.0876 0x1458  Avgldx86 - ok

05:06:19.0903 0x1458  [ 8D37558421330218C98722DF4AD85E83, 24C33B317BA605DFC9B9CE2868391A815870A61F58A172806533A16F29F92B0A ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys

05:06:19.0912 0x1458  Avglogx - ok

05:06:19.0937 0x1458  [ 5C3A4A2F473E614C1BF807FE2ABE0D05, 71E786EA1DCBC6ECB915E887B19C86E041C8E4373DAB28548D344323FD9D6CD2 ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys

05:06:19.0940 0x1458  Avgmfx86 - ok

05:06:19.0964 0x1458  [ 86FCB8CE3E68C4777B98F7AF06FE8519, 6B7507DA927ECDBA8B2DAA87530DDAEAC5B0983D3CF11D1F6D00D36601FBC60C ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys

05:06:19.0966 0x1458  Avgrkx86 - ok

05:06:19.0992 0x1458  [ ACFEE559442E1FCD48EC74C7D3452608, 536E36CD59BB1E0F5732D8BF57208A07C88A51D02FA016F844648CA0B44F0073 ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys

05:06:20.0011 0x1458  Avgtdix - ok

05:06:20.0089 0x1458  [ 5A63285CC0D3323D720E0C518FE74CA3, D990A75CC5FAC5B68DA8515A519D2B5F6312E546E31D54E36CB98271C1B308F3 ] avgwd           C:\Program Files\AVG\AVG2014\avgwdsvc.exe

05:06:20.0098 0x1458  avgwd - ok

05:06:20.0153 0x1458  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys

05:06:20.0154 0x1458  Beep - ok

05:06:20.0235 0x1458  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll

05:06:20.0247 0x1458  BFE - ok

05:06:20.0345 0x1458  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll

05:06:20.0393 0x1458  BITS - ok

05:06:20.0413 0x1458  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys

05:06:20.0415 0x1458  blbdrive - ok

05:06:20.0481 0x1458  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

05:06:20.0483 0x1458  bowser - ok

05:06:20.0530 0x1458  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys

05:06:20.0532 0x1458  BrFiltLo - ok

05:06:20.0573 0x1458  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys

05:06:20.0574 0x1458  BrFiltUp - ok

05:06:20.0600 0x1458  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll

05:06:20.0603 0x1458  Browser - ok

05:06:20.0654 0x1458  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys

05:06:20.0657 0x1458  Brserid - ok

05:06:20.0672 0x1458  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys

05:06:20.0674 0x1458  BrSerWdm - ok

05:06:20.0683 0x1458  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys

05:06:20.0684 0x1458  BrUsbMdm - ok

05:06:20.0697 0x1458  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys

05:06:20.0699 0x1458  BrUsbSer - ok

05:06:20.0868 0x1458  [ C0D87C561E4702B63AFE7668D2079994, 888F98E8E9AF91BBA35393877F5A0CD084B08FFE4A7689CA106FC31B42AB8E83 ] BstHdAndroidSvc C:\Program Files\BlueStacks\HD-Service.exe

05:06:20.0883 0x1458  BstHdAndroidSvc - ok

05:06:20.0935 0x1458  [ A0D7D374312F78F40EF99EFEE9539865, 51328D0B8C00F8CF47B8994F602DD88A04257A2E91962337ED000BAF4F2F4B33 ] BstHdDrv        C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys

05:06:20.0940 0x1458  BstHdDrv - ok

05:06:20.0994 0x1458  [ 37ADBBBFA0D2765299FC2A51CD12BA54, 0EAAE23F17DBD3AEE7EC365E612883961B0F63F5F621CA4DA5DA392D8C47C711 ] BstHdLogRotatorSvc C:\Program Files\BlueStacks\HD-LogRotatorService.exe

05:06:21.0011 0x1458  BstHdLogRotatorSvc - ok

05:06:21.0062 0x1458  [ 22A7547B254E221F5A0E44E42D682B93, D974334AABFF0F3957ABDDC539B609BC27FEC9564E8ACDC92EFFBE67232D3C92 ] BstHdUpdaterSvc C:\Program Files\BlueStacks\HD-UpdaterService.exe

05:06:21.0089 0x1458  BstHdUpdaterSvc - ok

05:06:21.0162 0x1458  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

05:06:21.0165 0x1458  BTHMODEM - ok

05:06:21.0239 0x1458  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

05:06:21.0243 0x1458  cdfs - ok

05:06:21.0259 0x1458  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

05:06:21.0264 0x1458  cdrom - ok

05:06:21.0330 0x1458  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll

05:06:21.0333 0x1458  CertPropSvc - ok

05:06:21.0352 0x1458  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys

05:06:21.0354 0x1458  circlass - ok

05:06:21.0408 0x1458  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys

05:06:21.0425 0x1458  CLFS - ok

05:06:21.0481 0x1458  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

05:06:21.0485 0x1458  clr_optimization_v2.0.50727_32 - ok

05:06:21.0548 0x1458  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

05:06:21.0763 0x1458  clr_optimization_v4.0.30319_32 - ok

05:06:21.0790 0x1458  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys

05:06:21.0791 0x1458  cmdide - ok

05:06:21.0823 0x1458  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys

05:06:21.0825 0x1458  Compbatt - ok

05:06:21.0852 0x1458  COMSysApp - ok

05:06:21.0883 0x1458  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

05:06:21.0885 0x1458  crcdisk - ok

05:06:21.0902 0x1458  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys

05:06:21.0905 0x1458  Crusoe - ok

05:06:21.0977 0x1458  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

05:06:21.0984 0x1458  CryptSvc - ok

05:06:22.0058 0x1458  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll

05:06:22.0086 0x1458  DcomLaunch - ok

05:06:22.0242 0x1458  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe

05:06:22.0332 0x1458  DFSR - ok

05:06:22.0421 0x1458  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll

05:06:22.0434 0x1458  Dhcp - ok

05:06:22.0506 0x1458  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys

05:06:22.0509 0x1458  disk - ok

05:06:22.0534 0x1458  dlba_device - ok

05:06:22.0592 0x1458  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll

05:06:22.0598 0x1458  Dnscache - ok

05:06:22.0642 0x1458  [ 13511564CAC5A005255765E322C16967, BC4A5E7F975BC8C0E1746B13B3D9163C5E020AD458484424876B7F00EDC8ADEE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe

05:06:22.0650 0x1458  DockLoginService - ok

05:06:22.0707 0x1458  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll

05:06:22.0716 0x1458  dot3svc - ok

05:06:22.0748 0x1458  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll

05:06:22.0755 0x1458  DPS - ok

05:06:22.0813 0x1458  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

05:06:22.0815 0x1458  drmkaud - ok

05:06:22.0897 0x1458  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

05:06:22.0925 0x1458  DXGKrnl - ok

05:06:22.0984 0x1458  [ 04944F4FC4F0477185F5D26AE0DDB90E, 2D67A90905871A26FA227AF0B31F7A0026E100E3253BF3B6791F593E56619F9E ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys

05:06:22.0995 0x1458  e1express - ok

05:06:23.0055 0x1458  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys

05:06:23.0061 0x1458  E1G60 - ok

05:06:23.0103 0x1458  EagleXNt - ok

05:06:23.0144 0x1458  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll

05:06:23.0148 0x1458  EapHost - ok

05:06:23.0219 0x1458  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys

05:06:23.0226 0x1458  Ecache - ok

05:06:23.0307 0x1458  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

05:06:23.0322 0x1458  elxstor - ok

05:06:23.0386 0x1458  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll

05:06:23.0419 0x1458  EMDMgmt - ok

05:06:23.0465 0x1458  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys

05:06:23.0467 0x1458  ErrDev - ok

05:06:23.0552 0x1458  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll

05:06:23.0566 0x1458  EventSystem - ok

05:06:23.0638 0x1458  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys

05:06:23.0644 0x1458  exfat - ok

05:06:23.0701 0x1458  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

05:06:23.0708 0x1458  fastfat - ok

05:06:23.0743 0x1458  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

05:06:23.0745 0x1458  fdc - ok

05:06:23.0777 0x1458  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll

05:06:23.0780 0x1458  fdPHost - ok

05:06:23.0798 0x1458  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll

05:06:23.0801 0x1458  FDResPub - ok

05:06:23.0861 0x1458  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

05:06:23.0886 0x1458  FileInfo - ok

05:06:23.0916 0x1458  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

05:06:23.0918 0x1458  Filetrace - ok

05:06:23.0936 0x1458  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

05:06:23.0938 0x1458  flpydisk - ok

05:06:24.0009 0x1458  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

05:06:24.0029 0x1458  FltMgr - ok

05:06:24.0144 0x1458  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll

05:06:24.0180 0x1458  FontCache - ok

05:06:24.0230 0x1458  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

05:06:24.0232 0x1458  FontCache3.0.0.0 - ok

05:06:24.0298 0x1458  [ D909075FA72C090F27AA926C32CB4612, F8610C20C4DD499D5B4ACEBD7107E52E25B6449AEED58D1A203F7D654B55C4DF ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys

05:06:24.0301 0x1458  fssfltr - ok

05:06:24.0440 0x1458  [ 40CDFAD174B3D5E80F95DDA003C0B97F, 2DA149CE42B87681ECDCC8905D0957443F430A9C7002FF78F22A95F9112A7C4C ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe

05:06:24.0508 0x1458  fsssvc - ok

05:06:24.0546 0x1458  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

05:06:24.0548 0x1458  Fs_Rec - ok

05:06:24.0579 0x1458  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

05:06:24.0583 0x1458  gagp30kx - ok

05:06:24.0646 0x1458  [ 483924F92E55A5F9423201EC635E2CED, FEDAC3616709F081A0FA48E2BF521CBCC35E11E523EBADDEACA7308AD14338B3 ] gfibto          C:\Windows\system32\drivers\gfibto.sys

05:06:24.0648 0x1458  gfibto - ok

05:06:24.0704 0x1458  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll

05:06:24.0735 0x1458  gpsvc - ok

05:06:24.0859 0x1458  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe

05:06:24.0865 0x1458  gupdate - ok

05:06:24.0888 0x1458  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe

05:06:24.0893 0x1458  gupdatem - ok

05:06:24.0947 0x1458  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

05:06:24.0958 0x1458  HdAudAddService - ok

05:06:25.0019 0x1458  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

05:06:25.0044 0x1458  HDAudBus - ok

05:06:25.0080 0x1458  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys

05:06:25.0083 0x1458  HidBth - ok

05:06:25.0100 0x1458  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys

05:06:25.0102 0x1458  HidIr - ok

05:06:25.0131 0x1458  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\System32\hidserv.dll

05:06:25.0135 0x1458  hidserv - ok

05:06:25.0172 0x1458  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

05:06:25.0174 0x1458  HidUsb - ok

05:06:25.0211 0x1458  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll

05:06:25.0217 0x1458  hkmsvc - ok

05:06:25.0235 0x1458  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys

05:06:25.0238 0x1458  HpCISSs - ok

05:06:25.0339 0x1458  [ 99F85640054BA65190B860D878A7C9AE, CE87323FFA4A74EA721A5E7CA6F233C54F21C2C1C6BF7DE84049CE7CEB0741AE ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys

05:06:25.0381 0x1458  HSF_DPV - ok

05:06:25.0422 0x1458  [ FE440536BD98AF772130DC3A6FE1915F, F890A4336E6BC11A5D0A7D49CFD0626FFC2131E81260AE3E2501BCD29434C131 ] HSXHWBS2        C:\Windows\system32\DRIVERS\HSXHWBS2.sys

05:06:25.0435 0x1458  HSXHWBS2 - ok

05:06:25.0479 0x1458  [ 0EEECA26C8D4BDE2A4664DB058A81937, 6F88567A116B1420BE1C9C8888F34D05F51378092C805EF4E489635CF92D416B ] HTTP            C:\Windows\system32\drivers\HTTP.sys

05:06:25.0497 0x1458  HTTP - ok

05:06:25.0514 0x1458  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys

05:06:25.0517 0x1458  i2omp - ok

05:06:25.0574 0x1458  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

05:06:25.0600 0x1458  i8042prt - ok

05:06:25.0649 0x1458  [ 997E8F5939F2D12CD9F2E6B395724C16, C22F10BADE29DA6F7EB79D9F5D81D9FBEC17D4D4F8B25E0AF4E5CEAE28E8ABF6 ] iaStor          C:\Windows\system32\drivers\iastor.sys

05:06:25.0663 0x1458  iaStor - ok

05:06:25.0695 0x1458  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys

05:06:25.0705 0x1458  iaStorV - ok

05:06:25.0799 0x1458  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

05:06:25.0839 0x1458  idsvc - ok

05:06:25.0978 0x1458  [ C134E69CE901422D1F2D7EA8D69098FE, 38D7AB6C85C0BCE34B8F52DDBD6F0371DF551003DF6BAE20A2AB1D1349128890 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys

05:06:26.0063 0x1458  igfx - ok

05:06:26.0192 0x1458  [ E026158F3FC752D99E5ACF6B24BAAAC3, 27BEEB20A8EF59D987B0478C1BA805063ADC266AB5BA0993700E4A89F0B6561E ] IHA_MessageCenter C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe

05:06:26.0208 0x1458  IHA_MessageCenter - ok

05:06:26.0239 0x1458  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys

05:06:26.0242 0x1458  iirsp - ok

05:06:26.0338 0x1458  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll

05:06:26.0444 0x1458  IKEEXT - ok

05:06:26.0478 0x1458  IntcAzAudAddService - ok

05:06:26.0518 0x1458  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\DRIVERS\intelide.sys

05:06:26.0520 0x1458  intelide - ok

05:06:26.0582 0x1458  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

05:06:26.0585 0x1458  intelppm - ok

05:06:26.0615 0x1458  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

05:06:26.0621 0x1458  IPBusEnum - ok

05:06:26.0638 0x1458  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

05:06:26.0641 0x1458  IpFilterDriver - ok

05:06:26.0684 0x1458  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] IpHlpSvc        C:\Windows\System32\iphlpsvc.dll

05:06:26.0696 0x1458  IpHlpSvc - ok

05:06:26.0704 0x1458  IpInIp - ok

05:06:26.0741 0x1458  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys

05:06:26.0751 0x1458  IPMIDRV - ok

05:06:26.0778 0x1458  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys

05:06:26.0783 0x1458  IPNAT - ok

05:06:26.0888 0x1458  [ E8A39D41474BE42FD8830CED32932D6C, 66D59E61E46253D06A4811CE2101C0AD4EEFE25C676548BBB1B0D056A20B5DC6 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

05:06:26.0912 0x1458  iPod Service - ok

05:06:26.0930 0x1458  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

05:06:26.0931 0x1458  IRENUM - ok

05:06:26.0945 0x1458  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

05:06:26.0948 0x1458  isapnp - ok

05:06:26.0984 0x1458  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys

05:06:26.0992 0x1458  iScsiPrt - ok

05:06:27.0029 0x1458  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys

05:06:27.0032 0x1458  iteatapi - ok

05:06:27.0086 0x1458  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys

05:06:27.0088 0x1458  iteraid - ok

05:06:27.0107 0x1458  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

05:06:27.0110 0x1458  kbdclass - ok

05:06:27.0162 0x1458  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

05:06:27.0164 0x1458  kbdhid - ok

05:06:27.0194 0x1458  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe

05:06:27.0197 0x1458  KeyIso - ok

05:06:27.0250 0x1458  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

05:06:27.0266 0x1458  KSecDD - ok

05:06:27.0351 0x1458  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll

05:06:27.0366 0x1458  KtmRm - ok

05:06:27.0446 0x1458  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll

05:06:27.0456 0x1458  LanmanServer - ok

05:06:27.0524 0x1458  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

05:06:27.0535 0x1458  LanmanWorkstation - ok

05:06:27.0567 0x1458  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

05:06:27.0569 0x1458  lltdio - ok

05:06:27.0601 0x1458  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

05:06:27.0610 0x1458  lltdsvc - ok

05:06:27.0636 0x1458  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll

05:06:27.0640 0x1458  lmhosts - ok

05:06:27.0667 0x1458  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

05:06:27.0672 0x1458  LSI_FC - ok

05:06:27.0689 0x1458  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

05:06:27.0693 0x1458  LSI_SAS - ok

05:06:27.0740 0x1458  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

05:06:27.0745 0x1458  LSI_SCSI - ok

05:06:27.0766 0x1458  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys

05:06:27.0770 0x1458  luafv - ok

05:06:27.0836 0x1458  [ FE6975565F4C73C04FDD800B1C596E22, 1AF78FE146923F29661D40D7E7BC194BDD42017BAF7777C81A5E8E90B028A2FE ] lxdxCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdxserv.exe

05:06:27.0846 0x1458  lxdxCATSCustConnectService - ok

05:06:27.0858 0x1458  lxdx_device - ok

05:06:27.0886 0x1458  [ 0DB7527DB188C7D967A37BB51BBF3963, 3812E26626EC49BE61B0B8DA5FE6E838C0FEF8A08363C239F64E6CCA0BA949D5 ] MBAMSwissArmy   C:\Windows\system32\drivers\mbamswissarmy.sys

05:06:27.0888 0x1458  MBAMSwissArmy - ok

05:06:27.0949 0x1458  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys

05:06:27.0951 0x1458  mdmxsdk - ok

05:06:28.0001 0x1458  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys

05:06:28.0003 0x1458  megasas - ok

05:06:28.0092 0x1458  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys

05:06:28.0107 0x1458  MegaSR - ok

05:06:28.0136 0x1458  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll

05:06:28.0141 0x1458  MMCSS - ok

05:06:28.0156 0x1458  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys

05:06:28.0158 0x1458  Modem - ok

05:06:28.0210 0x1458  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

05:06:28.0213 0x1458  monitor - ok

05:06:28.0224 0x1458  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

05:06:28.0226 0x1458  mouclass - ok

05:06:28.0241 0x1458  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

05:06:28.0243 0x1458  mouhid - ok

05:06:28.0258 0x1458  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys

05:06:28.0261 0x1458  MountMgr - ok

05:06:28.0319 0x1458  [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

05:06:28.0324 0x1458  MozillaMaintenance - ok

05:06:28.0365 0x1458  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys

05:06:28.0383 0x1458  mpio - ok

05:06:28.0430 0x1458  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

05:06:28.0433 0x1458  mpsdrv - ok

05:06:28.0512 0x1458  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll

05:06:28.0532 0x1458  MpsSvc - ok

05:06:28.0557 0x1458  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys

05:06:28.0558 0x1458  Mraid35x - ok

05:06:28.0630 0x1458  MREMP50 - ok

05:06:28.0633 0x1458  MREMPR5 - ok

05:06:28.0640 0x1458  MRENDIS5 - ok

05:06:28.0646 0x1458  MRESP50 - ok

05:06:28.0678 0x1458  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

05:06:28.0682 0x1458  MRxDAV - ok

05:06:28.0711 0x1458  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

05:06:28.0714 0x1458  mrxsmb - ok

05:06:28.0769 0x1458  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

05:06:28.0775 0x1458  mrxsmb10 - ok

05:06:28.0791 0x1458  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

05:06:28.0794 0x1458  mrxsmb20 - ok

05:06:28.0822 0x1458  [ F70590424EEFBF5C27A40C67AFDB8383, 1F2AC1DA12F7E6F09D8F6622EF1366ABD4B86EBE51DD1915E803D56A568A3412 ] msahci          C:\Windows\system32\drivers\msahci.sys

05:06:28.0824 0x1458  msahci - ok

05:06:28.0837 0x1458  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

05:06:28.0841 0x1458  msdsm - ok

05:06:28.0859 0x1458  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe

05:06:28.0864 0x1458  MSDTC - ok

05:06:28.0885 0x1458  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

05:06:28.0886 0x1458  Msfs - ok

05:06:28.0932 0x1458  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

05:06:28.0934 0x1458  msisadrv - ok

05:06:28.0955 0x1458  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

05:06:28.0961 0x1458  MSiSCSI - ok

05:06:28.0967 0x1458  msiserver - ok

05:06:28.0987 0x1458  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

05:06:28.0988 0x1458  MSKSSRV - ok

05:06:29.0059 0x1458  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

05:06:29.0060 0x1458  MSPCLOCK - ok

05:06:29.0067 0x1458  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

05:06:29.0068 0x1458  MSPQM - ok

05:06:29.0092 0x1458  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

05:06:29.0098 0x1458  MsRPC - ok

05:06:29.0113 0x1458  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

05:06:29.0115 0x1458  mssmbios - ok

05:06:29.0128 0x1458  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

05:06:29.0130 0x1458  MSTEE - ok

05:06:29.0149 0x1458  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys

05:06:29.0152 0x1458  Mup - ok

05:06:29.0181 0x1458  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll

05:06:29.0195 0x1458  napagent - ok

05:06:29.0228 0x1458  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

05:06:29.0233 0x1458  NativeWifiP - ok

05:06:29.0271 0x1458  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys

05:06:29.0290 0x1458  NDIS - ok

05:06:29.0308 0x1458  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

05:06:29.0309 0x1458  NdisTapi - ok

05:06:29.0322 0x1458  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

05:06:29.0324 0x1458  Ndisuio - ok

05:06:29.0355 0x1458  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

05:06:29.0370 0x1458  NdisWan - ok

05:06:29.0394 0x1458  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

05:06:29.0397 0x1458  NDProxy - ok

05:06:29.0446 0x1458  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

05:06:29.0449 0x1458  NetBIOS - ok

05:06:29.0472 0x1458  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys

05:06:29.0481 0x1458  netbt - ok

05:06:29.0491 0x1458  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe

05:06:29.0495 0x1458  Netlogon - ok

05:06:29.0536 0x1458  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll

05:06:29.0552 0x1458  Netman - ok

05:06:29.0623 0x1458  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

05:06:29.0651 0x1458  NetMsmqActivator - ok

05:06:29.0664 0x1458  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

05:06:29.0670 0x1458  NetPipeActivator - ok

05:06:29.0703 0x1458  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll

05:06:29.0713 0x1458  netprofm - ok

05:06:29.0746 0x1458  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

05:06:29.0751 0x1458  NetTcpActivator - ok

05:06:29.0779 0x1458  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing 

Link to post
Share on other sites

C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

05:06:29.0783 0x1458  NetTcpPortSharing - ok

05:06:29.0819 0x1458  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

05:06:29.0821 0x1458  nfrd960 - ok

05:06:29.0836 0x1458  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll

05:06:29.0843 0x1458  NlaSvc - ok

05:06:29.0861 0x1458  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

05:06:29.0864 0x1458  Npfs - ok

05:06:29.0875 0x1458  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll

05:06:29.0878 0x1458  nsi - ok

05:06:29.0889 0x1458  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

05:06:29.0891 0x1458  nsiproxy - ok

05:06:29.0954 0x1458  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

05:06:29.0985 0x1458  Ntfs - ok

05:06:30.0008 0x1458  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys

05:06:30.0010 0x1458  ntrigdigi - ok

05:06:30.0054 0x1458  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys

05:06:30.0055 0x1458  Null - ok

05:06:30.0076 0x1458  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys

05:06:30.0079 0x1458  nvraid - ok

05:06:30.0095 0x1458  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

05:06:30.0097 0x1458  nvstor - ok

05:06:30.0111 0x1458  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

05:06:30.0115 0x1458  nv_agp - ok

05:06:30.0121 0x1458  NwlnkFlt - ok

05:06:30.0128 0x1458  NwlnkFwd - ok

05:06:30.0181 0x1458  [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

05:06:30.0183 0x1458  ohci1394 - ok

05:06:30.0235 0x1458  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll

05:06:30.0251 0x1458  p2pimsvc - ok

05:06:30.0277 0x1458  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll

05:06:30.0293 0x1458  p2psvc - ok

05:06:30.0310 0x1458  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys

05:06:30.0313 0x1458  Parport - ok

05:06:30.0340 0x1458  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys

05:06:30.0342 0x1458  partmgr - ok

05:06:30.0357 0x1458  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys

05:06:30.0359 0x1458  Parvdm - ok

05:06:30.0418 0x1458  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll

05:06:30.0422 0x1458  PcaSvc - ok

05:06:30.0457 0x1458  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys

05:06:30.0462 0x1458  pci - ok

05:06:30.0479 0x1458  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys

05:06:30.0480 0x1458  pciide - ok

05:06:30.0499 0x1458  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

05:06:30.0505 0x1458  pcmcia - ok

05:06:30.0591 0x1458  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

05:06:30.0615 0x1458  PEAUTH - ok

05:06:30.0755 0x1458  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll

05:06:30.0801 0x1458  pla - ok

05:06:30.0844 0x1458  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

05:06:30.0854 0x1458  PlugPlay - ok

05:06:30.0889 0x1458  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll

05:06:30.0906 0x1458  PNRPAutoReg - ok

05:06:30.0930 0x1458  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll

05:06:30.0946 0x1458  PNRPsvc - ok

05:06:30.0977 0x1458  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

05:06:30.0989 0x1458  PolicyAgent - ok

05:06:31.0034 0x1458  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

05:06:31.0037 0x1458  PptpMiniport - ok

05:06:31.0054 0x1458  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys

05:06:31.0056 0x1458  Processor - ok

05:06:31.0071 0x1458  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll

05:06:31.0077 0x1458  ProfSvc - ok

05:06:31.0091 0x1458  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe

05:06:31.0093 0x1458  ProtectedStorage - ok

05:06:31.0131 0x1458  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys

05:06:31.0133 0x1458  PSched - ok

05:06:31.0216 0x1458  [ B6A1692FC131F1FE5162513D78A9B6FC, 193B12508E5D076B178AADDDA9BECB4F397307FB8D96B16540697D6E49D61C28 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys

05:06:31.0218 0x1458  PxHelp20 - ok

05:06:31.0307 0x1458  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys

05:06:31.0338 0x1458  ql2300 - ok

05:06:31.0362 0x1458  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

05:06:31.0377 0x1458  ql40xx - ok

05:06:31.0418 0x1458  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll

05:06:31.0438 0x1458  QWAVE - ok

05:06:31.0452 0x1458  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

05:06:31.0454 0x1458  QWAVEdrv - ok

05:06:31.0559 0x1458  [ E642B131FB74CAF4BB8A014F31113142, 18A81B27FB2DA556AC51DBA8956203A6E821D75B2B09F11049250E732318F573 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys

05:06:31.0638 0x1458  R300 - ok

05:06:31.0665 0x1458  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

05:06:31.0666 0x1458  RasAcd - ok

05:06:31.0679 0x1458  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll

05:06:31.0685 0x1458  RasAuto - ok

05:06:31.0717 0x1458  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

05:06:31.0725 0x1458  Rasl2tp - ok

05:06:31.0771 0x1458  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll

05:06:31.0782 0x1458  RasMan - ok

05:06:31.0829 0x1458  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

05:06:31.0831 0x1458  RasPppoe - ok

05:06:31.0861 0x1458  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

05:06:31.0864 0x1458  RasSstp - ok

05:06:31.0901 0x1458  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

05:06:31.0909 0x1458  rdbss - ok

05:06:31.0917 0x1458  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

05:06:31.0919 0x1458  RDPCDD - ok

05:06:31.0949 0x1458  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys

05:06:31.0958 0x1458  rdpdr - ok

05:06:31.0968 0x1458  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

05:06:31.0969 0x1458  RDPENCDD - ok

05:06:32.0004 0x1458  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

05:06:32.0025 0x1458  RDPWD - ok

05:06:32.0058 0x1458  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll

05:06:32.0063 0x1458  RemoteAccess - ok

05:06:32.0097 0x1458  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

05:06:32.0103 0x1458  RemoteRegistry - ok

05:06:32.0118 0x1458  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe

05:06:32.0120 0x1458  RpcLocator - ok

05:06:32.0159 0x1458  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll

05:06:32.0175 0x1458  RpcSs - ok

05:06:32.0187 0x1458  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

05:06:32.0190 0x1458  rspndr - ok

05:06:32.0200 0x1458  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe

05:06:32.0202 0x1458  SamSs - ok

05:06:32.0276 0x1458  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

05:06:32.0277 0x1458  SASDIFSV - ok

05:06:32.0329 0x1458  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

05:06:32.0331 0x1458  SASKUTIL - ok

05:06:32.0547 0x1458  [ 99FC1599F89A80216E41175B8CA44D89, 20306278CF081E58002D6ADCC07CA65D7651C8D059392337562612EDFAC5BEB5 ] SBAMSvc         C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe

05:06:32.0645 0x1458  SBAMSvc - ok

05:06:32.0687 0x1458  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

05:06:32.0690 0x1458  sbp2port - ok

05:06:32.0695 0x1458  SBRE - ok

05:06:32.0726 0x1458  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

05:06:32.0731 0x1458  SCardSvr - ok

05:06:32.0777 0x1458  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll

05:06:32.0795 0x1458  Schedule - ok

05:06:32.0823 0x1458  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll

05:06:32.0825 0x1458  SCPolicySvc - ok

05:06:32.0845 0x1458  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

05:06:32.0851 0x1458  SDRSVC - ok

05:06:33.0036 0x1458  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe

05:06:33.0099 0x1458  SDScannerService - ok

05:06:33.0240 0x1458  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe

05:06:33.0311 0x1458  SDUpdateService - ok

05:06:33.0349 0x1458  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe

05:06:33.0358 0x1458  SDWSCService - ok

05:06:33.0391 0x1458  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

05:06:33.0393 0x1458  secdrv - ok

05:06:33.0432 0x1458  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll

05:06:33.0450 0x1458  seclogon - ok

05:06:33.0481 0x1458  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll

05:06:33.0486 0x1458  SENS - ok

05:06:33.0503 0x1458  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys

05:06:33.0505 0x1458  Serenum - ok

05:06:33.0525 0x1458  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys

05:06:33.0529 0x1458  Serial - ok

05:06:33.0545 0x1458  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys

05:06:33.0547 0x1458  sermouse - ok

05:06:33.0568 0x1458  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll

05:06:33.0573 0x1458  SessionEnv - ok

05:06:33.0588 0x1458  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

05:06:33.0590 0x1458  sffdisk - ok

05:06:33.0600 0x1458  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

05:06:33.0601 0x1458  sffp_mmc - ok

05:06:33.0608 0x1458  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

05:06:33.0609 0x1458  sffp_sd - ok

05:06:33.0621 0x1458  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

05:06:33.0622 0x1458  sfloppy - ok

05:06:33.0661 0x1458  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

05:06:33.0671 0x1458  SharedAccess - ok

05:06:33.0733 0x1458  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

05:06:33.0741 0x1458  ShellHWDetection - ok

05:06:33.0759 0x1458  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys

05:06:33.0762 0x1458  sisagp - ok

05:06:33.0778 0x1458  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys

05:06:33.0780 0x1458  SiSRaid2 - ok

05:06:33.0797 0x1458  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

05:06:33.0800 0x1458  SiSRaid4 - ok

05:06:33.0947 0x1458  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe

05:06:34.0032 0x1458  slsvc - ok

05:06:34.0089 0x1458  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll

05:06:34.0093 0x1458  SLUINotify - ok

05:06:34.0107 0x1458  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys

05:06:34.0110 0x1458  Smb - ok

05:06:34.0145 0x1458  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

05:06:34.0148 0x1458  SNMPTRAP - ok

05:06:34.0176 0x1458  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys

05:06:34.0177 0x1458  spldr - ok

05:06:34.0214 0x1458  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe

05:06:34.0220 0x1458  Spooler - ok

05:06:34.0261 0x1458  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys

05:06:34.0270 0x1458  srv - ok

05:06:34.0297 0x1458  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

05:06:34.0301 0x1458  srv2 - ok

05:06:34.0320 0x1458  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

05:06:34.0323 0x1458  srvnet - ok

05:06:34.0352 0x1458  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

05:06:34.0373 0x1458  SSDPSRV - ok

05:06:34.0446 0x1458  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll

05:06:34.0466 0x1458  SstpSvc - ok

05:06:34.0512 0x1458  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll

05:06:34.0531 0x1458  stisvc - ok

05:06:34.0562 0x1458  [ FFB311EE7FA581E15FB002884575F068, CA6BC70C8C49BDB7815FE4DD2E0402D315F0BF7D3D81AC97BB3A00BA09CDFC13 ] SWDUMon         C:\Windows\system32\DRIVERS\SWDUMon.sys

05:06:34.0564 0x1458  SWDUMon - ok

05:06:34.0595 0x1458  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

05:06:34.0596 0x1458  swenum - ok

05:06:34.0638 0x1458  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll

05:06:34.0654 0x1458  swprv - ok

05:06:34.0705 0x1458  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys

05:06:34.0724 0x1458  Symc8xx - ok

05:06:34.0761 0x1458  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys

05:06:34.0764 0x1458  Sym_hi - ok

05:06:34.0780 0x1458  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys

05:06:34.0782 0x1458  Sym_u3 - ok

05:06:34.0835 0x1458  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll

05:06:34.0871 0x1458  SysMain - ok

05:06:34.0908 0x1458  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll

05:06:34.0916 0x1458  TabletInputService - ok

05:06:34.0958 0x1458  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll

05:06:34.0973 0x1458  TapiSrv - ok

05:06:34.0990 0x1458  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll

05:06:35.0010 0x1458  TBS - ok

05:06:35.0095 0x1458  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

05:06:35.0134 0x1458  Tcpip - ok

05:06:35.0184 0x1458  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys

05:06:35.0219 0x1458  Tcpip6 - ok

05:06:35.0245 0x1458  [ 95389980F70FC4990A4395A0B8BBE1D6, FB5CBC85733A4EC4FB9F210A5D4E5989F6A3F2995D895F5B41163CDFC04DB82C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

05:06:35.0248 0x1458  tcpipreg - ok

05:06:35.0282 0x1458  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

05:06:35.0284 0x1458  TDPIPE - ok

05:06:35.0304 0x1458  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

05:06:35.0307 0x1458  TDTCP - ok

05:06:35.0325 0x1458  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

05:06:35.0350 0x1458  tdx - ok

05:06:35.0387 0x1458  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

05:06:35.0396 0x1458  TermDD - ok

05:06:35.0437 0x1458  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll

05:06:35.0465 0x1458  TermService - ok

05:06:35.0503 0x1458  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll

05:06:35.0516 0x1458  Themes - ok

05:06:35.0542 0x1458  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll

05:06:35.0547 0x1458  THREADORDER - ok

05:06:35.0588 0x1458  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll

05:06:35.0596 0x1458  TrkWks - ok

05:06:35.0647 0x1458  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

05:06:35.0650 0x1458  TrustedInstaller - ok

05:06:35.0684 0x1458  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

05:06:35.0686 0x1458  tssecsrv - ok

05:06:35.0712 0x1458  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys

05:06:35.0714 0x1458  tunmp - ok

05:06:35.0746 0x1458  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

05:06:35.0748 0x1458  tunnel - ok

05:06:35.0764 0x1458  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

05:06:35.0768 0x1458  uagp35 - ok

05:06:35.0809 0x1458  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

05:06:35.0822 0x1458  udfs - ok

05:06:35.0849 0x1458  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

05:06:35.0856 0x1458  UI0Detect - ok

05:06:35.0880 0x1458  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

05:06:35.0884 0x1458  uliagpkx - ok

05:06:35.0908 0x1458  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys

05:06:35.0920 0x1458  uliahci - ok

05:06:35.0940 0x1458  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys

05:06:35.0945 0x1458  UlSata - ok

05:06:35.0965 0x1458  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys

05:06:35.0971 0x1458  ulsata2 - ok

05:06:35.0987 0x1458  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

05:06:35.0990 0x1458  umbus - ok

05:06:36.0029 0x1458  Update BrowseSmart - ok

05:06:36.0088 0x1458  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll

05:06:36.0104 0x1458  upnphost - ok

05:06:36.0137 0x1458  [ 8BF5D980CDCE35FB26F05047144BB57E, 8A770DD649FA0D6F574651E5525B983261B823C5778764598D89C453E68ED3F1 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys

05:06:36.0140 0x1458  USBAAPL - ok

05:06:36.0212 0x1458  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

05:06:36.0217 0x1458  usbccgp - ok

05:06:36.0242 0x1458  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

05:06:36.0246 0x1458  usbcir - ok

05:06:36.0280 0x1458  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

05:06:36.0283 0x1458  usbehci - ok

05:06:36.0317 0x1458  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

05:06:36.0327 0x1458  usbhub - ok

05:06:36.0345 0x1458  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys

05:06:36.0347 0x1458  usbohci - ok

05:06:36.0385 0x1458  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

05:06:36.0388 0x1458  usbprint - ok

05:06:36.0461 0x1458  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

05:06:36.0463 0x1458  usbscan - ok

05:06:36.0492 0x1458  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

05:06:36.0495 0x1458  USBSTOR - ok

05:06:36.0512 0x1458  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys

05:06:36.0514 0x1458  usbuhci - ok

05:06:36.0520 0x1458  Util BrowseSmart - ok

05:06:36.0550 0x1458  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll

05:06:36.0557 0x1458  UxSms - ok

05:06:36.0601 0x1458  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe

05:06:36.0622 0x1458  vds - ok

05:06:36.0642 0x1458  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

05:06:36.0645 0x1458  vga - ok

05:06:36.0659 0x1458  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys

05:06:36.0661 0x1458  VgaSave - ok

05:06:36.0717 0x1458  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys

05:06:36.0725 0x1458  viaagp - ok

05:06:36.0740 0x1458  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys

05:06:36.0749 0x1458  ViaC7 - ok

05:06:36.0778 0x1458  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys

05:06:36.0780 0x1458  viaide - ok

05:06:36.0799 0x1458  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

05:06:36.0803 0x1458  volmgr - ok

05:06:36.0844 0x1458  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

05:06:36.0858 0x1458  volmgrx - ok

05:06:36.0902 0x1458  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

05:06:36.0913 0x1458  volsnap - ok

05:06:36.0954 0x1458  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

05:06:36.0960 0x1458  vsmraid - ok

05:06:37.0044 0x1458  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe

05:06:37.0107 0x1458  VSS - ok

05:06:37.0153 0x1458  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll

05:06:37.0170 0x1458  W32Time - ok

05:06:37.0191 0x1458  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

05:06:37.0193 0x1458  WacomPen - ok

05:06:37.0207 0x1458  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys

05:06:37.0211 0x1458  Wanarp - ok

05:06:37.0219 0x1458  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

05:06:37.0223 0x1458  Wanarpv6 - ok

05:06:37.0252 0x1458  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

05:06:37.0267 0x1458  wcncsvc - ok

05:06:37.0293 0x1458  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

05:06:37.0306 0x1458  WcsPlugInService - ok

05:06:37.0345 0x1458  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys

05:06:37.0383 0x1458  Wd - ok

05:06:37.0481 0x1458  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

05:06:37.0518 0x1458  Wdf01000 - ok

05:06:37.0546 0x1458  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll

05:06:37.0551 0x1458  WdiServiceHost - ok

05:06:37.0556 0x1458  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll

05:06:37.0561 0x1458  WdiSystemHost - ok

05:06:37.0597 0x1458  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll

05:06:37.0605 0x1458  WebClient - ok

05:06:37.0636 0x1458  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll

05:06:37.0643 0x1458  Wecsvc - ok

05:06:37.0657 0x1458  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll

05:06:37.0663 0x1458  wercplsupport - ok

05:06:37.0698 0x1458  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll

05:06:37.0706 0x1458  WerSvc - ok

05:06:37.0761 0x1458  [ 72CC6A8CA7891031D6380DB5025C773C, 33D5021C3A2FE8E9F6E2C22F4777E1D82A6B3998EB857B618A3C8838D3C8B03E ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys

05:06:37.0785 0x1458  winachsf - ok

05:06:37.0847 0x1458  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll

05:06:37.0857 0x1458  WinDefend - ok

05:06:37.0869 0x1458  WinHttpAutoProxySvc - ok

05:06:37.0912 0x1458  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

05:06:37.0919 0x1458  Winmgmt - ok

05:06:38.0009 0x1458  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll

05:06:38.0064 0x1458  WinRM - ok

05:06:38.0130 0x1458  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE, 04374450882504D9031951F4E9317E5A128EBA5A22A3555ACD28BC742861AF9C ] WINUSB          C:\Windows\system32\DRIVERS\WinUSB.SYS

05:06:38.0132 0x1458  WINUSB - ok

05:06:38.0182 0x1458  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll

05:06:38.0209 0x1458  Wlansvc - ok

05:06:38.0312 0x1458  [ 6067ACEF367E79914AF628FA1E9B5330, 491A705267B48C103E00B26BBD21FA8829DB03A88343CBC27264CEE5DE8C8DEF ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

05:06:38.0315 0x1458  wlcrasvc - ok

05:06:38.0463 0x1458  [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

05:06:38.0549 0x1458  wlidsvc - ok

05:06:38.0581 0x1458  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

05:06:38.0583 0x1458  WmiAcpi - ok

05:06:38.0628 0x1458  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

05:06:38.0634 0x1458  wmiApSrv - ok

05:06:38.0768 0x1458  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe

05:06:38.0807 0x1458  WMPNetworkSvc - ok

05:06:38.0875 0x1458  [ A3BA4712EBF768EDFBCCEC09FA120B6F, 25A1E2FF64959E41F944BE69360BAFFE14E0D41566F5343795FB8D61C7DBE593 ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe

05:06:38.0887 0x1458  WMZuneComm - ok

05:06:38.0928 0x1458  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll

05:06:38.0940 0x1458  WPCSvc - ok

05:06:38.0976 0x1458  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

05:06:38.0985 0x1458  WPDBusEnum - ok

05:06:39.0057 0x1458  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys

05:06:39.0060 0x1458  WpdUsb - ok

05:06:39.0172 0x1458  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

05:06:39.0206 0x1458  WPFFontCache_v0400 - ok

05:06:39.0231 0x1458  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

05:06:39.0233 0x1458  ws2ifsl - ok

05:06:39.0289 0x1458  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll

05:06:39.0297 0x1458  wscsvc - ok

05:06:39.0305 0x1458  WSearch - ok

05:06:39.0479 0x1458  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll

05:06:39.0573 0x1458  wuauserv - ok

05:06:39.0644 0x1458  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

05:06:39.0647 0x1458  WudfPf - ok

05:06:39.0676 0x1458  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

05:06:39.0684 0x1458  WUDFRd - ok

05:06:39.0705 0x1458  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

05:06:39.0714 0x1458  wudfsvc - ok

05:06:39.0774 0x1458  [ DAB33CFA9DD24251AAA389FF36B64D4B, 1C5D7C3D6C3552BDD52EB7E76031746D7DAAF64CA2432CC23329DA72BE7252D0 ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys

05:06:39.0776 0x1458  XAudio - ok

05:06:39.0811 0x1458  [ CD5F291A1161F15896D1A4D63DAFF5DF, 4F30DC454F255249431FCD14DE17858A79A088A4084F2CEDD0CF25382D427285 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe

05:06:39.0829 0x1458  XAudioService - ok

05:06:39.0941 0x1458  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

05:06:39.0967 0x1458  YahooAUService - ok

05:06:40.0288 0x1458  [ 5BDCACD5B2B0FB972BC570E70F616ACF, 90DAA2A5E5733DDD0898544F82B1371065DBD8D181DAF2AF29767A39D35F3D1D ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe

05:06:40.0490 0x1458  ZuneNetworkSvc - ok

05:06:40.0574 0x1458  [ E22E48654A66AA3E24F4646C6BC1756C, 2F6DDFCD5E4271C605EDFAD460DF8D9CD0EE5998CF862F47EB3F108DB2A712D1 ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe

05:06:40.0587 0x1458  ZuneWlanCfgSvc - ok

05:06:40.0596 0x1458  {7f2b4ad0-671a-477b-bcd4-79d041f50d27}Gt - ok

05:06:40.0601 0x1458  ================ Scan global ===============================

05:06:40.0640 0x1458  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll

05:06:40.0714 0x1458  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll

05:06:40.0745 0x1458  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll

05:06:40.0788 0x1458  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe

05:06:40.0798 0x1458  [ Global ] - ok

05:06:40.0798 0x1458  ================ Scan MBR ==================================

05:06:40.0814 0x1458  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

05:06:40.0814 0x1458  Suspicious mbr (Forged): \Device\Harddisk0\DR0

05:06:40.0875 0x1458  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c ( 0 )

05:06:40.0875 0x1458  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected

05:06:45.0678 0x1458  ================ Scan VBR ==================================

05:06:45.0684 0x1458  [ D3AEAFC099DE39ACF2C59632D762CA79 ] \Device\Harddisk0\DR0\Partition1

05:06:45.0712 0x1458  \Device\Harddisk0\DR0\Partition1 - ok

05:06:45.0718 0x1458  [ EDDD22F4CDA52A543A7D270520AB4802 ] \Device\Harddisk0\DR0\Partition2

05:06:45.0761 0x1458  \Device\Harddisk0\DR0\Partition2 - ok

05:06:45.0761 0x1458  ================ Scan generic autorun ======================

05:06:45.0799 0x1458  [ 806DB5F4FC5185AFC608E881979CC25F, B4991488DB86C84D5B2EB7F900541CBB094A87877DD82CB39411B59DA174B3F2 ] C:\Windows\system32\igfxtray.exe

05:06:45.0807 0x1458  IgfxTray - ok

05:06:45.0838 0x1458  [ D4975555E91636FCF4809E51731F80D8, 5A24C4C38B3ADD25F04A9E327314B23F1A7C63C44C4EB78AC234049FBFB60217 ] C:\Windows\system32\hkcmd.exe

05:06:45.0847 0x1458  HotKeysCmds - ok

05:06:45.0862 0x1458  [ CD12A46AE81306C2F14B19A58E1058B0, 699573D9C5C109813EFDA73283F9274300888002239831073FB164F91640EF65 ] C:\Windows\system32\igfxpers.exe

05:06:45.0870 0x1458  Persistence - ok

05:06:45.0912 0x1458  [ 267B3A856E9F4DB1CABD4E6DB71E07D2, E384B0204375A8E9DCAFB3FD6E72442F3E9418812637F4EFA2653F946EBE8E26 ] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe

05:06:45.0914 0x1458  dscactivate - ok

05:06:45.0991 0x1458  [ 40B527681CA3CA2F6EC7851018509F29, 96FF9088B3EE32AB78679A4D91E05312448E03BFF03EE20A022B4791C2EBCB6D ] C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe

05:06:46.0019 0x1458  lxdxmon.exe - ok

05:06:46.0070 0x1458  [ AC38D80D713A573848B6AC1EE2F77229, 193FF021F63D00E0F67E38D58AC26CE422AD0F00252183920C02065A9A7D99A6 ] C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe

05:06:46.0075 0x1458  EzPrint - ok

05:06:46.0106 0x1458  [ 4048F9DA4BA3036A994185CE6A2B6C55, CB58574F3439FD51AEEA9B7046F4C54C85FA6355D89468674E0651DDD5DD6C64 ] C:\Program Files\Zune\ZuneLauncher.exe

05:06:46.0113 0x1458  Zune Launcher - ok

05:06:46.0161 0x1458  [ C26B09276755E0698B31CF0BAE0BF182, A95B567626C0573DF0F136818AA7E487BC4995552E9B7A041437539E49B99473 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

05:06:46.0164 0x1458  APSDaemon - ok

05:06:46.0212 0x1458  [ F4F7C86191A981C804326E2EF6F3604F, 1ECE05E643AFFB27A148A8B86615F6C167875EF29D6FF7E2FD15B8DCBE6B8A16 ] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

05:06:46.0215 0x1458  Adobe Reader Speed Launcher - ok

05:06:46.0308 0x1458  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

05:06:46.0348 0x1458  Adobe ARM - ok

05:06:46.0403 0x1458  [ 916A2C4EB028604783FD5EA169236C1D, C97DAA1BE5C912DDCEDBA7619631BB98F4A9B32B1E40C5374A64E25305E0A1C4 ] C:\Program Files\QuickTime\QTTask.exe

05:06:46.0424 0x1458  QuickTime Task - ok

05:06:46.0529 0x1458  [ F9C48B76DA59CF5FF2ED937B62F5ED39, BABC2638F6C92947C79C918DFD3E605B196672B23745226DFA64F68867B7C257 ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

05:06:46.0594 0x1458  AdobeAAMUpdater-1.0 - ok

05:06:46.0654 0x1458  [ E4401CF27225C1D6E664E86195978562, F572A2757C2A649E25F52F7071E6A2CCF298C60A8F2B15A0E2D800F890C4FD93 ] C:\Program Files\iTunes\iTunesHelper.exe

05:06:46.0661 0x1458  iTunesHelper - ok

05:06:46.0739 0x1458  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe

05:06:46.0785 0x1458  Windows Defender - ok

05:06:46.0881 0x1458  [ 54CB57442F5AC8BA5E98A7745D455C18, 362A87B8D5B7F5258301A6D5CD78D046F32DFD8826A2FDF6A0006A5695B389B3 ] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe

05:06:46.0904 0x1458  Ad-Aware Browsing Protection - ok

05:06:46.0934 0x1458  Ad-Aware Antivirus - ok

05:06:47.0291 0x1458  [ 7D62A43622ADFF6A08DB83801CF72C54, 90DD9178204666367E4191E424B59880CEB59867A18B08DD81A6EA80350DAA86 ] C:\Program Files\AVG\AVG2014\avgui.exe

05:06:47.0489 0x1458  AVG_UI - ok

05:06:47.0577 0x1458  [ 1DE859B82E381A645C44284A5044BC33, 305AE678D3163D57C8E027F94BC553FDFDE7F9A14599EAEC370B0867DE4A9EC2 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe

05:06:47.0584 0x1458  SunJavaUpdateSched - ok

05:06:48.0292 0x1458  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe

05:06:48.0524 0x1458  SDTray - ok

05:06:48.0685 0x1458  [ B871BE9CEB2C4D471DD1804482CE85A6, BD2F550ECD5FA5DE24BC24061DB9AA37B2B08100BD01CCB13C68B82317A1662E ] C:\Program Files\BlueStacks\HD-Agent.exe

05:06:48.0707 0x1458  BlueStacks Agent - ok

05:06:48.0944 0x1458  [ 3A8E5A6763024D6A15A85069BA82F2D1, 07C52D57D89111CFCEB4C9B44B8736E55EFC2FBB469ABA601F831EFA6681BC31 ] C:\Program Files\Windows Live\Messenger\msnmsgr.exe

05:06:49.0067 0x1458  msnmsgr - ok

05:06:49.0323 0x1458  [ BC121F6E4432CBB79129201C191674AD, 6B00DC0682327B70B17E8CF23FA145A16189D110E61EFA0A82D0549813AAF315 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

05:06:50.0155 0x1458  SUPERAntiSpyware - ok

05:06:50.0497 0x1458  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\RAC\AppData\Local\Google\Update\GoogleUpdate.exe

05:06:50.0511 0x1458  Google Update - ok

05:06:50.0570 0x1458  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe

05:06:50.0584 0x1458  WMPNSCFG - ok

05:06:50.0613 0x1458  [ 4B555106290BD117334E9A08761C035A, 8A3808FBC197040BF0C65084514E8441E35FFFF8E31980F9CE1F41ED65E08437 ] C:\Windows\system32\rundll32.exe

05:06:50.0618 0x1458  NextLive - ok

05:06:50.0621 0x1458  Browser Infrastructure Helper - ok

05:06:50.0646 0x1458  SlimCleaner Plus - ok

05:06:50.0740 0x1458  [ C8BC9A2DC599F1A52DC6B42FDD47B01E, F32F869EFA1E8ACECC9BDE7D0C9460EF3C85482629A22C4C7BEABE644B9C7E97 ] C:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe

05:06:50.0776 0x1458  FlashPlayerUpdate - ok

05:06:50.0779 0x1458  Weather - ok

05:06:50.0812 0x1458  swg - ok

05:06:50.0813 0x1458  DW6 - ok

05:06:50.0843 0x1458  Exetender - ok

05:06:50.0843 0x1458  lime pro - ok

05:06:50.0846 0x1458  SearchEngineProtection - ok

05:06:50.0849 0x1458  ares - ok

05:06:50.0852 0x1458  uTorrent - ok

05:06:50.0879 0x1458  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\RAC\AppData\Local\Google\Update\GoogleUpdate.exe

05:06:50.0881 0x1458  Google Update - ok

05:06:51.0045 0x1458  ROC_ROC_APR2013_AV - ok

05:06:51.0116 0x1458  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe

05:06:51.0120 0x1458  WMPNSCFG - ok

05:06:51.0480 0x1458  [ B1949628130F192DA27FDBAEA516BB6E, 13E5A2EBF0FDAB29CEA1E7FAEB3141233198D9A28353BDBB6FDB03602BE32AC6 ] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe

05:06:51.0600 0x1458  Spybot-S&D Cleaning - ok

05:06:51.0609 0x1458  Waiting for KSN requests completion. In queue: 26

05:06:52.0609 0x1458  Waiting for KSN requests completion. In queue: 26

05:06:53.0609 0x1458  Waiting for KSN requests completion. In queue: 26

05:06:54.0609 0x1458  Waiting for KSN requests completion. In queue: 26

05:06:55.0609 0x1458  Waiting for KSN requests completion. In queue: 26

05:06:56.0652 0x1458  AV detected via SS2: AVG AntiVirus Free Edition 2014, C:\Program Files\AVG\AVG2014\avgwsc.exe ( 14.0.0.4745 ), 0x41000 ( enabled : updated )

05:06:56.0743 0x1458  AV detected via SS2: Lavasoft Ad-Aware, C:\Program Files\Ad-Aware Antivirus\SBAMWSC.EXE ( 10.5.3.4405 ), 0x40000 ( disabled : updated )

05:06:56.0746 0x1458  FW detected via SS2: Lavasoft Ad-Aware, C:\Program Files\Ad-Aware Antivirus\SBAMWSC.EXE ( 10.5.3.4405 ), 0x40010 ( disabled )

05:06:56.0786 0x1458  Win FW state via NFP2: enabled

05:07:01.0668 0x1458  ============================================================

05:07:01.0668 0x1458  Scan finished

05:07:01.0668 0x1458  ============================================================

05:07:01.0686 0x1d04  Detected object count: 1

05:07:01.0686 0x1d04  Actual detected object count: 1

05:07:14.0430 0x1d04  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user

05:07:14.0430 0x1d04  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip 
Link to post
Share on other sites

Add-/remove programms

Click on start-->control panel.

Vista/7: Open Programs and Features
XP: Open add/remove programs

Search for and remove the following programs

SavingsBull
Muvic Smartbar
Video-for-PC-1.2
LPT System Updater Service
Ask Toolbar Updater

Close the window.

 

 

 

Fix with TDSS-Killer

Please read and follow these instructions carefully.

Download TDSSKiller.exe and save it to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • When the scan is finished, select copy to quarantine for the following entry.

    Rootkit.Boot.Pihar.c
  • Hit continue.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please post the contents of that log in your next reply.

 

 

 

 

Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe



When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.

Link to post
Share on other sites

08:21:38.0726 0x14e8  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58

08:21:40.0654 0x14e8  ============================================================

08:21:40.0654 0x14e8  Current date / time: 2014/08/19 08:21:40.0654

08:21:40.0655 0x14e8  SystemInfo:

08:21:40.0655 0x14e8  

08:21:40.0655 0x14e8  OS Version: 6.0.6002 ServicePack: 2.0

08:21:40.0655 0x14e8  Product type: Workstation

08:21:40.0655 0x14e8  ComputerName: HOME

08:21:40.0655 0x14e8  UserName: Justin

08:21:40.0655 0x14e8  Windows directory: C:\Windows

08:21:40.0656 0x14e8  System windows directory: C:\Windows

08:21:40.0656 0x14e8  Processor architecture: Intel x86

08:21:40.0656 0x14e8  Number of processors: 2

08:21:40.0656 0x14e8  Page size: 0x1000

08:21:40.0656 0x14e8  Boot type: Normal boot

08:21:40.0656 0x14e8  ============================================================

08:21:42.0637 0x14e8  KLMD registered as C:\Windows\system32\drivers\22119601.sys

08:21:42.0810 0x14e8  System UUID: {86CB5289-63D9-E22B-225C-B938C6F5F6E6}

08:21:43.0510 0x14e8  Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 ( 232.83 Gb ), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

08:21:43.0549 0x14e8  ============================================================

08:21:43.0549 0x14e8  \Device\Harddisk0\DR0:

08:21:43.0550 0x14e8  MBR partitions:

08:21:43.0550 0x14e8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1400000

08:21:43.0550 0x14e8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x1BD8D000

08:21:43.0550 0x14e8  ============================================================

08:21:43.0592 0x14e8  C: <-> \Device\Harddisk0\DR0\Partition2

08:21:43.0622 0x14e8  D: <-> \Device\Harddisk0\DR0\Partition1

08:21:43.0623 0x14e8  ============================================================

08:21:43.0623 0x14e8  Initialize success

08:21:43.0623 0x14e8  ============================================================

08:21:45.0609 0x1870  ============================================================

08:21:45.0609 0x1870  Scan started

08:21:45.0610 0x1870  Mode: Manual; 

08:21:45.0610 0x1870  ============================================================

08:21:45.0610 0x1870  KSN ping started

08:22:03.0461 0x1870  KSN ping finished: true

08:22:05.0129 0x1870  ================ Scan system memory ========================

08:22:05.0129 0x1870  System memory - ok

08:22:05.0130 0x1870  ================ Scan services =============================

08:22:05.0242 0x1870  [ 01E81C84AD1D0ACC61CF3CFD06632210, 1140756BA2F28CA8DFCFF8FD223654E6A78BA1B770A169CC557ECE0E01381B17 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

08:22:05.0245 0x1870  !SASCORE - ok

08:22:05.0444 0x1870  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys

08:22:05.0452 0x1870  ACPI - ok

08:22:05.0576 0x1870  [ AE1671A3C798A3467DE5E7DD12179803, 102DCD7552F27AB8B55C61601208705538F60AFDB81F8C3D0A82F575DDCF808A ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe

08:22:05.0610 0x1870  Ad-Aware Service - ok

08:22:05.0768 0x1870  [ 835CE0647E4E9F01BEB26201DA6705B4, C90CBED7E066ECE2F380CE84B95EAD0E120C02720DB31483BDF0E7EDF7FB4EE1 ] AdobeActiveFileMonitor11.0 C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe

08:22:05.0772 0x1870  AdobeActiveFileMonitor11.0 - ok

08:22:05.0868 0x1870  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

08:22:05.0876 0x1870  AdobeFlashPlayerUpdateSvc - ok

08:22:05.0937 0x1870  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

08:22:05.0950 0x1870  adp94xx - ok

08:22:06.0009 0x1870  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys

08:22:06.0023 0x1870  adpahci - ok

08:22:06.0055 0x1870  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys

08:22:06.0077 0x1870  adpu160m - ok

08:22:06.0120 0x1870  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

08:22:06.0126 0x1870  adpu320 - ok

08:22:06.0192 0x1870  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

08:22:06.0194 0x1870  AeLookupSvc - ok

08:22:06.0278 0x1870  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys

08:22:06.0287 0x1870  AFD - ok

08:22:06.0347 0x1870  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys

08:22:06.0349 0x1870  agp440 - ok

08:22:06.0365 0x1870  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys

08:22:06.0368 0x1870  aic78xx - ok

08:22:06.0383 0x1870  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe

08:22:06.0385 0x1870  ALG - ok

08:22:06.0410 0x1870  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys

08:22:06.0412 0x1870  aliide - ok

08:22:06.0458 0x1870  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys

08:22:06.0460 0x1870  amdagp - ok

08:22:06.0467 0x1870  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys

08:22:06.0469 0x1870  amdide - ok

08:22:06.0480 0x1870  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys

08:22:06.0482 0x1870  AmdK7 - ok

08:22:06.0496 0x1870  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

08:22:06.0498 0x1870  AmdK8 - ok

08:22:06.0601 0x1870  [ F9DAC844B1D370DA4C984D4C22F5E696, 753B08E4D4CC09C91C16394F6A420E6DA033D41FDE510A41F900C1CED0E6B946 ] AntiSpywareService C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe

08:22:06.0649 0x1870  AntiSpywareService - ok

08:22:06.0756 0x1870  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll

08:22:06.0758 0x1870  Appinfo - ok

08:22:06.0887 0x1870  [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

08:22:06.0890 0x1870  Apple Mobile Device - ok

08:22:06.0966 0x1870  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys

08:22:06.0969 0x1870  arc - ok

08:22:07.0031 0x1870  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys

08:22:07.0035 0x1870  arcsas - ok

08:22:07.0161 0x1870  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

08:22:07.0188 0x1870  aspnet_state - ok

08:22:07.0238 0x1870  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

08:22:07.0240 0x1870  AsyncMac - ok

08:22:07.0272 0x1870  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys

08:22:07.0274 0x1870  atapi - ok

08:22:07.0350 0x1870  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

08:22:07.0365 0x1870  AudioEndpointBuilder - ok

08:22:07.0409 0x1870  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll

08:22:07.0422 0x1870  Audiosrv - ok

08:22:07.0505 0x1870  [ 21C2F3000A7233E517D7AB62F97BF509, 07169A2512D616E4AE7FE0F6B66D2B84D526F6022985871CC29E9F53FDCFCB6D ] Avgdiskx        C:\Windows\system32\DRIVERS\avgdiskx.sys

08:22:07.0511 0x1870  Avgdiskx - ok

08:22:07.0824 0x1870  [ 76AB36635951D8C96B485C9F8DCE7DE1, 1F57E2D85A0E766F79DCAC2CD2BBCBFDFBF88982CC01C2399255218B3DE18164 ] AVGIDSAgent     C:\Program Files\AVG\AVG2014\avgidsagent.exe

08:22:07.0960 0x1870  AVGIDSAgent - ok

08:22:08.0021 0x1870  [ 572AA32C47BDFD17D3F7411503215D1B, 62E2F46A4E45CE44B4DF8F898FF7CFE75B69B349F3C91959D353BBEC0F4DC83D ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys

08:22:08.0028 0x1870  AVGIDSDriver - ok

08:22:08.0074 0x1870  [ C0701A3C53F0A0F5E4900F26365A10A1, 2755AF8C98F4855FD467F0174D6AE7AC3E7050D95008FE521918194593684D51 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys

08:22:08.0078 0x1870  AVGIDSHX - ok

08:22:08.0112 0x1870  [ E7FEE532CEF01C97D7682E35D156244F, CF54B4B83E1A060FF52BDEAC4E20492ACFAABC87BC6BE784D6AB4CD64C965B92 ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys

08:22:08.0113 0x1870  AVGIDSShim - ok

08:22:08.0163 0x1870  [ FA868D5784DE755DD8A1B4B1A80574E4, 9300B4ACBDA96FA4FEE9265ED0E50F750C2B6F7BE854953B8FB73904679DBCA3 ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys

08:22:08.0180 0x1870  Avgldx86 - ok

08:22:08.0212 0x1870  [ 8D37558421330218C98722DF4AD85E83, 24C33B317BA605DFC9B9CE2868391A815870A61F58A172806533A16F29F92B0A ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys

08:22:08.0232 0x1870  Avglogx - ok

08:22:08.0302 0x1870  [ 5C3A4A2F473E614C1BF807FE2ABE0D05, 71E786EA1DCBC6ECB915E887B19C86E041C8E4373DAB28548D344323FD9D6CD2 ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys

08:22:08.0306 0x1870  Avgmfx86 - ok

08:22:08.0340 0x1870  [ 86FCB8CE3E68C4777B98F7AF06FE8519, 6B7507DA927ECDBA8B2DAA87530DDAEAC5B0983D3CF11D1F6D00D36601FBC60C ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys

08:22:08.0341 0x1870  Avgrkx86 - ok

08:22:08.0368 0x1870  [ ACFEE559442E1FCD48EC74C7D3452608, 536E36CD59BB1E0F5732D8BF57208A07C88A51D02FA016F844648CA0B44F0073 ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys

08:22:08.0375 0x1870  Avgtdix - ok

08:22:08.0450 0x1870  [ 5A63285CC0D3323D720E0C518FE74CA3, D990A75CC5FAC5B68DA8515A519D2B5F6312E546E31D54E36CB98271C1B308F3 ] avgwd           C:\Program Files\AVG\AVG2014\avgwdsvc.exe

08:22:08.0460 0x1870  avgwd - ok

08:22:08.0512 0x1870  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys

08:22:08.0514 0x1870  Beep - ok

08:22:08.0594 0x1870  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll

08:22:08.0606 0x1870  BFE - ok

08:22:08.0710 0x1870  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll

08:22:08.0747 0x1870  BITS - ok

08:22:08.0772 0x1870  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys

08:22:08.0776 0x1870  blbdrive - ok

08:22:08.0832 0x1870  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

08:22:08.0837 0x1870  bowser - ok

08:22:08.0890 0x1870  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys

08:22:08.0892 0x1870  BrFiltLo - ok

08:22:08.0907 0x1870  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys

08:22:08.0909 0x1870  BrFiltUp - ok

08:22:08.0944 0x1870  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll

08:22:08.0948 0x1870  Browser - ok

08:22:09.0006 0x1870  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys

08:22:09.0010 0x1870  Brserid - ok

08:22:09.0032 0x1870  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys

08:22:09.0036 0x1870  BrSerWdm - ok

08:22:09.0050 0x1870  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys

08:22:09.0052 0x1870  BrUsbMdm - ok

08:22:09.0065 0x1870  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys

08:22:09.0067 0x1870  BrUsbSer - ok

08:22:09.0255 0x1870  [ C0D87C561E4702B63AFE7668D2079994, 888F98E8E9AF91BBA35393877F5A0CD084B08FFE4A7689CA106FC31B42AB8E83 ] BstHdAndroidSvc C:\Program Files\BlueStacks\HD-Service.exe

08:22:09.0280 0x1870  BstHdAndroidSvc - ok

08:22:09.0345 0x1870  [ A0D7D374312F78F40EF99EFEE9539865, 51328D0B8C00F8CF47B8994F602DD88A04257A2E91962337ED000BAF4F2F4B33 ] BstHdDrv        C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys

08:22:09.0360 0x1870  BstHdDrv - ok

08:22:09.0447 0x1870  [ 37ADBBBFA0D2765299FC2A51CD12BA54, 0EAAE23F17DBD3AEE7EC365E612883961B0F63F5F621CA4DA5DA392D8C47C711 ] BstHdLogRotatorSvc C:\Program Files\BlueStacks\HD-LogRotatorService.exe

08:22:09.0464 0x1870  BstHdLogRotatorSvc - ok

08:22:09.0527 0x1870  [ 22A7547B254E221F5A0E44E42D682B93, D974334AABFF0F3957ABDDC539B609BC27FEC9564E8ACDC92EFFBE67232D3C92 ] BstHdUpdaterSvc C:\Program Files\BlueStacks\HD-UpdaterService.exe

08:22:09.0561 0x1870  BstHdUpdaterSvc - ok

08:22:09.0628 0x1870  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

08:22:09.0632 0x1870  BTHMODEM - ok

08:22:09.0697 0x1870  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

08:22:09.0701 0x1870  cdfs - ok

08:22:09.0751 0x1870  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

08:22:09.0755 0x1870  cdrom - ok

08:22:09.0822 0x1870  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll

08:22:09.0825 0x1870  CertPropSvc - ok

08:22:09.0843 0x1870  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys

08:22:09.0846 0x1870  circlass - ok

08:22:09.0884 0x1870  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys

08:22:09.0896 0x1870  CLFS - ok

08:22:09.0948 0x1870  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

08:22:09.0952 0x1870  clr_optimization_v2.0.50727_32 - ok

08:22:10.0015 0x1870  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

08:22:10.0155 0x1870  clr_optimization_v4.0.30319_32 - ok

08:22:10.0207 0x1870  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys

08:22:10.0209 0x1870  cmdide - ok

08:22:10.0248 0x1870  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys

08:22:10.0250 0x1870  Compbatt - ok

08:22:10.0278 0x1870  COMSysApp - ok

08:22:10.0316 0x1870  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

08:22:10.0319 0x1870  crcdisk - ok

08:22:10.0336 0x1870  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys

08:22:10.0339 0x1870  Crusoe - ok

08:22:10.0411 0x1870  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

08:22:10.0418 0x1870  CryptSvc - ok

08:22:10.0483 0x1870  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll

08:22:10.0511 0x1870  DcomLaunch - ok

08:22:10.0667 0x1870  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe

08:22:10.0781 0x1870  DFSR - ok

08:22:10.0868 0x1870  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll

08:22:10.0875 0x1870  Dhcp - ok

08:22:10.0931 0x1870  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys

08:22:10.0933 0x1870  disk - ok

08:22:10.0959 0x1870  dlba_device - ok

08:22:11.0008 0x1870  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll

08:22:11.0011 0x1870  Dnscache - ok

08:22:11.0048 0x1870  [ 13511564CAC5A005255765E322C16967, BC4A5E7F975BC8C0E1746B13B3D9163C5E020AD458484424876B7F00EDC8ADEE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe

08:22:11.0084 0x1870  DockLoginService - ok

08:22:11.0121 0x1870  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll

08:22:11.0130 0x1870  dot3svc - ok

08:22:11.0205 0x1870  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll

08:22:11.0221 0x1870  DPS - ok

08:22:11.0288 0x1870  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

08:22:11.0290 0x1870  drmkaud - ok

08:22:11.0379 0x1870  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

08:22:11.0401 0x1870  DXGKrnl - ok

08:22:11.0466 0x1870  [ 04944F4FC4F0477185F5D26AE0DDB90E, 2D67A90905871A26FA227AF0B31F7A0026E100E3253BF3B6791F593E56619F9E ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys

08:22:11.0475 0x1870  e1express - ok

08:22:11.0497 0x1870  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys

08:22:11.0503 0x1870  E1G60 - ok

08:22:11.0546 0x1870  EagleXNt - ok

08:22:11.0586 0x1870  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll

08:22:11.0590 0x1870  EapHost - ok

08:22:11.0661 0x1870  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys

08:22:11.0668 0x1870  Ecache - ok

08:22:11.0764 0x1870  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

08:22:11.0780 0x1870  elxstor - ok

08:22:11.0844 0x1870  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll

08:22:11.0870 0x1870  EMDMgmt - ok

08:22:11.0916 0x1870  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys

08:22:11.0917 0x1870  ErrDev - ok

08:22:12.0003 0x1870  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll

08:22:12.0016 0x1870  EventSystem - ok

08:22:12.0088 0x1870  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys

08:22:12.0095 0x1870  exfat - ok

08:22:12.0118 0x1870  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

08:22:12.0126 0x1870  fastfat - ok

08:22:12.0152 0x1870  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

08:22:12.0154 0x1870  fdc - ok

08:22:12.0186 0x1870  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll

08:22:12.0189 0x1870  fdPHost - ok

08:22:12.0215 0x1870  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll

08:22:12.0218 0x1870  FDResPub - ok

08:22:12.0270 0x1870  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

08:22:12.0273 0x1870  FileInfo - ok

08:22:12.0292 0x1870  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

08:22:12.0294 0x1870  Filetrace - ok

08:22:12.0312 0x1870  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

08:22:12.0315 0x1870  flpydisk - ok

08:22:12.0385 0x1870  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

08:22:12.0394 0x1870  FltMgr - ok

08:22:12.0503 0x1870  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll

08:22:12.0539 0x1870  FontCache - ok

08:22:12.0597 0x1870  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

08:22:12.0600 0x1870  FontCache3.0.0.0 - ok

08:22:12.0666 0x1870  [ D909075FA72C090F27AA926C32CB4612, F8610C20C4DD499D5B4ACEBD7107E52E25B6449AEED58D1A203F7D654B55C4DF ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys

08:22:12.0668 0x1870  fssfltr - ok

08:22:12.0833 0x1870  [ 40CDFAD174B3D5E80F95DDA003C0B97F, 2DA149CE42B87681ECDCC8905D0957443F430A9C7002FF78F22A95F9112A7C4C ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe

08:22:12.0898 0x1870  fsssvc - ok

08:22:12.0930 0x1870  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

08:22:12.0942 0x1870  Fs_Rec - ok

08:22:12.0970 0x1870  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

08:22:12.0973 0x1870  gagp30kx - ok

08:22:13.0030 0x1870  [ 483924F92E55A5F9423201EC635E2CED, FEDAC3616709F081A0FA48E2BF521CBCC35E11E523EBADDEACA7308AD14338B3 ] gfibto          C:\Windows\system32\drivers\gfibto.sys

08:22:13.0031 0x1870  gfibto - ok

08:22:13.0071 0x1870  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll

08:22:13.0088 0x1870  gpsvc - ok

08:22:13.0192 0x1870  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe

08:22:13.0205 0x1870  gupdate - ok

08:22:13.0245 0x1870  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe

08:22:13.0248 0x1870  gupdatem - ok

08:22:13.0294 0x1870  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

08:22:13.0302 0x1870  HdAudAddService - ok

08:22:13.0353 0x1870  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

08:22:13.0369 0x1870  HDAudBus - ok

08:22:13.0398 0x1870  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys

08:22:13.0400 0x1870  HidBth - ok

08:22:13.0409 0x1870  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys

08:22:13.0411 0x1870  HidIr - ok

08:22:13.0440 0x1870  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\System32\hidserv.dll

08:22:13.0443 0x1870  hidserv - ok

08:22:13.0473 0x1870  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

08:22:13.0476 0x1870  HidUsb - ok

08:22:13.0511 0x1870  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll

08:22:13.0516 0x1870  hkmsvc - ok

08:22:13.0527 0x1870  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys

08:22:13.0530 0x1870  HpCISSs - ok

08:22:13.0623 0x1870  [ 99F85640054BA65190B860D878A7C9AE, CE87323FFA4A74EA721A5E7CA6F233C54F21C2C1C6BF7DE84049CE7CEB0741AE ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys

08:22:13.0657 0x1870  HSF_DPV - ok

08:22:13.0708 0x1870  [ FE440536BD98AF772130DC3A6FE1915F, F890A4336E6BC11A5D0A7D49CFD0626FFC2131E81260AE3E2501BCD29434C131 ] HSXHWBS2        C:\Windows\system32\DRIVERS\HSXHWBS2.sys

08:22:13.0716 0x1870  HSXHWBS2 - ok

08:22:13.0757 0x1870  [ 0EEECA26C8D4BDE2A4664DB058A81937, 6F88567A116B1420BE1C9C8888F34D05F51378092C805EF4E489635CF92D416B ] HTTP            C:\Windows\system32\drivers\HTTP.sys

08:22:13.0769 0x1870  HTTP - ok

08:22:13.0782 0x1870  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys

08:22:13.0784 0x1870  i2omp - ok

08:22:13.0841 0x1870  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

08:22:13.0843 0x1870  i8042prt - ok

08:22:13.0863 0x1870  [ 997E8F5939F2D12CD9F2E6B395724C16, C22F10BADE29DA6F7EB79D9F5D81D9FBEC17D4D4F8B25E0AF4E5CEAE28E8ABF6 ] iaStor          C:\Windows\system32\drivers\iastor.sys

08:22:13.0872 0x1870  iaStor - ok

08:22:13.0893 0x1870  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys

08:22:13.0900 0x1870  iaStorV - ok

08:22:13.0979 0x1870  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

08:22:14.0003 0x1870  idsvc - ok

08:22:14.0179 0x1870  [ C134E69CE901422D1F2D7EA8D69098FE, 38D7AB6C85C0BCE34B8F52DDBD6F0371DF551003DF6BAE20A2AB1D1349128890 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys

08:22:14.0259 0x1870  igfx - ok

08:22:14.0394 0x1870  [ E026158F3FC752D99E5ACF6B24BAAAC3, 27BEEB20A8EF59D987B0478C1BA805063ADC266AB5BA0993700E4A89F0B6561E ] IHA_MessageCenter C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe

08:22:14.0409 0x1870  IHA_MessageCenter - ok

08:22:14.0440 0x1870  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys

08:22:14.0444 0x1870  iirsp - ok

08:22:14.0526 0x1870  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll

08:22:14.0549 0x1870  IKEEXT - ok

08:22:14.0585 0x1870  IntcAzAudAddService - ok

08:22:14.0629 0x1870  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\DRIVERS\intelide.sys

08:22:14.0631 0x1870  intelide - ok

08:22:14.0700 0x1870  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

08:22:14.0703 0x1870  intelppm - ok

08:22:14.0741 0x1870  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

08:22:14.0744 0x1870  IPBusEnum - ok

08:22:14.0756 0x1870  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

08:22:14.0758 0x1870  IpFilterDriver - ok

08:22:14.0800 0x1870  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] IpHlpSvc        C:\Windows\System32\iphlpsvc.dll

08:22:14.0808 0x1870  IpHlpSvc - ok

08:22:14.0815 0x1870  IpInIp - ok

08:22:14.0842 0x1870  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys

08:22:14.0845 0x1870  IPMIDRV - ok

08:22:14.0862 0x1870  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys

08:22:14.0865 0x1870  IPNAT - ok

08:22:14.0949 0x1870  [ E8A39D41474BE42FD8830CED32932D6C, 66D59E61E46253D06A4811CE2101C0AD4EEFE25C676548BBB1B0D056A20B5DC6 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

08:22:14.0964 0x1870  iPod Service - ok

08:22:14.0982 0x1870  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

08:22:14.0983 0x1870  IRENUM - ok

08:22:14.0998 0x1870  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

08:22:15.0000 0x1870  isapnp - ok

08:22:15.0034 0x1870  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys

08:22:15.0039 0x1870  iScsiPrt - ok

08:22:15.0056 0x1870  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys

08:22:15.0058 0x1870  iteatapi - ok

08:22:15.0071 0x1870  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys

08:22:15.0073 0x1870  iteraid - ok

08:22:15.0093 0x1870  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

08:22:15.0095 0x1870  kbdclass - ok

08:22:15.0164 0x1870  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

08:22:15.0166 0x1870  kbdhid - ok

08:22:15.0196 0x1870  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe

08:22:15.0198 0x1870  KeyIso - ok

08:22:15.0271 0x1870  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

08:22:15.0284 0x1870  KSecDD - ok

08:22:15.0365 0x1870  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll

08:22:15.0377 0x1870  KtmRm - ok

08:22:15.0447 0x1870  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll

08:22:15.0454 0x1870  LanmanServer - ok

08:22:15.0524 0x1870  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

08:22:15.0532 0x1870  LanmanWorkstation - ok

08:22:15.0560 0x1870  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

08:22:15.0563 0x1870  lltdio - ok

08:22:15.0592 0x1870  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

08:22:15.0600 0x1870  lltdsvc - ok

08:22:15.0622 0x1870  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll

08:22:15.0624 0x1870  lmhosts - ok

08:22:15.0643 0x1870  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

08:22:15.0647 0x1870  LSI_FC - ok

08:22:15.0665 0x1870  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

08:22:15.0668 0x1870  LSI_SAS - ok

08:22:15.0684 0x1870  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

08:22:15.0687 0x1870  LSI_SCSI - ok

08:22:15.0701 0x1870  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys

08:22:15.0704 0x1870  luafv - ok

08:22:15.0779 0x1870  [ FE6975565F4C73C04FDD800B1C596E22, 1AF78FE146923F29661D40D7E7BC194BDD42017BAF7777C81A5E8E90B028A2FE ] lxdxCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdxserv.exe

08:22:15.0785 0x1870  lxdxCATSCustConnectService - ok

08:22:15.0791 0x1870  lxdx_device - ok

08:22:15.0822 0x1870  [ 0DB7527DB188C7D967A37BB51BBF3963, 3812E26626EC49BE61B0B8DA5FE6E838C0FEF8A08363C239F64E6CCA0BA949D5 ] MBAMSwissArmy   C:\Windows\system32\drivers\mbamswissarmy.sys

08:22:15.0824 0x1870  MBAMSwissArmy - ok

08:22:15.0885 0x1870  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys

08:22:15.0887 0x1870  mdmxsdk - ok

08:22:15.0904 0x1870  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys

08:22:15.0906 0x1870  megasas - ok

08:22:15.0973 0x1870  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys

08:22:15.0984 0x1870  MegaSR - ok

08:22:16.0014 0x1870  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll

08:22:16.0017 0x1870  MMCSS - ok

08:22:16.0033 0x1870  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys

08:22:16.0035 0x1870  Modem - ok

08:22:16.0088 0x1870  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

08:22:16.0091 0x1870  monitor - ok

08:22:16.0101 0x1870  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

08:22:16.0103 0x1870  mouclass - ok

08:22:16.0127 0x1870  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

08:22:16.0129 0x1870  mouhid - ok

08:22:16.0160 0x1870  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys

08:22:16.0162 0x1870  MountMgr - ok

08:22:16.0253 0x1870  [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

08:22:16.0272 0x1870  MozillaMaintenance - ok

08:22:16.0325 0x1870  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys

08:22:16.0329 0x1870  mpio - ok

08:22:16.0373 0x1870  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

08:22:16.0376 0x1870  mpsdrv - ok

08:22:16.0417 0x1870  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll

08:22:16.0431 0x1870  MpsSvc - ok

08:22:16.0460 0x1870  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys

08:22:16.0462 0x1870  Mraid35x - ok

08:22:16.0532 0x1870  MREMP50 - ok

08:22:16.0538 0x1870  MREMPR5 - ok

08:22:16.0546 0x1870  MRENDIS5 - ok

08:22:16.0554 0x1870  MRESP50 - ok

08:22:16.0589 0x1870  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

08:22:16.0594 0x1870  MRxDAV - ok

08:22:16.0630 0x1870  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

08:22:16.0634 0x1870  mrxsmb - ok

08:22:16.0664 0x1870  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

08:22:16.0672 0x1870  mrxsmb10 - ok

08:22:16.0685 0x1870  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

08:22:16.0688 0x1870  mrxsmb20 - ok

08:22:16.0717 0x1870  [ F70590424EEFBF5C27A40C67AFDB8383, 1F2AC1DA12F7E6F09D8F6622EF1366ABD4B86EBE51DD1915E803D56A568A3412 ] msahci          C:\Windows\system32\drivers\msahci.sys

08:22:16.0719 0x1870  msahci - ok

08:22:16.0740 0x1870  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

08:22:16.0744 0x1870  msdsm - ok

08:22:16.0762 0x1870  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe

08:22:16.0768 0x1870  MSDTC - ok

08:22:16.0796 0x1870  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

08:22:16.0798 0x1870  Msfs - ok

08:22:16.0843 0x1870  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

08:22:16.0845 0x1870  msisadrv - ok

08:22:16.0865 0x1870  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

08:22:16.0871 0x1870  MSiSCSI - ok

08:22:16.0877 0x1870  msiserver - ok

08:22:16.0898 0x1870  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

08:22:16.0899 0x1870  MSKSSRV - ok

08:22:16.0945 0x1870  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

08:22:16.0947 0x1870  MSPCLOCK - ok

08:22:16.0955 0x1870  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

08:22:16.0959 0x1870  MSPQM - ok

08:22:16.0977 0x1870  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

08:22:16.0982 0x1870  MsRPC - ok

08:22:17.0000 0x1870  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

08:22:17.0002 0x1870  mssmbios - ok

08:22:17.0015 0x1870  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

08:22:17.0016 0x1870  MSTEE - ok

08:22:17.0035 0x1870  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys

08:22:17.0038 0x1870  Mup - ok

08:22:17.0066 0x1870  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll

08:22:17.0076 0x1870  napagent - ok

08:22:17.0113 0x1870  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

08:22:17.0123 0x1870  NativeWifiP - ok

08:22:17.0187 0x1870  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys

08:22:17.0202 0x1870  NDIS - ok

08:22:17.0219 0x1870  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

08:22:17.0220 0x1870  NdisTapi - ok

08:22:17.0233 0x1870  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         

Link to post
Share on other sites

C:\Windows\system32\DRIVERS\ndisuio.sys

08:22:17.0235 0x1870  Ndisuio - ok

08:22:17.0264 0x1870  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

08:22:17.0268 0x1870  NdisWan - ok

08:22:17.0304 0x1870  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

08:22:17.0307 0x1870  NDProxy - ok

08:22:17.0332 0x1870  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

08:22:17.0334 0x1870  NetBIOS - ok

08:22:17.0356 0x1870  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys

08:22:17.0361 0x1870  netbt - ok

08:22:17.0367 0x1870  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe

08:22:17.0370 0x1870  Netlogon - ok

08:22:17.0409 0x1870  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll

08:22:17.0420 0x1870  Netman - ok

08:22:17.0481 0x1870  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

08:22:17.0506 0x1870  NetMsmqActivator - ok

08:22:17.0514 0x1870  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

08:22:17.0518 0x1870  NetPipeActivator - ok

08:22:17.0548 0x1870  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll

08:22:17.0557 0x1870  netprofm - ok

08:22:17.0583 0x1870  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

08:22:17.0587 0x1870  NetTcpActivator - ok

08:22:17.0594 0x1870  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

08:22:17.0598 0x1870  NetTcpPortSharing - ok

08:22:17.0631 0x1870  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

08:22:17.0633 0x1870  nfrd960 - ok

08:22:17.0647 0x1870  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll

08:22:17.0654 0x1870  NlaSvc - ok

08:22:17.0665 0x1870  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

08:22:17.0667 0x1870  Npfs - ok

08:22:17.0679 0x1870  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll

08:22:17.0682 0x1870  nsi - ok

08:22:17.0693 0x1870  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

08:22:17.0694 0x1870  nsiproxy - ok

08:22:17.0757 0x1870  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

08:22:17.0787 0x1870  Ntfs - ok

08:22:17.0803 0x1870  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys

08:22:17.0805 0x1870  ntrigdigi - ok

08:22:17.0816 0x1870  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys

08:22:17.0818 0x1870  Null - ok

08:22:17.0838 0x1870  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys

08:22:17.0841 0x1870  nvraid - ok

08:22:17.0857 0x1870  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

08:22:17.0859 0x1870  nvstor - ok

08:22:17.0873 0x1870  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

08:22:17.0877 0x1870  nv_agp - ok

08:22:17.0884 0x1870  NwlnkFlt - ok

08:22:17.0890 0x1870  NwlnkFwd - ok

08:22:17.0943 0x1870  [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

08:22:17.0946 0x1870  ohci1394 - ok

08:22:17.0996 0x1870  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll

08:22:18.0016 0x1870  p2pimsvc - ok

08:22:18.0038 0x1870  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll

08:22:18.0054 0x1870  p2psvc - ok

08:22:18.0072 0x1870  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys

08:22:18.0075 0x1870  Parport - ok

08:22:18.0102 0x1870  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys

08:22:18.0121 0x1870  partmgr - ok

08:22:18.0177 0x1870  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys

08:22:18.0178 0x1870  Parvdm - ok

08:22:18.0213 0x1870  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll

08:22:18.0216 0x1870  PcaSvc - ok

08:22:18.0244 0x1870  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys

08:22:18.0249 0x1870  pci - ok

08:22:18.0257 0x1870  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys

08:22:18.0259 0x1870  pciide - ok

08:22:18.0278 0x1870  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

08:22:18.0283 0x1870  pcmcia - ok

08:22:18.0369 0x1870  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

08:22:18.0393 0x1870  PEAUTH - ok

08:22:18.0467 0x1870  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll

08:22:18.0509 0x1870  pla - ok

08:22:18.0548 0x1870  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

08:22:18.0557 0x1870  PlugPlay - ok

08:22:18.0593 0x1870  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll

08:22:18.0609 0x1870  PNRPAutoReg - ok

08:22:18.0633 0x1870  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll

08:22:18.0648 0x1870  PNRPsvc - ok

08:22:18.0684 0x1870  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

08:22:18.0703 0x1870  PolicyAgent - ok

08:22:18.0738 0x1870  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

08:22:18.0741 0x1870  PptpMiniport - ok

08:22:18.0758 0x1870  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys

08:22:18.0760 0x1870  Processor - ok

08:22:18.0775 0x1870  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll

08:22:18.0782 0x1870  ProfSvc - ok

08:22:18.0795 0x1870  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe

08:22:18.0797 0x1870  ProtectedStorage - ok

08:22:18.0827 0x1870  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys

08:22:18.0829 0x1870  PSched - ok

08:22:18.0887 0x1870  [ B6A1692FC131F1FE5162513D78A9B6FC, 193B12508E5D076B178AADDDA9BECB4F397307FB8D96B16540697D6E49D61C28 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys

08:22:18.0890 0x1870  PxHelp20 - ok

08:22:18.0977 0x1870  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys

08:22:19.0016 0x1870  ql2300 - ok

08:22:19.0042 0x1870  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

08:22:19.0047 0x1870  ql40xx - ok

08:22:19.0099 0x1870  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll

08:22:19.0179 0x1870  QWAVE - ok

08:22:19.0214 0x1870  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

08:22:19.0216 0x1870  QWAVEdrv - ok

08:22:19.0437 0x1870  [ E642B131FB74CAF4BB8A014F31113142, 18A81B27FB2DA556AC51DBA8956203A6E821D75B2B09F11049250E732318F573 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys

08:22:19.0534 0x1870  R300 - ok

08:22:19.0568 0x1870  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

08:22:19.0588 0x1870  RasAcd - ok

08:22:19.0623 0x1870  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll

08:22:19.0629 0x1870  RasAuto - ok

08:22:19.0661 0x1870  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

08:22:19.0664 0x1870  Rasl2tp - ok

08:22:19.0698 0x1870  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll

08:22:19.0719 0x1870  RasMan - ok

08:22:19.0756 0x1870  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

08:22:19.0758 0x1870  RasPppoe - ok

08:22:19.0788 0x1870  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

08:22:19.0792 0x1870  RasSstp - ok

08:22:19.0829 0x1870  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

08:22:19.0836 0x1870  rdbss - ok

08:22:19.0849 0x1870  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

08:22:19.0850 0x1870  RDPCDD - ok

08:22:19.0876 0x1870  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys

08:22:19.0884 0x1870  rdpdr - ok

08:22:19.0890 0x1870  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

08:22:19.0891 0x1870  RDPENCDD - ok

08:22:19.0923 0x1870  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

08:22:19.0929 0x1870  RDPWD - ok

08:22:19.0953 0x1870  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll

08:22:19.0957 0x1870  RemoteAccess - ok

08:22:19.0992 0x1870  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

08:22:19.0999 0x1870  RemoteRegistry - ok

08:22:20.0029 0x1870  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe

08:22:20.0032 0x1870  RpcLocator - ok

08:22:20.0065 0x1870  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll

08:22:20.0085 0x1870  RpcSs - ok

08:22:20.0107 0x1870  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

08:22:20.0116 0x1870  rspndr - ok

08:22:20.0123 0x1870  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe

08:22:20.0126 0x1870  SamSs - ok

08:22:20.0196 0x1870  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

08:22:20.0197 0x1870  SASDIFSV - ok

08:22:20.0265 0x1870  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

08:22:20.0269 0x1870  SASKUTIL - ok

08:22:20.0571 0x1870  [ 99FC1599F89A80216E41175B8CA44D89, 20306278CF081E58002D6ADCC07CA65D7651C8D059392337562612EDFAC5BEB5 ] SBAMSvc         C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe

08:22:20.0670 0x1870  SBAMSvc - ok

08:22:20.0714 0x1870  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

08:22:20.0732 0x1870  sbp2port - ok

08:22:20.0737 0x1870  SBRE - ok

08:22:20.0770 0x1870  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

08:22:20.0775 0x1870  SCardSvr - ok

08:22:20.0822 0x1870  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll

08:22:20.0841 0x1870  Schedule - ok

08:22:20.0859 0x1870  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll

08:22:20.0861 0x1870  SCPolicySvc - ok

08:22:20.0881 0x1870  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

08:22:20.0887 0x1870  SDRSVC - ok

08:22:21.0084 0x1870  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe

08:22:21.0175 0x1870  SDScannerService - ok

08:22:21.0309 0x1870  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe

08:22:21.0388 0x1870  SDUpdateService - ok

08:22:21.0419 0x1870  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe

08:22:21.0425 0x1870  SDWSCService - ok

08:22:21.0452 0x1870  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

08:22:21.0455 0x1870  secdrv - ok

08:22:21.0484 0x1870  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll

08:22:21.0489 0x1870  seclogon - ok

08:22:21.0500 0x1870  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll

08:22:21.0505 0x1870  SENS - ok

08:22:21.0522 0x1870  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys

08:22:21.0524 0x1870  Serenum - ok

08:22:21.0544 0x1870  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys

08:22:21.0548 0x1870  Serial - ok

08:22:21.0564 0x1870  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys

08:22:21.0566 0x1870  sermouse - ok

08:22:21.0596 0x1870  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll

08:22:21.0603 0x1870  SessionEnv - ok

08:22:21.0615 0x1870  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

08:22:21.0617 0x1870  sffdisk - ok

08:22:21.0627 0x1870  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

08:22:21.0629 0x1870  sffp_mmc - ok

08:22:21.0636 0x1870  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

08:22:21.0638 0x1870  sffp_sd - ok

08:22:21.0648 0x1870  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

08:22:21.0650 0x1870  sfloppy - ok

08:22:21.0688 0x1870  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

08:22:21.0722 0x1870  SharedAccess - ok

08:22:21.0752 0x1870  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

08:22:21.0762 0x1870  ShellHWDetection - ok

08:22:21.0778 0x1870  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys

08:22:21.0781 0x1870  sisagp - ok

08:22:21.0797 0x1870  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys

08:22:21.0799 0x1870  SiSRaid2 - ok

08:22:21.0816 0x1870  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

08:22:21.0820 0x1870  SiSRaid4 - ok

08:22:21.0958 0x1870  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe

08:22:22.0066 0x1870  slsvc - ok

08:22:22.0116 0x1870  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll

08:22:22.0171 0x1870  SLUINotify - ok

08:22:22.0201 0x1870  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys

08:22:22.0204 0x1870  Smb - ok

08:22:22.0230 0x1870  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

08:22:22.0234 0x1870  SNMPTRAP - ok

08:22:22.0261 0x1870  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys

08:22:22.0263 0x1870  spldr - ok

08:22:22.0300 0x1870  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe

08:22:22.0308 0x1870  Spooler - ok

08:22:22.0349 0x1870  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys

08:22:22.0360 0x1870  srv - ok

08:22:22.0393 0x1870  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

08:22:22.0399 0x1870  srv2 - ok

08:22:22.0422 0x1870  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

08:22:22.0427 0x1870  srvnet - ok

08:22:22.0445 0x1870  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

08:22:22.0454 0x1870  SSDPSRV - ok

08:22:22.0523 0x1870  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll

08:22:22.0530 0x1870  SstpSvc - ok

08:22:22.0573 0x1870  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll

08:22:22.0595 0x1870  stisvc - ok

08:22:22.0620 0x1870  [ FFB311EE7FA581E15FB002884575F068, CA6BC70C8C49BDB7815FE4DD2E0402D315F0BF7D3D81AC97BB3A00BA09CDFC13 ] SWDUMon         C:\Windows\system32\DRIVERS\SWDUMon.sys

08:22:22.0622 0x1870  SWDUMon - ok

08:22:22.0647 0x1870  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

08:22:22.0649 0x1870  swenum - ok

08:22:22.0693 0x1870  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll

08:22:22.0714 0x1870  swprv - ok

08:22:22.0732 0x1870  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys

08:22:22.0735 0x1870  Symc8xx - ok

08:22:22.0747 0x1870  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys

08:22:22.0750 0x1870  Sym_hi - ok

08:22:22.0765 0x1870  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys

08:22:22.0768 0x1870  Sym_u3 - ok

08:22:22.0822 0x1870  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll

08:22:22.0852 0x1870  SysMain - ok

08:22:22.0885 0x1870  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll

08:22:22.0893 0x1870  TabletInputService - ok

08:22:22.0928 0x1870  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll

08:22:22.0943 0x1870  TapiSrv - ok

08:22:22.0960 0x1870  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll

08:22:22.0967 0x1870  TBS - ok

08:22:23.0048 0x1870  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

08:22:23.0088 0x1870  Tcpip - ok

08:22:23.0139 0x1870  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys

08:22:23.0173 0x1870  Tcpip6 - ok

08:22:23.0215 0x1870  [ 95389980F70FC4990A4395A0B8BBE1D6, FB5CBC85733A4EC4FB9F210A5D4E5989F6A3F2995D895F5B41163CDFC04DB82C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

08:22:23.0217 0x1870  tcpipreg - ok

08:22:23.0251 0x1870  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

08:22:23.0253 0x1870  TDPIPE - ok

08:22:23.0265 0x1870  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

08:22:23.0268 0x1870  TDTCP - ok

08:22:23.0286 0x1870  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

08:22:23.0291 0x1870  tdx - ok

08:22:23.0307 0x1870  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

08:22:23.0310 0x1870  TermDD - ok

08:22:23.0348 0x1870  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll

08:22:23.0372 0x1870  TermService - ok

08:22:23.0398 0x1870  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll

08:22:23.0411 0x1870  Themes - ok

08:22:23.0428 0x1870  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll

08:22:23.0433 0x1870  THREADORDER - ok

08:22:23.0466 0x1870  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll

08:22:23.0474 0x1870  TrkWks - ok

08:22:23.0516 0x1870  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

08:22:23.0519 0x1870  TrustedInstaller - ok

08:22:23.0554 0x1870  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

08:22:23.0579 0x1870  tssecsrv - ok

08:22:23.0607 0x1870  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys

08:22:23.0609 0x1870  tunmp - ok

08:22:23.0641 0x1870  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

08:22:23.0660 0x1870  tunnel - ok

08:22:23.0683 0x1870  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

08:22:23.0701 0x1870  uagp35 - ok

08:22:23.0745 0x1870  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

08:22:23.0756 0x1870  udfs - ok

08:22:23.0785 0x1870  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

08:22:23.0791 0x1870  UI0Detect - ok

08:22:23.0808 0x1870  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

08:22:23.0812 0x1870  uliagpkx - ok

08:22:23.0836 0x1870  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys

08:22:23.0847 0x1870  uliahci - ok

08:22:23.0868 0x1870  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys

08:22:23.0873 0x1870  UlSata - ok

08:22:23.0891 0x1870  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys

08:22:23.0895 0x1870  ulsata2 - ok

08:22:23.0906 0x1870  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

08:22:23.0908 0x1870  umbus - ok

08:22:23.0931 0x1870  Update BrowseSmart - ok

08:22:23.0979 0x1870  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll

08:22:23.0989 0x1870  upnphost - ok

08:22:24.0023 0x1870  [ 8BF5D980CDCE35FB26F05047144BB57E, 8A770DD649FA0D6F574651E5525B983261B823C5778764598D89C453E68ED3F1 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys

08:22:24.0025 0x1870  USBAAPL - ok

08:22:24.0056 0x1870  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

08:22:24.0059 0x1870  usbccgp - ok

08:22:24.0078 0x1870  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

08:22:24.0081 0x1870  usbcir - ok

08:22:24.0158 0x1870  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

08:22:24.0160 0x1870  usbehci - ok

08:22:24.0209 0x1870  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

08:22:24.0216 0x1870  usbhub - ok

08:22:24.0248 0x1870  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys

08:22:24.0249 0x1870  usbohci - ok

08:22:24.0263 0x1870  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

08:22:24.0265 0x1870  usbprint - ok

08:22:24.0322 0x1870  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

08:22:24.0324 0x1870  usbscan - ok

08:22:24.0353 0x1870  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

08:22:24.0356 0x1870  USBSTOR - ok

08:22:24.0373 0x1870  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys

08:22:24.0375 0x1870  usbuhci - ok

08:22:24.0380 0x1870  Util BrowseSmart - ok

08:22:24.0403 0x1870  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll

08:22:24.0414 0x1870  UxSms - ok

08:22:24.0459 0x1870  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe

08:22:24.0476 0x1870  vds - ok

08:22:24.0495 0x1870  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

08:22:24.0497 0x1870  vga - ok

08:22:24.0512 0x1870  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys

08:22:24.0514 0x1870  VgaSave - ok

08:22:24.0528 0x1870  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys

08:22:24.0531 0x1870  viaagp - ok

08:22:24.0543 0x1870  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys

08:22:24.0546 0x1870  ViaC7 - ok

08:22:24.0573 0x1870  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys

08:22:24.0575 0x1870  viaide - ok

08:22:24.0594 0x1870  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

08:22:24.0598 0x1870  volmgr - ok

08:22:24.0639 0x1870  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

08:22:24.0653 0x1870  volmgrx - ok

08:22:24.0698 0x1870  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

08:22:24.0712 0x1870  volsnap - ok

08:22:24.0741 0x1870  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

08:22:24.0747 0x1870  vsmraid - ok

08:22:24.0815 0x1870  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe

08:22:24.0865 0x1870  VSS - ok

08:22:24.0898 0x1870  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll

08:22:24.0915 0x1870  W32Time - ok

08:22:24.0953 0x1870  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

08:22:24.0955 0x1870  WacomPen - ok

08:22:24.0969 0x1870  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys

08:22:24.0973 0x1870  Wanarp - ok

08:22:24.0981 0x1870  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

08:22:24.0985 0x1870  Wanarpv6 - ok

08:22:25.0034 0x1870  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

08:22:25.0057 0x1870  wcncsvc - ok

08:22:25.0089 0x1870  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

08:22:25.0099 0x1870  WcsPlugInService - ok

08:22:25.0115 0x1870  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys

08:22:25.0118 0x1870  Wd - ok

08:22:25.0185 0x1870  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

08:22:25.0224 0x1870  Wdf01000 - ok

08:22:25.0251 0x1870  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll

08:22:25.0259 0x1870  WdiServiceHost - ok

08:22:25.0267 0x1870  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll

08:22:25.0275 0x1870  WdiSystemHost - ok

08:22:25.0312 0x1870  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll

08:22:25.0325 0x1870  WebClient - ok

08:22:25.0367 0x1870  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll

08:22:25.0378 0x1870  Wecsvc - ok

08:22:25.0395 0x1870  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll

08:22:25.0403 0x1870  wercplsupport - ok

08:22:25.0444 0x1870  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll

08:22:25.0454 0x1870  WerSvc - ok

08:22:25.0520 0x1870  [ 72CC6A8CA7891031D6380DB5025C773C, 33D5021C3A2FE8E9F6E2C22F4777E1D82A6B3998EB857B618A3C8838D3C8B03E ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys

08:22:25.0549 0x1870  winachsf - ok

08:22:25.0611 0x1870  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll

08:22:25.0624 0x1870  WinDefend - ok

08:22:25.0641 0x1870  WinHttpAutoProxySvc - ok

08:22:25.0692 0x1870  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

08:22:25.0712 0x1870  Winmgmt - ok

08:22:25.0813 0x1870  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll

08:22:25.0870 0x1870  WinRM - ok

08:22:25.0950 0x1870  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE, 04374450882504D9031951F4E9317E5A128EBA5A22A3555ACD28BC742861AF9C ] WINUSB          C:\Windows\system32\DRIVERS\WinUSB.SYS

08:22:25.0952 0x1870  WINUSB - ok

08:22:26.0002 0x1870  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll

08:22:26.0029 0x1870  Wlansvc - ok

08:22:26.0132 0x1870  [ 6067ACEF367E79914AF628FA1E9B5330, 491A705267B48C103E00B26BBD21FA8829DB03A88343CBC27264CEE5DE8C8DEF ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

08:22:26.0142 0x1870  wlcrasvc - ok

08:22:26.0307 0x1870  [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

08:22:26.0391 0x1870  wlidsvc - ok

08:22:26.0426 0x1870  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

08:22:26.0428 0x1870  WmiAcpi - ok

08:22:26.0473 0x1870  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

08:22:26.0479 0x1870  wmiApSrv - ok

08:22:26.0572 0x1870  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe

08:22:26.0610 0x1870  WMPNetworkSvc - ok

08:22:26.0670 0x1870  [ A3BA4712EBF768EDFBCCEC09FA120B6F, 25A1E2FF64959E41F944BE69360BAFFE14E0D41566F5343795FB8D61C7DBE593 ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe

08:22:26.0683 0x1870  WMZuneComm - ok

08:22:26.0765 0x1870  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll

08:22:26.0776 0x1870  WPCSvc - ok

08:22:26.0813 0x1870  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

08:22:26.0822 0x1870  WPDBusEnum - ok

08:22:26.0886 0x1870  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys

08:22:26.0889 0x1870  WpdUsb - ok

08:22:27.0042 0x1870  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

08:22:27.0075 0x1870  WPFFontCache_v0400 - ok

08:22:27.0101 0x1870  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

08:22:27.0104 0x1870  ws2ifsl - ok

08:22:27.0167 0x1870  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll

08:22:27.0215 0x1870  wscsvc - ok

08:22:27.0222 0x1870  WSearch - ok

08:22:27.0381 0x1870  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll

08:22:27.0468 0x1870  wuauserv - ok

08:22:27.0547 0x1870  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

08:22:27.0551 0x1870  WudfPf - ok

08:22:27.0579 0x1870  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

08:22:27.0587 0x1870  WUDFRd - ok

08:22:27.0617 0x1870  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

08:22:27.0625 0x1870  wudfsvc - ok

08:22:27.0685 0x1870  [ DAB33CFA9DD24251AAA389FF36B64D4B, 1C5D7C3D6C3552BDD52EB7E76031746D7DAAF64CA2432CC23329DA72BE7252D0 ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys

08:22:27.0687 0x1870  XAudio - ok

08:22:27.0746 0x1870  [ CD5F291A1161F15896D1A4D63DAFF5DF, 4F30DC454F255249431FCD14DE17858A79A088A4084F2CEDD0CF25382D427285 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe

08:22:27.0764 0x1870  XAudioService - ok

08:22:27.0868 0x1870  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

08:22:27.0915 0x1870  YahooAUService - ok

08:22:28.0230 0x1870  [ 5BDCACD5B2B0FB972BC570E70F616ACF, 90DAA2A5E5733DDD0898544F82B1371065DBD8D181DAF2AF29767A39D35F3D1D ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe

08:22:28.0450 0x1870  ZuneNetworkSvc - ok

08:22:28.0543 0x1870  [ E22E48654A66AA3E24F4646C6BC1756C, 2F6DDFCD5E4271C605EDFAD460DF8D9CD0EE5998CF862F47EB3F108DB2A712D1 ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe

08:22:28.0556 0x1870  ZuneWlanCfgSvc - ok

08:22:28.0565 0x1870  {7f2b4ad0-671a-477b-bcd4-79d041f50d27}Gt - ok

08:22:28.0570 0x1870  ================ Scan global ===============================

08:22:28.0609 0x1870  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll

08:22:28.0650 0x1870  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll

08:22:28.0676 0x1870  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll

08:22:28.0724 0x1870  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe

08:22:28.0740 0x1870  [ Global ] - ok

08:22:28.0741 0x1870  ================ Scan MBR ==================================

08:22:28.0749 0x1870  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

08:22:28.0749 0x1870  Suspicious mbr (Forged): \Device\Harddisk0\DR0

08:22:28.0803 0x1870  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c ( 0 )

08:22:28.0803 0x1870  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected

08:22:33.0807 0x1870  ================ Scan VBR ==================================

08:22:33.0812 0x1870  [ D3AEAFC099DE39ACF2C59632D762CA79 ] \Device\Harddisk0\DR0\Partition1

08:22:33.0848 0x1870  \Device\Harddisk0\DR0\Partition1 - ok

08:22:33.0853 0x1870  [ EDDD22F4CDA52A543A7D270520AB4802 ] \Device\Harddisk0\DR0\Partition2

08:22:33.0896 0x1870  \Device\Harddisk0\DR0\Partition2 - ok

08:22:33.0896 0x1870  ================ Scan generic autorun ======================

08:22:33.0934 0x1870  [ 806DB5F4FC5185AFC608E881979CC25F, B4991488DB86C84D5B2EB7F900541CBB094A87877DD82CB39411B59DA174B3F2 ] C:\Windows\system32\igfxtray.exe

08:22:33.0942 0x1870  IgfxTray - ok

08:22:33.0973 0x1870  [ D4975555E91636FCF4809E51731F80D8, 5A24C4C38B3ADD25F04A9E327314B23F1A7C63C44C4EB78AC234049FBFB60217 ] C:\Windows\system32\hkcmd.exe

08:22:33.0982 0x1870  HotKeysCmds - ok

08:22:33.0997 0x1870  [ CD12A46AE81306C2F14B19A58E1058B0, 699573D9C5C109813EFDA73283F9274300888002239831073FB164F91640EF65 ] C:\Windows\system32\igfxpers.exe

08:22:34.0005 0x1870  Persistence - ok

08:22:34.0048 0x1870  [ 267B3A856E9F4DB1CABD4E6DB71E07D2, E384B0204375A8E9DCAFB3FD6E72442F3E9418812637F4EFA2653F946EBE8E26 ] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe

08:22:34.0049 0x1870  dscactivate - ok

08:22:34.0127 0x1870  [ 40B527681CA3CA2F6EC7851018509F29, 96FF9088B3EE32AB78679A4D91E05312448E03BFF03EE20A022B4791C2EBCB6D ] C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe

08:22:34.0158 0x1870  lxdxmon.exe - ok

08:22:34.0188 0x1870  [ AC38D80D713A573848B6AC1EE2F77229, 193FF021F63D00E0F67E38D58AC26CE422AD0F00252183920C02065A9A7D99A6 ] C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe

08:22:34.0197 0x1870  EzPrint - ok

08:22:34.0233 0x1870  [ 4048F9DA4BA3036A994185CE6A2B6C55, CB58574F3439FD51AEEA9B7046F4C54C85FA6355D89468674E0651DDD5DD6C64 ] C:\Program Files\Zune\ZuneLauncher.exe

08:22:34.0247 0x1870  Zune Launcher - ok

08:22:34.0304 0x1870  [ C26B09276755E0698B31CF0BAE0BF182, A95B567626C0573DF0F136818AA7E487BC4995552E9B7A041437539E49B99473 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

08:22:34.0307 0x1870  APSDaemon - ok

08:22:34.0397 0x1870  [ F4F7C86191A981C804326E2EF6F3604F, 1ECE05E643AFFB27A148A8B86615F6C167875EF29D6FF7E2FD15B8DCBE6B8A16 ] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

08:22:34.0399 0x1870  Adobe Reader Speed Launcher - ok

08:22:34.0477 0x1870  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

08:22:34.0538 0x1870  Adobe ARM - ok

08:22:34.0587 0x1870  [ 916A2C4EB028604783FD5EA169236C1D, C97DAA1BE5C912DDCEDBA7619631BB98F4A9B32B1E40C5374A64E25305E0A1C4 ] C:\Program Files\QuickTime\QTTask.exe

08:22:34.0606 0x1870  QuickTime Task - ok

08:22:34.0689 0x1870  [ F9C48B76DA59CF5FF2ED937B62F5ED39, BABC2638F6C92947C79C918DFD3E605B196672B23745226DFA64F68867B7C257 ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

08:22:34.0757 0x1870  AdobeAAMUpdater-1.0 - ok

08:22:34.0815 0x1870  [ E4401CF27225C1D6E664E86195978562, F572A2757C2A649E25F52F7071E6A2CCF298C60A8F2B15A0E2D800F890C4FD93 ] C:\Program Files\iTunes\iTunesHelper.exe

08:22:34.0838 0x1870  iTunesHelper - ok

08:22:34.0916 0x1870  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe

08:22:34.0956 0x1870  Windows Defender - ok

08:22:35.0057 0x1870  [ 54CB57442F5AC8BA5E98A7745D455C18, 362A87B8D5B7F5258301A6D5CD78D046F32DFD8826A2FDF6A0006A5695B389B3 ] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe

08:22:35.0082 0x1870  Ad-Aware Browsing Protection - ok

08:22:35.0128 0x1870  Ad-Aware Antivirus - ok

08:22:35.0591 0x1870  [ 7D62A43622ADFF6A08DB83801CF72C54, 90DD9178204666367E4191E424B59880CEB59867A18B08DD81A6EA80350DAA86 ] C:\Program Files\AVG\AVG2014\avgui.exe

08:22:35.0810 0x1870  AVG_UI - ok

08:22:35.0995 0x1870  [ 1DE859B82E381A645C44284A5044BC33, 305AE678D3163D57C8E027F94BC553FDFDE7F9A14599EAEC370B0867DE4A9EC2 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe

08:22:36.0011 0x1870  SunJavaUpdateSched - ok

08:22:36.0284 0x1870  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe

08:22:36.0409 0x1870  SDTray - ok

08:22:36.0571 0x1870  [ B871BE9CEB2C4D471DD1804482CE85A6, BD2F550ECD5FA5DE24BC24061DB9AA37B2B08100BD01CCB13C68B82317A1662E ] C:\Program Files\BlueStacks\HD-Agent.exe

08:22:36.0601 0x1870  BlueStacks Agent - ok

08:22:36.0821 0x1870  [ 3A8E5A6763024D6A15A85069BA82F2D1, 07C52D57D89111CFCEB4C9B44B8736E55EFC2FBB469ABA601F831EFA6681BC31 ] C:\Program Files\Windows Live\Messenger\msnmsgr.exe

08:22:36.0932 0x1870  msnmsgr - ok

08:22:37.0195 0x1870  [ BC121F6E4432CBB79129201C191674AD, 6B00DC0682327B70B17E8CF23FA145A16189D110E61EFA0A82D0549813AAF315 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

08:22:37.0490 0x1870  SUPERAntiSpyware - ok

08:22:38.0161 0x1870  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\RAC\AppData\Local\Google\Update\GoogleUpdate.exe

08:22:38.0210 0x1870  Google Update - ok

08:22:38.0367 0x1870  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe

08:22:38.0380 0x1870  WMPNSCFG - ok

08:22:38.0408 0x1870  [ 4B555106290BD117334E9A08761C035A, 8A3808FBC197040BF0C65084514E8441E35FFFF8E31980F9CE1F41ED65E08437 ] C:\Windows\system32\rundll32.exe

08:22:38.0417 0x1870  NextLive - ok

08:22:38.0420 0x1870  Browser Infrastructure Helper - ok

08:22:38.0442 0x1870  SlimCleaner Plus - ok

08:22:38.0442 0x1870  Weather - ok

08:22:38.0475 0x1870  swg - ok

08:22:38.0475 0x1870  DW6 - ok

08:22:38.0513 0x1870  Exetender - ok

08:22:38.0514 0x1870  lime pro - ok

08:22:38.0518 0x1870  SearchEngineProtection - ok

08:22:38.0522 0x1870  ares - ok

08:22:38.0527 0x1870  uTorrent - ok

08:22:38.0560 0x1870  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\RAC\AppData\Local\Google\Update\GoogleUpdate.exe

08:22:38.0565 0x1870  Google Update - ok

08:22:38.0798 0x1870  ROC_ROC_APR2013_AV - ok

08:22:38.0881 0x1870  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe

08:22:38.0888 0x1870  WMPNSCFG - ok

08:22:39.0440 0x1870  [ B1949628130F192DA27FDBAEA516BB6E, 13E5A2EBF0FDAB29CEA1E7FAEB3141233198D9A28353BDBB6FDB03602BE32AC6 ] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe

08:22:39.0688 0x1870  Spybot-S&D Cleaning - ok

08:22:39.0697 0x1870  Waiting for KSN requests completion. In queue: 25

08:22:40.0697 0x1870  Waiting for KSN requests completion. In queue: 25

08:22:41.0697 0x1870  Waiting for KSN requests completion. In queue: 25

08:22:42.0697 0x1870  Waiting for KSN requests completion. In queue: 25

08:22:43.0697 0x1870  Waiting for KSN requests completion. In queue: 25

08:22:44.0697 0x1870  Waiting for KSN requests completion. In queue: 25

08:22:45.0860 0x1870  AV detected via SS2: AVG AntiVirus Free Edition 2014, C:\Program Files\AVG\AVG2014\avgwsc.exe ( 14.0.0.4745 ), 0x41000 ( enabled : updated )

08:22:45.0890 0x1870  AV detected via SS2: Lavasoft Ad-Aware, C:\Program Files\Ad-Aware Antivirus\SBAMWSC.EXE ( 10.5.3.4405 ), 0x40000 ( disabled : updated )

08:22:45.0895 0x1870  FW detected via SS2: Lavasoft Ad-Aware, C:\Program Files\Ad-Aware Antivirus\SBAMWSC.EXE ( 10.5.3.4405 ), 0x40010 ( disabled )

08:22:45.0931 0x1870  Win FW state via NFP2: enabled

08:22:50.0716 0x1870  ============================================================

08:22:50.0716 0x1870  Scan finished

08:22:50.0716 0x1870  ============================================================

08:22:50.0734 0x0290  Detected object count: 1

08:22:50.0735 0x0290  Actual detected object count: 1

08:22:59.0813 0x0290  \Device\Harddisk0\DR0\# - copied to quarantine

08:22:59.0815 0x0290  \Device\Harddisk0\DR0 - copied to quarantine

08:22:59.0851 0x0290  \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine

08:22:59.0853 0x0290  \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

08:22:59.0858 0x0290  \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine

08:22:59.0861 0x0290  \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine

08:22:59.0870 0x0290  \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine

08:22:59.0877 0x0290  \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine

08:22:59.0879 0x0290  \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine

08:22:59.0881 0x0290  \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine

08:22:59.0883 0x0290  \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

08:22:59.0943 0x0290  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

08:22:59.0991 0x0290  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

08:23:00.0008 0x0290  \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine

08:23:00.0076 0x0290  \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine

08:23:00.0077 0x0290  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Quarantine 

08:23:12.0391 0x0fc8  Deinitialize success
Link to post
Share on other sites

ComboFix 14-08-19.01 - Justin 08/19/2014   8:59.1.2 - x86

Microsoft® Windows Vista™ Home Basic   6.0.6002.2.1252.1.1033.18.2036.849 [GMT -4:00]

Running from: c:\users\Justin\Desktop\ComboFix.exe

AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}

FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}

SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}

SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\LP

c:\program files\LP\BABA\6894.tmp

c:\program files\LP\BABA\C7EF.tmp

c:\program files\LP\BABA\CAEC.tmp

c:\program files\LP\BABA\E3BA.tmp

c:\program files\LP\BABA\F779.tmp

c:\program files\puredefmusic\toolbar

c:\program files\puredefmusic\toolbar\Settings\s_pid.dat

c:\program files\QuestBasic

c:\programdata\b98c4d0c97c488508a7b4d9a99b37daf_c

c:\programdata\QuestBasic

c:\programdata\SPL20D3.tmp

c:\programdata\SPLAE57.tmp

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_kfgaibfbmkjgmimhbbaikfnpkkjkpoan_0

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_kfgaibfbmkjgmimhbbaikfnpkkjkpoan_0\7

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lndipknmjijnalnkamonmljeaojdbpna_0

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lndipknmjijnalnkamonmljeaojdbpna_0\9

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\background.html

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\chromeCoreFilesIndex.txt

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\crossriderManifest.json

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\manifest.xml

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins.json

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\1_base.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\102_dealply_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\104_jollywallet_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\13_CrossriderAppUtils.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\14_CrossriderUtils.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\17_jQuery.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\177_crossriderDashboard.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\182_openUrl.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\183_tabsWrapper.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\184_noproblemppc_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\19_CHAppAPIWrapper.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\191_ciuvo_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\207_dbWrapper.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\21_debug.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\217_similar_products_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\22_resources.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\223_imonomy_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\226_set_campaign_id_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\28_initializer.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\4_jquery_1_7_1.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\47_resources_background.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\64_appApiMessage.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\7_hooks.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\72_appApiValidation.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\78_CrossriderInfo.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\80_CHPopupAppAPI.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\9_search_engine_hook.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\91_monetizationLoader.js.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\93_superfish_no_coupons_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\97_resourceApiWrapper.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\userCode\background.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\userCode\extension.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\icons\actions\1.png

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\icons\icon128.png

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\icons\icon16.png

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\icons\icon48.png

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\api\chrome.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\api\cookie.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\api\message.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\api\monitor.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\api\pageAction.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\api\pageActionBG.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\background.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\app_api.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\bg_app_api.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\consts.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\cookie_store.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\crossriderAPI.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\delegate.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\events.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\extensionDataStore.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\installer.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\logFile.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\logging.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\onBGDocumentLoad.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\popupResource\newPopup.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\popupResource\popup.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\reports.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\storageWrapper.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\updateManager.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\util.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\lib\xhr.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\main.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\js\platformVersion.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\manifest.json

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\popup.html

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\background.html

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\chromeCoreFilesIndex.txt

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\crossriderManifest.json

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\manifest.xml

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins.json

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\1_base.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\102_dealply_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\103_intext_5_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\104_jollywallet_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\13_CrossriderAppUtils.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\14_CrossriderUtils.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\17_jQuery.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\177_crossriderDashboard.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\178_revizer_ws_dynamic_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\179_revizer_p_dynamic_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\180_bpo_serp_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\182_openUrl.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\183_tabsWrapper.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\184_noproblemppc_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\19_CHAppAPIWrapper.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\190_pops_5_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\191_ciuvo_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\195_icm_convertmedia_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\207_dbWrapper.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\21_debug.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\22_resources.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\220_icm_base_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\221_icm_downloads_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\223_imonomy_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\28_initializer.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\4_jquery_1_7_1.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\47_resources_background.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\64_appApiMessage.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\7_hooks.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\72_appApiValidation.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\78_CrossriderInfo.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\80_CHPopupAppAPI.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\9_search_engine_hook.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\91_monetizationLoader.js.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\93_superfish_no_coupons_m.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\97_resourceApiWrapper.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\userCode\background.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\userCode\extension.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\icons\actions\1.png

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\icons\icon128.png

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\icons\icon16.png

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\icons\icon48.png

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\api\chrome.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\api\cookie.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\api\message.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\api\monitor.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\api\pageAction.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\api\pageActionBG.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\background.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\app_api.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\bg_app_api.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\consts.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\cookie_store.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\crossriderAPI.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\delegate.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\events.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\extensionDataStore.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\installer.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\logFile.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\logging.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\onBGDocumentLoad.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\popupResource\newPopup.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\popupResource\popup.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\reports.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\storageWrapper.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\updateManager.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\util.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\lib\xhr.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\main.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\js\platformVersion.js

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\manifest.json

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\popup.html

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kfgaibfbmkjgmimhbbaikfnpkkjkpoan

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\000080.ldb

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\000110.log

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\CURRENT

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\LOCK

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\LOG

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\LOG.old

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\MANIFEST-000108

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lndipknmjijnalnkamonmljeaojdbpna

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lndipknmjijnalnkamonmljeaojdbpna\000107.ldb

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lndipknmjijnalnkamonmljeaojdbpna\000112.ldb

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lndipknmjijnalnkamonmljeaojdbpna\000113.log

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lndipknmjijnalnkamonmljeaojdbpna\CURRENT

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lndipknmjijnalnkamonmljeaojdbpna\LOCK

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lndipknmjijnalnkamonmljeaojdbpna\LOG

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lndipknmjijnalnkamonmljeaojdbpna\LOG.old

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lndipknmjijnalnkamonmljeaojdbpna\MANIFEST-000111

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kfgaibfbmkjgmimhbbaikfnpkkjkpoan_0.localstorage

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lndipknmjijnalnkamonmljeaojdbpna_0.localstorage-journal

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lndipknmjijnalnkamonmljeaojdbpna_0.localstorage

c:\users\Justin\AppData\Local\Google\Chrome\User Data\Default\Preferences

c:\users\Public\RemoveSGP.exe

c:\users\Public\RemoveSGP0.exe

c:\users\RAC\AppData\Local\common_functions.dll

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_kfgaibfbmkjgmimhbbaikfnpkkjkpoan_0

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_kfgaibfbmkjgmimhbbaikfnpkkjkpoan_0\25

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lndipknmjijnalnkamonmljeaojdbpna_0

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lndipknmjijnalnkamonmljeaojdbpna_0\24

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kfgaibfbmkjgmimhbbaikfnpkkjkpoan

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\000003.log

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\CURRENT

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\LOCK

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\LOG

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\MANIFEST-000002

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lndipknmjijnalnkamonmljeaojdbpna

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lndipknmjijnalnkamonmljeaojdbpna\000005.ldb

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lndipknmjijnalnkamonmljeaojdbpna\000015.log

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lndipknmjijnalnkamonmljeaojdbpna\CURRENT

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lndipknmjijnalnkamonmljeaojdbpna\LOCK

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lndipknmjijnalnkamonmljeaojdbpna\LOG

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lndipknmjijnalnkamonmljeaojdbpna\LOG.old

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lndipknmjijnalnkamonmljeaojdbpna\MANIFEST-000013

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kfgaibfbmkjgmimhbbaikfnpkkjkpoan_0.localstorage

c:\users\RAC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lndipknmjijnalnkamonmljeaojdbpna_0.localstorage

c:\users\RAC\AppData\Local\ie_runner_app.exe

c:\users\RAC\AppData\Local\nsfB3D8.tmp

c:\users\RAC\AppData\Local\TempDIR

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome.manifest

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\asyncDB.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\background.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\browserAction.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\contextMenu.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\dbManager.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\dom_bg.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\fileManager.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\firefox.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\firefoxNotifications.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\firefoxOmnibox.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\message.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\pageAction.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\request.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\tabs.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\webRequest.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\windowsMessagingHandler.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\background.html

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\baseObject.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\browser.xul

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\addressBarChangeObserver.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\console.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\consts.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\delegate.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\extensionDataStore.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\folderIOWrapper.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\httpObserver.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\IDBWrapper.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\installer.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\logFile.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\prefs.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\progressListenerObserver.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\registry.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\reloadObserver.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\reports.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\requestObject.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\searchSettings.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\uninstallObserver.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\updateManager.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\utils.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\xhr.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\ffCoreFilesIndex.txt

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\main.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\options.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\options.xul

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\platformVersion.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\search_dialog.xul

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\defaults\preferences\prefs.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\manifest.xml

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins.json

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\1_base.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\102_dealply_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\103_intext_5_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\104_jollywallet_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\119_similar_web_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\123_intext_adv_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\13_CrossriderAppUtils.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\14_CrossriderUtils.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\16_FFAppAPIWrapper.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\17_jQuery.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\177_crossriderDashboard.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\178_revizer_ws_dynamic_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\179_revizer_p_dynamic_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\180_bpo_serp_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\182_openUrl.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\183_tabsWrapper.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\184_noproblemppc_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\190_pops_5_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\191_ciuvo_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\195_icm_convertmedia_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\207_dbWrapper.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\21_debug.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\22_resources.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\220_icm_base_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\221_icm_downloads_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\223_imonomy_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\242_price_gong_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\246_setup.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\28_initializer.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\4_jquery_1_7_1.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\47_resources_background.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\64_appApiMessage.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\7_hooks.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\72_appApiValidation.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\78_CrossriderInfo.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\9_search_engine_hook.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\91_monetizationLoader.js.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\93_superfish_no_coupons_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\98_omniCommands.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\userCode\background.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\userCode\extension.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\install.rdf

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\locale\en-US\translations.dtd

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\button1.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\button2.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\button3.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\button4.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\button5.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\crossrider_statusbar.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\icon128.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\icon16.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\icon24.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\icon48.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\panelarrow-up.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\popup.html

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\skin.css

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\update.css

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome.manifest

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\api.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\api\asyncDB.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\api\background.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\api\browserAction.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\api\contextMenu.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\api\dbManager.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\api\dom_bg.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\api\fileManager.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\api\firefox.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\api\firefoxNotifications.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\api\firefoxOmnibox.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\api\message.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\api\pageAction.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\api\request.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\api\tabs.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\api\webRequest.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\api\windowsMessagingHandler.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\background.html

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\baseObject.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\browser.xul

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\addressBarChangeObserver.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\console.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\consts.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\delegate.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\extensionDataStore.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\folderIOWrapper.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\httpObserver.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\IDBWrapper.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\installer.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\logFile.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\prefs.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\progressListenerObserver.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\registry.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\reloadObserver.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\reports.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\requestObject.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\searchSettings.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\uninstallObserver.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\updateManager.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\utils.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\core\xhr.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\ffCoreFilesIndex.txt

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\main.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\options.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\options.xul

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\platformVersion.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\chrome\content\search_dialog.xul

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\defaults\preferences\prefs.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\manifest.xml

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins.json

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\1_base.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\102_dealply_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\104_jollywallet_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\13_CrossriderAppUtils.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\14_CrossriderUtils.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\16_FFAppAPIWrapper.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\17_jQuery.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\177_crossriderDashboard.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\182_openUrl.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\183_tabsWrapper.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\184_noproblemppc_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\191_ciuvo_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\207_dbWrapper.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\21_debug.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\217_similar_products_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\22_resources.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\223_imonomy_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\226_set_campaign_id_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\242_price_gong_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\245_engageya_overlay_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\246_setup.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\28_initializer.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\4_jquery_1_7_1.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\47_resources_background.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\64_appApiMessage.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\7_hooks.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\72_appApiValidation.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\78_CrossriderInfo.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\9_search_engine_hook.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\91_monetizationLoader.js.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\93_superfish_no_coupons_m.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\98_omniCommands.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\userCode\background.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\userCode\extension.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\install.rdf

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\locale\en-US\translations.dtd

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\skin\button1.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\skin\button2.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\skin\button3.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\skin\button4.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\skin\button5.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\skin\crossrider_statusbar.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\skin\icon128.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\skin\icon16.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\skin\icon24.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\skin\icon48.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\skin\panelarrow-up.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\skin\popup.html

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\skin\skin.css

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\skin\update.css

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome.manifest
Link to post
Share on other sites

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\api.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\api\asyncDB.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\api\background.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\api\browserAction.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\api\contextMenu.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\api\dbManager.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\api\dom_bg.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\api\fileManager.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\api\firefox.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\api\firefoxNotifications.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\api\firefoxOmnibox.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\api\message.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\api\pageAction.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\api\request.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\api\tabs.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\api\webRequest.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\api\windowsMessagingHandler.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\background.html

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\baseObject.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\browser.xul

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\addressBarChangeObserver.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\console.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\consts.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\delegate.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\extensionDataStore.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\folderIOWrapper.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\httpObserver.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\IDBWrapper.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\installer.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\logFile.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\prefs.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\progressListenerObserver.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\registry.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\reloadObserver.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\reports.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\requestObject.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\searchSettings.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\uninstallObserver.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\updateManager.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\utils.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\core\xhr.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\dialog.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\ffCoreFilesIndex.txt

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\main.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\options.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\options.xul

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\platformVersion.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\chrome\content\search_dialog.xul

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\defaults\preferences\prefs.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\manifest.xml

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins.json

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\1_base.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\1000014_GPL Plugin (Loader).js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\1000015_GPL Background (BG).js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\13_CrossriderAppUtils.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\14_CrossriderUtils.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\16_FFAppAPIWrapper.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\17_jQuery.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\177_crossriderDashboard.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\182_openUrl.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\183_tabsWrapper.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\207_dbWrapper.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\21_debug.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\22_resources.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\28_initializer.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\4_jquery_1_7_1.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\47_resources_background.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\64_appApiMessage.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\72_appApiValidation.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\78_CrossriderInfo.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\plugins\98_omniCommands.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\userCode\background.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\extensionData\userCode\extension.js

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\install.rdf

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\locale\en-US\translations.dtd

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\skin\button1.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\skin\button2.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\skin\button3.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\skin\button4.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\skin\button5.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\skin\crossrider_statusbar.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\skin\icon128.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\skin\icon16.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\skin\icon24.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\skin\icon48.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\skin\panelarrow-up.png

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\skin\popup.html

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\skin\skin.css

c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\crossriderapp12759@crossrider.com\skin\update.css

c:\users\RAC\AppData\Roaming\WordExtra\teMP.dat

c:\windows\Installer\{a91807f3-bc51-d71c-eefe-8807493b10b5}\@

c:\windows\Installer\{a91807f3-bc51-d71c-eefe-8807493b10b5}\L\00000004.@

c:\windows\Installer\{a91807f3-bc51-d71c-eefe-8807493b10b5}\L\201d3dde

c:\windows\Installer\{a91807f3-bc51-d71c-eefe-8807493b10b5}\L\4cce1f70

c:\windows\Installer\{a91807f3-bc51-d71c-eefe-8807493b10b5}\L\76603ac3

c:\windows\Installer\{a91807f3-bc51-d71c-eefe-8807493b10b5}\U\00000004.@

c:\windows\Installer\{a91807f3-bc51-d71c-eefe-8807493b10b5}\U\00000008.@

c:\windows\Installer\{a91807f3-bc51-d71c-eefe-8807493b10b5}\U\000000cb.@

c:\windows\Installer\{a91807f3-bc51-d71c-eefe-8807493b10b5}\U\80000000.@

c:\windows\Installer\{a91807f3-bc51-d71c-eefe-8807493b10b5}\U\80000032.@

c:\windows\system32\Cache

c:\windows\system32\Cache\00c8885502528c42.fb

c:\windows\system32\Cache\075884af680ff6dc.fb

c:\windows\system32\Cache\227113dfa1ca894d.fb

c:\windows\system32\Cache\49fbbc5a8678d502.fb

c:\windows\system32\Cache\4a6f7f7a2b4834fe.fb

c:\windows\system32\Cache\5c54eb1a1655b076.fb

c:\windows\system32\Cache\5c63b18b49d36552.fb

c:\windows\system32\Cache\613e8ce7ab7106af.fb

c:\windows\system32\Cache\633a76311867bd11.fb

c:\windows\system32\Cache\691f14230153a9e1.fb

c:\windows\system32\Cache\6cb409d7ac73d9f1.fb

c:\windows\system32\Cache\7614bd6cfa99e546.fb

c:\windows\system32\Cache\77664b6ccc36be9f.fb

c:\windows\system32\Cache\881b3593316772f0.fb

c:\windows\system32\Cache\941a9fdf53812bcd.fb

c:\windows\system32\Cache\98657d0579ae1930.fb

c:\windows\system32\Cache\d5c0f4e7bbe35bf3.fb

c:\windows\system32\Cache\d9ca663388d21ec0.fb

c:\windows\system32\Cache\f1521994586b08eb.fb

c:\windows\system32\Cache\f2cda51fd108941f.fb

c:\windows\system32\Cache\f34d8db84131d925.fb

c:\windows\system32\Cache\fcc6f7786a810969.fb

c:\windows\XSxS

.

.

(((((((((((((((((((((((((   Files Created from 2014-07-19 to 2014-08-19  )))))))))))))))))))))))))))))))

.

.

2014-08-19 13:15 . 2014-08-19 13:15 -------- d-----w- c:\users\RAC\AppData\Local\temp

2014-08-19 13:15 . 2014-08-19 13:15 -------- d-----w- c:\users\Default\AppData\Local\temp

2014-08-19 13:15 . 2014-08-19 13:15 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp

2014-08-19 12:22 . 2014-08-19 12:22 -------- d-----w- C:\TDSSKiller_Quarantine

2014-08-19 08:53 . 2014-08-19 09:01 -------- d-----w- C:\FRST

2014-08-17 05:35 . 2014-08-17 05:46 -------- d-----w- c:\program files\Audacity

2014-08-15 06:39 . 2014-08-15 06:39 522 ----a-w- C:\cleanup.bat

2014-08-15 06:34 . 2014-08-15 06:34 -------- d-----w- c:\users\Justin\AppData\Local\Avg

2014-08-15 06:11 . 2014-08-15 06:39 -------- d-----w- C:\AVG_SysInfo

2014-08-13 07:12 . 2014-06-26 22:17 99480 ----a-w- c:\windows\system32\infocardapi.dll

2014-08-13 07:12 . 2014-06-26 22:17 8856 ----a-w- c:\windows\system32\icardres.dll

2014-08-13 07:12 . 2014-06-26 22:17 619664 ----a-w- c:\windows\system32\icardagt.exe

2014-08-13 07:12 . 2014-06-06 04:28 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe

2014-08-10 08:31 . 2014-08-10 08:31 319456 ----a-w- c:\windows\DIFxAPI.dll

2014-08-09 05:18 . 2014-08-09 05:18 -------- d-----w- c:\program files\Common Files\Lavasoft

2014-08-09 05:17 . 2014-08-09 05:17 -------- d-----w- c:\users\Justin\AppData\Roaming\LavasoftStatistics

2014-08-08 20:44 . 2014-08-08 20:44 -------- d-----w- c:\program files\Mozilla Maintenance Service

2014-08-07 23:38 . 2014-08-07 23:38 -------- d-----w- c:\users\Justin\.android

2014-08-07 23:28 . 2014-08-07 23:29 -------- d-----w- c:\programdata\BlueStacks

2014-08-07 23:28 . 2014-08-07 23:29 -------- d-----w- c:\program files\BlueStacks

2014-08-07 23:24 . 2014-08-07 23:24 -------- d-----w- c:\users\Justin\AppData\Local\Bluestacks

2014-08-07 03:04 . 2014-08-07 03:04 -------- d-----w- c:\users\Justin\AppData\Local\Adobe

2014-08-02 15:27 . 2014-08-15 23:33 -------- d-----w- c:\users\Justin\jagexcache

2014-08-02 05:06 . 2013-09-20 14:49 18968 ----a-w- c:\windows\system32\sdnclean.exe

2014-08-02 05:06 . 2014-08-19 12:47 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2014-08-02 05:05 . 2014-08-02 10:54 -------- d-----w- c:\program files\Spybot - Search & Destroy 2

2014-08-02 04:07 . 2014-08-02 04:07 -------- d-----w- c:\program files\Common Files\Java

2014-08-02 04:06 . 2014-07-11 07:02 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2014-08-02 02:34 . 2014-06-02 10:30 937472 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2014-08-02 02:34 . 2014-04-26 16:01 502784 ----a-w- c:\windows\system32\usp10.dll

2014-08-02 02:34 . 2014-04-05 03:23 915392 ----a-w- c:\windows\system32\drivers\tcpip.sys

2014-08-02 02:34 . 2014-04-05 01:49 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2014-08-02 02:34 . 2014-06-06 08:59 506880 ----a-w- c:\windows\system32\qedit.dll

2014-08-02 02:34 . 2014-05-30 06:53 273408 ----a-w- c:\windows\system32\drivers\afd.sys

2014-08-02 02:34 . 2014-03-10 01:22 1401344 ----a-w- c:\windows\system32\msxml6.dll

2014-08-02 02:34 . 2014-03-10 01:22 1248768 ----a-w- c:\windows\system32\msxml3.dll

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-08-19 11:07 . 2014-03-10 19:06 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys

2014-08-09 05:17 . 2013-06-25 15:47 44424 ----a-w- c:\windows\system32\sbbd.exe

2014-08-09 05:17 . 2013-06-25 15:47 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys

2014-08-07 01:42 . 2012-08-24 18:48 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2014-08-07 01:42 . 2011-06-12 13:06 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2014-06-30 16:43 . 2014-06-30 16:43 121624 ----a-w- c:\windows\system32\drivers\avgdiskx.sys

2014-06-17 20:22 . 2014-06-17 20:22 188696 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2014-06-17 20:21 . 2014-06-17 20:21 197400 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2014-06-17 20:18 . 2014-06-17 20:18 241944 ----a-w- c:\windows\system32\drivers\avglogx.sys

2014-06-17 20:17 . 2014-06-17 20:17 147736 ----a-w- c:\windows\system32\drivers\avgidshx.sys

2014-06-17 20:06 . 2014-06-17 20:06 199960 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys

2014-06-17 20:06 . 2014-06-17 20:06 98584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2014-06-17 20:06 . 2014-06-17 20:06 27416 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2014-06-17 20:06 . 2014-06-17 20:06 21272 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

2013-02-11 10:47 87464 ----a-w- c:\program files\adawaretb\adawareDx.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files\adawaretb\adawareDx.dll" [2013-02-11 87464]

.

[HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

"Spybot-S&D Cleaning"="c:\program files\Spybot - Search & Destroy 2\SDCleaner.exe" [2014-06-24 4566952]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Ad-Aware Antivirus"="c:\program files\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-04-22 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-04-22 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-04-22 133656]

"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]

"lxdxmon.exe"="c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe" [2008-03-20 668328]

"EzPrint"="c:\program files\Lexmark 3600-4600 Series\ezprint.exe" [2008-03-20 107176]

"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2010-11-11 159472]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888]

"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]

"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2013-05-15 554408]

"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2014-08-11 5187088]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-07-11 256896]

"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]

"BlueStacks Agent"="c:\program files\BlueStacks\HD-Agent.exe" [2014-07-23 835288]

.

c:\users\RAC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-7-15 1226024]

.

c:\users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-7-15 1226024]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-9-29 50688]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-7-15 1226024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]

@="Ad-Aware Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]

S2 Ad-Aware Service;Ad-Aware Service;c:\program files\Ad-Aware Antivirus\AdAwareService.exe [2013-06-13 1236336]

S2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-09-23 171600]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 40189072

*NewlyCreated* - 46947405

*NewlyCreated* - 63522267

*Deregistered* - 40189072

*Deregistered* - 46947405

*Deregistered* - 63522267

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ    PLA DPS BFE mpssvc

LocalServiceAndNoImpersonation REG_MULTI_SZ    FontCache

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-08-13 05:25 1104200 ----a-w- c:\program files\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2014-08-17 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-24 01:42]

.

2014-08-19 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job

- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-08-02 15:52]

.

2014-08-19 c:\windows\Tasks\DriverUpdate Startup.job

- c:\program files\DriverUpdate\DriverUpdate.exe [2014-01-15 14:00]

.

2014-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2014-08-08 05:15]

.

2014-08-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2014-08-08 05:15]

.

2014-08-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3272686857-3468428945-150708638-1000Core.job

- c:\users\RAC\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-31 03:54]

.

2014-08-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3272686857-3468428945-150708638-1000UA.job

- c:\users\RAC\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-31 03:54]

.

2014-08-13 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job

- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2014-08-02 14:41]

.

2014-08-02 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job

- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2014-08-02 14:42]

.

2012-09-19 c:\windows\Tasks\User_Feed_Synchronization-{B1CE7117-A96E-4E1E-B62F-5A61453D78B3}.job

- c:\windows\system32\msfeedssync.exe [2014-08-12 17:48]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X0KDOEhEk0ltGEXK0fPnC1SpNg5g2-iFyL99wBcuK_6H9lyFC3n5rcm6KZnCkEY3ATaXcvVpDW81gr5HHgCl2V96iuddIk5onAfrevtmiX7RB3WGRo4Dxpy3Zq0wh60Ew,,

mStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080929

uInternet Settings,ProxyServer =

uSearchAssistant = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X0KDOEhEk0ltGEXK0fPnC1SpNg5g2-iFyL99wBcuK_6H9lyFC3n5rcm6KZnCkEY3ATWZygivJbJRU1UuNGvkUOvLQwNx8ZooCSnoz43_zWYDxKn8F-Fh0v5a0s-n4knhQ,,&q={searchTerms}

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{A9E48C68-6CC4-4C13-ACD4-794241AB6C26}: NameServer = 8.8.8.8,8.8.4.4

TCP: Interfaces\{d8932e52-6a6f-11db-b6ab-806e6f6e6963}: NameServer = 8.8.8.8,8.8.4.4

FF - ProfilePath - c:\users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\

FF - prefs.js: browser.search.selectedEngine - Web Search

FF - prefs.js: browser.startup.homepage - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X0KDOEhEk0ltGEXK0fPnC1SpNg5g2-iFyL99wBcuK_6H9lyFC3n5rcm6KZnCkEY3ATaXcvVpDW81gr5HHgCl2V96iuddIk5onAfrevtmiX7RB3WGRo4Dxpy3Zq0wh60Ew,,

FF - prefs.js: keyword.URL - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X0KDOEhEk0ltGEXK0fPnC1SpNg5g2-iFyL99wBcuK_6H9lyFC3n5rcm6KZnCkEY3ATWZygivJbJRU1UuNGvkUOvLQwNx8ZooCSnoz43_zWYDxKn8F-Fh0v5a0s-n4knhQ,,&q=

FF - prefs.js: network.proxy.type - 0

FF - user.js: extensions.incredibar_i.newTab - false

FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8vCCpiym&loc=IB_TB&i=26&search=

FF - user.js: extensions.incredibar_i.id - a45cdac800000000000000219b0a8bab

FF - user.js: extensions.incredibar_i.instlDay - 15502

FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14

FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14

FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1420:00

FF - user.js: extensions.incredibar_i.prtnrId - Incredibar

FF - user.js: extensions.incredibar_i.prdct - incredibar

FF - user.js: extensions.incredibar_i.aflt - orgnl

FF - user.js: extensions.incredibar_i.smplGrp - none

FF - user.js: extensions.incredibar_i.tlbrId - base

FF - user.js: extensions.incredibar_i.instlRef - 

FF - user.js: extensions.incredibar_i.dfltLng - 

FF - user.js: extensions.incredibar_i.excTlbr - false

FF - user.js: extensions.incredibar_i.ms_url_id - 

FF - user.js: extensions.incredibar_i.upn2 - 6R8vCCpiym

FF - user.js: extensions.incredibar_i.upn2n - 92824513978311474

FF - user.js: extensions.incredibar_i.productid - 26

FF - user.js: extensions.incredibar_i.installerproductid - 26

FF - user.js: extensions.incredibar_i.did - 10643

FF - user.js: extensions.incredibar_i.ppd - 1

.

- - - - ORPHANS REMOVED - - - -

.

BHO-{C4B8BAB4-1667-11DF-A242-BA9455D89593} - (no file)

BHO-{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - c:\program files\Connect_DLC_5\prxtbConn.dll

Toolbar-10 - (no file)

Toolbar-!{f92a9fe4-2850-4198-b9d5-279880e49b16} - (no file)

Toolbar-{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - c:\program files\Connect_DLC_5\prxtbConn.dll

Toolbar-Locked - (no file)

WebBrowser-{9565115D-C7D6-46D3-BD63-B67B481A4368} - (no file)

WebBrowser-{E30A55B9-F1B7-43A4-B3F6-EC90CDC4FE60} - (no file)

WebBrowser-{F92A9FE4-2850-4198-B9D5-279880E49B16} - (no file)

HKCU-Run-Weather - c:\program files\AWS\WeatherBug\Weather.exe

HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

HKCU-Run-DW6 - c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe

HKCU-Run-Exetender - c:\program files\Free Ride Games\GPlayer.exe

HKCU-Run-lime pro - c:\program files\Lime PRO\LimePro.exe

HKCU-Run-SearchEngineProtection - c:\program files\Gamesbar\SearchEngineProtection.exe

HKCU-Run-ares - c:\program files\Ares\ares.exe

HKCU-Run-uTorrent - c:\program files\uTorrent\uTorrent.exe

HKCU-Run-ROC_ROC_APR2013_AV - c:\users\Justin\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe

HKU-Default-Run-DelayShred - c:\progra~1\mcafee\mshr\ShrCL.EXE

Notify-SDWinLogon - SDWinLogon.dll

SafeBoot-WudfPf

SafeBoot-WudfRd

SafeBoot-mcmscsvc

SafeBoot-MCODS

AddRemove-Activeris AntiMalware_is1 - c:\program files\Activeris AntiMalware\unins000.exe

AddRemove-c52af551-5989-49d4-9374-4af7fdb61f23 - c:\progra~2\INSTAL~2\{6DA10~1\Setup.exe

AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}\bm_installer.exe

AddRemove-{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} - c:\program files\SUPERAntiSpyware\Uninstall.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2014-08-19 09:20

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ...  

.

scanning hidden autostart entries ... 

.

scanning hidden files ...  

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Completion time: 2014-08-19  09:32:03

ComboFix-quarantined-files.txt  2014-08-19 13:32

.

Pre-Run: 23,751,090,176 bytes free

Post-Run: 25,574,322,176 bytes free

.

- - End Of File - - 1F00531989EBA8056D98A6440A641DC9

5C616939100B85E558DA92B899A0FC36

Link to post
Share on other sites

Combofix scripting

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Download the attached CFScript.txt and save it to the location where Combofix is saved to.


CFScriptB-4.gif


Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

CFScript.txt

Link to post
Share on other sites

ComboFix 14-08-19.01 - Justin 08/19/2014  20:10:37.2.2 - x86

Microsoft® Windows Vista™ Home Basic   6.0.6002.2.1252.1.1033.18.2036.1057 [GMT -4:00]

Running from: c:\users\Justin\Desktop\ComboFix.exe

Command switches used :: c:\users\Justin\Desktop\CFScript.txt

AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}

FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}

SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}

SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 * Created a new restore point

.

.

(((((((((((((((((((((((((   Files Created from 2014-07-20 to 2014-08-20  )))))))))))))))))))))))))))))))

.

.

2014-08-20 00:24 . 2014-08-20 00:24 -------- d-----w- c:\users\Justin\AppData\Local\temp

2014-08-20 00:24 . 2014-08-20 00:24 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp

2014-08-20 00:24 . 2014-08-20 00:24 -------- d-----w- c:\users\RAC\AppData\Local\temp

2014-08-20 00:24 . 2014-08-20 00:24 -------- d-----w- c:\users\Default\AppData\Local\temp

2014-08-19 12:22 . 2014-08-19 12:22 -------- d-----w- C:\TDSSKiller_Quarantine

2014-08-19 08:53 . 2014-08-19 09:01 -------- d-----w- C:\FRST

2014-08-17 05:35 . 2014-08-17 05:46 -------- d-----w- c:\program files\Audacity

2014-08-15 06:39 . 2014-08-15 06:39 522 ----a-w- C:\cleanup.bat

2014-08-15 06:34 . 2014-08-15 06:34 -------- d-----w- c:\users\Justin\AppData\Local\Avg

2014-08-15 06:11 . 2014-08-15 06:39 -------- d-----w- C:\AVG_SysInfo

2014-08-13 07:12 . 2014-06-26 22:17 99480 ----a-w- c:\windows\system32\infocardapi.dll

2014-08-13 07:12 . 2014-06-26 22:17 8856 ----a-w- c:\windows\system32\icardres.dll

2014-08-13 07:12 . 2014-06-26 22:17 619664 ----a-w- c:\windows\system32\icardagt.exe

2014-08-13 07:12 . 2014-06-06 04:28 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe

2014-08-10 08:31 . 2014-08-10 08:31 319456 ----a-w- c:\windows\DIFxAPI.dll

2014-08-09 05:18 . 2014-08-09 05:18 -------- d-----w- c:\program files\Common Files\Lavasoft

2014-08-09 05:17 . 2014-08-09 05:17 -------- d-----w- c:\users\Justin\AppData\Roaming\LavasoftStatistics

2014-08-08 20:44 . 2014-08-08 20:44 -------- d-----w- c:\program files\Mozilla Maintenance Service

2014-08-07 23:38 . 2014-08-07 23:38 -------- d-----w- c:\users\Justin\.android

2014-08-07 23:28 . 2014-08-07 23:29 -------- d-----w- c:\programdata\BlueStacks

2014-08-07 23:28 . 2014-08-07 23:29 -------- d-----w- c:\program files\BlueStacks

2014-08-07 23:24 . 2014-08-07 23:24 -------- d-----w- c:\users\Justin\AppData\Local\Bluestacks

2014-08-07 03:04 . 2014-08-07 03:04 -------- d-----w- c:\users\Justin\AppData\Local\Adobe

2014-08-02 15:27 . 2014-08-15 23:33 -------- d-----w- c:\users\Justin\jagexcache

2014-08-02 05:06 . 2013-09-20 14:49 18968 ----a-w- c:\windows\system32\sdnclean.exe

2014-08-02 05:06 . 2014-08-19 12:47 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2014-08-02 05:05 . 2014-08-02 10:54 -------- d-----w- c:\program files\Spybot - Search & Destroy 2

2014-08-02 04:07 . 2014-08-02 04:07 -------- d-----w- c:\program files\Common Files\Java

2014-08-02 04:06 . 2014-07-11 07:02 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2014-08-02 02:34 . 2014-06-02 10:30 937472 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2014-08-02 02:34 . 2014-04-26 16:01 502784 ----a-w- c:\windows\system32\usp10.dll

2014-08-02 02:34 . 2014-04-05 03:23 915392 ----a-w- c:\windows\system32\drivers\tcpip.sys

2014-08-02 02:34 . 2014-04-05 01:49 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2014-08-02 02:34 . 2014-06-06 08:59 506880 ----a-w- c:\windows\system32\qedit.dll

2014-08-02 02:34 . 2014-05-30 06:53 273408 ----a-w- c:\windows\system32\drivers\afd.sys

2014-08-02 02:34 . 2014-03-10 01:22 1401344 ----a-w- c:\windows\system32\msxml6.dll

2014-08-02 02:34 . 2014-03-10 01:22 1248768 ----a-w- c:\windows\system32\msxml3.dll

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-08-19 11:07 . 2014-03-10 19:06 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys

2014-08-09 05:17 . 2013-06-25 15:47 44424 ----a-w- c:\windows\system32\sbbd.exe

2014-08-09 05:17 . 2013-06-25 15:47 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys

2014-08-07 01:42 . 2012-08-24 18:48 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2014-08-07 01:42 . 2011-06-12 13:06 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2014-06-30 16:43 . 2014-06-30 16:43 121624 ----a-w- c:\windows\system32\drivers\avgdiskx.sys

2014-06-17 20:22 . 2014-06-17 20:22 188696 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2014-06-17 20:21 . 2014-06-17 20:21 197400 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2014-06-17 20:18 . 2014-06-17 20:18 241944 ----a-w- c:\windows\system32\drivers\avglogx.sys

2014-06-17 20:17 . 2014-06-17 20:17 147736 ----a-w- c:\windows\system32\drivers\avgidshx.sys

2014-06-17 20:06 . 2014-06-17 20:06 199960 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys

2014-06-17 20:06 . 2014-06-17 20:06 98584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2014-06-17 20:06 . 2014-06-17 20:06 27416 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2014-06-17 20:06 . 2014-06-17 20:06 21272 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

2013-02-11 10:47 87464 ----a-w- c:\program files\adawaretb\adawareDx.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files\adawaretb\adawareDx.dll" [2013-02-11 87464]

.

[HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

"Spybot-S&D Cleaning"="c:\program files\Spybot - Search & Destroy 2\SDCleaner.exe" [2014-06-24 4566952]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Ad-Aware Antivirus"="c:\program files\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-04-22 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-04-22 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-04-22 133656]

"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]

"lxdxmon.exe"="c:\program files\Lexmark 3600-4600 Series\lxdxmon.exe" [2008-03-20 668328]

"EzPrint"="c:\program files\Lexmark 3600-4600 Series\ezprint.exe" [2008-03-20 107176]

"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2010-11-11 159472]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888]

"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]

"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2013-05-15 554408]

"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2014-08-11 5187088]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-07-11 256896]

"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]

"BlueStacks Agent"="c:\program files\BlueStacks\HD-Agent.exe" [2014-07-23 835288]

.

c:\users\RAC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-7-15 1226024]

.

c:\users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-7-15 1226024]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-9-29 50688]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-7-15 1226024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]

@="Ad-Aware Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]

S2 Ad-Aware Service;Ad-Aware Service;c:\program files\Ad-Aware Antivirus\AdAwareService.exe [2013-06-13 1236336]

S2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-09-23 171600]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 40189072

*NewlyCreated* - 46947405

*NewlyCreated* - 63522267

*Deregistered* - 40189072

*Deregistered* - 46947405

*Deregistered* - 63522267

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ   PLA DPS BFE mpssvc

LocalServiceAndNoImpersonation REG_MULTI_SZ   FontCache

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-08-13 05:25 1104200 ----a-w- c:\program files\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2014-08-17 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-24 01:42]

.

2014-08-19 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job

- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-08-02 15:52]

.

2014-08-19 c:\windows\Tasks\DriverUpdate Startup.job

- c:\program files\DriverUpdate\DriverUpdate.exe [2014-01-15 14:00]

.

2014-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2014-08-08 05:15]

.

2014-08-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2014-08-08 05:15]

.

2014-08-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3272686857-3468428945-150708638-1000Core.job

- c:\users\RAC\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-31 03:54]

.

2014-08-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3272686857-3468428945-150708638-1000UA.job

- c:\users\RAC\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-31 03:54]

.

2014-08-13 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job

- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2014-08-02 14:41]

.

2014-08-02 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job

- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2014-08-02 14:42]

.

2012-09-19 c:\windows\Tasks\User_Feed_Synchronization-{B1CE7117-A96E-4E1E-B62F-5A61453D78B3}.job

- c:\windows\system32\msfeedssync.exe [2014-08-12 17:48]

.

.

------- Supplementary Scan -------

.

mStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080929

uInternet Settings,ProxyServer =

uSearchAssistant = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X0KDOEhEk0ltGEXK0fPnC1SpNg5g2-iFyL99wBcuK_6H9lyFC3n5rcm6KZnCkEY3ATWZygivJbJRU1UuNGvkUOvLQwNx8ZooCSnoz43_zWYDxKn8F-Fh0v5a0s-n4knhQ,,&q={searchTerms}

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{A9E48C68-6CC4-4C13-ACD4-794241AB6C26}: NameServer = 8.8.8.8,8.8.4.4

TCP: Interfaces\{d8932e52-6a6f-11db-b6ab-806e6f6e6963}: NameServer = 8.8.8.8,8.8.4.4

FF - ProfilePath - c:\users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\

FF - prefs.js: network.proxy.type - 0

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2014-08-19 20:24

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ...  

.

scanning hidden autostart entries ... 

.

scanning hidden files ...  

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Completion time: 2014-08-19  20:35:17

ComboFix-quarantined-files.txt  2014-08-20 00:35

ComboFix2.txt  2014-08-19 13:32

.

Pre-Run: 25,634,025,472 bytes free

Post-Run: 26,859,495,424 bytes free

.

- - End Of File - - 7AA05EE57CD3BF563FBB215FD483864A

5C616939100B85E558DA92B899A0FC36
Link to post
Share on other sites

Malwarebytes Anti-Malware

www.malwarebytes.org

 

 

Protection, 8/19/2014 8:42:28 PM, SYSTEM, HOME, Protection, Malware Protection, Starting, 

Protection, 8/19/2014 8:42:28 PM, SYSTEM, HOME, Protection, Malware Protection, Started, 

Protection, 8/19/2014 8:42:28 PM, SYSTEM, HOME, Protection, Malicious Website Protection, Starting, 

Protection, 8/19/2014 8:43:36 PM, SYSTEM, HOME, Protection, Malicious Website Protection, Started, 

Update, 8/19/2014 8:44:25 PM, SYSTEM, HOME, Manual, Rootkit Database, 2014.2.20.1, 2014.8.16.1, 

Update, 8/19/2014 8:44:41 PM, SYSTEM, HOME, Manual, Malware Database, 2014.3.4.9, 2014.8.19.10, 

Protection, 8/19/2014 8:44:53 PM, SYSTEM, HOME, Protection, Refresh, Starting, 

Protection, 8/19/2014 8:44:53 PM, SYSTEM, HOME, Protection, Malicious Website Protection, Stopping, 

Protection, 8/19/2014 8:44:53 PM, SYSTEM, HOME, Protection, Malicious Website Protection, Stopped, 

Protection, 8/19/2014 8:45:00 PM, SYSTEM, HOME, Protection, Refresh, Success, 

Protection, 8/19/2014 8:45:00 PM, SYSTEM, HOME, Protection, Malicious Website Protection, Starting, 

Protection, 8/19/2014 8:45:00 PM, SYSTEM, HOME, Protection, Malicious Website Protection, Started, 

 

(end)

Link to post
Share on other sites

is it this?

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 8/20/2014
Scan Time: 3:15:55 AM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.08.20.02
Rootkit Database: v2014.08.16.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: Justin
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 349553
Time Elapsed: 21 min, 44 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 36
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\radio, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\radio\css, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\radio\images, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\default, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\default\images, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\default\scripts, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\images, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\uwa, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton\icons, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton\panels, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton\panels\images, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\options, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\searchbar, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.MediaBar.A, C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\2nhy2ugw.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\components, , [08ca3791e398de58a3c96e5ac2403bc5], 
PUP.Optional.FunWebProducts.A, C:\Users\Justin\AppData\LocalLow\FunWebProducts, , [6a68ddebd2a977bf8523d0f823df49b7], 
PUP.Optional.FunWebProducts.A, C:\Users\Justin\AppData\LocalLow\FunWebProducts\Shared, , [6a68ddebd2a977bf8523d0f823df49b7], 
PUP.Optional.FunWebProducts.A, C:\Users\Justin\AppData\LocalLow\FunWebProducts\Shared\Cache, , [6a68ddebd2a977bf8523d0f823df49b7], 
PUP.Optional.FunWebProducts.A, C:\Users\RAC\AppData\LocalLow\FunWebProducts, , [c30fc008aad1a69014942f99778b55ab], 
PUP.Optional.FunWebProducts.A, C:\Users\RAC\AppData\LocalLow\FunWebProducts\Installr, , [c30fc008aad1a69014942f99778b55ab], 
PUP.Optional.FunWebProducts.A, C:\Users\RAC\AppData\LocalLow\FunWebProducts\Installr\Cache, , [c30fc008aad1a69014942f99778b55ab], 
PUP.Optional.FunWebProducts.A, C:\Users\RAC\AppData\LocalLow\FunWebProducts\ScreenSaver, , [c30fc008aad1a69014942f99778b55ab], 
PUP.Optional.FunWebProducts.A, C:\Users\RAC\AppData\LocalLow\FunWebProducts\ScreenSaver\Images, , [c30fc008aad1a69014942f99778b55ab], 
PUP.Optional.FunWebProducts.A, C:\Users\RAC\AppData\LocalLow\FunWebProducts\ScreenSaver\Images\101x135, , [c30fc008aad1a69014942f99778b55ab], 
PUP.Optional.FunWebProducts.A, C:\Users\RAC\AppData\LocalLow\FunWebProducts\Shared, , [c30fc008aad1a69014942f99778b55ab], 
PUP.Optional.LuckySavings.A, C:\Users\Justin\AppData\Local\Lucky Savings, , [9c363d8b017a8caa8daaa32755ad22de], 
PUP.Optional.LuckySavings.A, C:\Users\Justin\AppData\Local\Lucky Savings\Chrome, , [9c363d8b017a8caa8daaa32755ad22de], 
PUP.Optional.LuckySavings.A, C:\Program Files\Lucky Savings, , [18ba28a094e737ff87b105c5679b25db], 
PUP.Optional.Adpeak, C:\Program Files\Level Quality Watcher, , [9042c6021368dc5a75a107cb768c9b65], 
PUP.Optional.Adpeak, C:\Program Files\Level Quality Watcher\v1.01, , [9042c6021368dc5a75a107cb768c9b65], 
PUP.Optional.Goobzo, C:\Program Files\Common Files\Goobzo, , [c40e04c4fa8145f119b3e8f7ca38e31d], 
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

Yes.

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

Link to post
Share on other sites

C:\Program Files\adawaretb\adawareDx.dll a variant of Win32/Toolbar.Visicom.B potentially unwanted application

C:\Program Files\adawaretb\adawaretb.dll a variant of Win32/Toolbar.Visicom.A potentially unwanted application

C:\Program Files\adawaretb\dtUser.exe a variant of Win32/Toolbar.Visicom.C potentially unwanted application

C:\Program Files\HyperCam 2\hctoolbar.exe Win32/Somoto.F potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\102_dealply_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\104_jollywallet_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\184_noproblemppc_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\191_ciuvo_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\217_similar_products_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\223_imonomy_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\226_set_campaign_id_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\91_monetizationLoader.js.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.156_0\extensionData\plugins\93_superfish_no_coupons_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\102_dealply_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\103_intext_5_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\104_jollywallet_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\178_revizer_ws_dynamic_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\179_revizer_p_dynamic_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\180_bpo_serp_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\184_noproblemppc_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\190_pops_5_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\191_ciuvo_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\195_icm_convertmedia_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\221_icm_downloads_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\223_imonomy_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\91_monetizationLoader.js.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.19_0\extensionData\plugins\93_superfish_no_coupons_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\195_icm_convertmedia_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\221_icm_downloads_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\242_price_gong_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\91_monetizationLoader.js.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\93_superfish_no_coupons_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\242_price_gong_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\54je98ra.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\91_monetizationLoader.js.js.vir JS/Toolbar.Crossrider.B potentially unwanted application

C:\Qoobox\Quarantine\C\Users\RAC\AppData\Roaming\WordExtra\teMP.dat.vir a variant of Win32/AdWare.Toolbar.AmyBar.A application

C:\TDSSKiller_Quarantine\19.08.2014_08.21.40\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan

C:\TDSSKiller_Quarantine\19.08.2014_08.21.40\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan

C:\TDSSKiller_Quarantine\19.08.2014_08.21.40\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan

C:\TDSSKiller_Quarantine\19.08.2014_08.21.40\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.NH trojan

C:\TDSSKiller_Quarantine\19.08.2014_08.21.40\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan

C:\TDSSKiller_Quarantine\19.08.2014_08.21.40\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan

C:\TDSSKiller_Quarantine\19.08.2014_08.21.40\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan

C:\Users\Justin\AppData\LocalLow\adawaretb\adawaretb.dll a variant of Win32/Toolbar.Visicom.A potentially unwanted application

C:\Users\Justin\AppData\LocalLow\adawaretb\dtUser.exe a variant of Win32/Toolbar.Visicom.C potentially unwanted application

C:\Users\Justin\AppData\LocalLow\A_Free_Ride_Games_Bar\ldrtbA_Fr.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application

C:\Users\Justin\AppData\LocalLow\A_Free_Ride_Games_Bar\tbA_Fr.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application

C:\Users\Justin\AppData\LocalLow\A_Free_Ride_Games_Bar\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll a variant of Win32/PriceGong.A potentially unwanted application

C:\Users\Justin\Downloads\ccsetup416pro.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application

Link to post
Share on other sites

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[s1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.





SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.